Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2E1A02ECD6B11EFB1EF3B61762E951A.roa
File: A2E1A02ECD6B11EFB1EF3B61762E951A.roa (raw, json)
Hash identifier: +RPpvou5ExCi/obdCaEo31tjljKvvxk/x7mqBrrGcKk=
Subject key identifier: 89:2E:30:89:3D:70:C3:C3:CD:C3:FD:35:54:C8:D6:8C:82:9D:9E:D4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF6B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2E1A02ECD6B11EFB1EF3B61762E951A.roa
Signing time: Wed 08 Jan 2025 02:52:45 +0000
ROA not before: Wed 08 Jan 2025 02:52:41 +0000
ROA not after: Mon 13 Dec 2027 02:52:41 +0000
asID: 17561
IP address blocks: 156.248.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65387 (0xff6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 02:52:41 2025 GMT
Not After : Dec 13 02:52:41 2027 GMT
Subject: CN=677de87d-0aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:18:2a:6d:3a:09:38:a2:2c:89:de:fd:72:51:
6d:53:9c:d0:00:8e:eb:3a:32:84:d4:e9:cf:db:94:
a9:29:12:7f:37:3b:69:0c:9f:b6:cc:27:db:99:b6:
f2:cd:5b:d0:0a:16:5c:77:c4:07:12:e8:2b:fd:5a:
5e:c9:85:e0:99:03:5e:fc:81:ee:2a:9a:8a:af:bc:
2f:27:e7:f5:8d:24:34:eb:8c:aa:3c:09:f5:2d:a6:
e4:6b:80:55:b0:63:71:6e:cc:4b:bc:40:85:e6:fd:
78:39:d1:4b:d7:7c:a8:90:b8:21:f4:47:b3:fa:98:
fc:54:c3:45:11:3b:f9:ee:c0:02:9b:69:2f:2d:59:
04:73:83:2e:9a:58:c1:fb:14:e8:01:45:da:ca:85:
01:9e:fe:9c:76:6d:bd:f0:96:35:cc:83:c0:26:c6:
98:91:db:12:a2:34:8a:b5:e3:a0:ec:49:d2:09:95:
7e:b2:24:e4:67:7e:b1:e1:3d:d6:1c:3b:f2:86:ca:
5e:3e:d8:89:6a:c0:1b:0b:6e:89:93:37:94:d0:3a:
ff:5a:50:96:2f:aa:7f:a8:ec:ec:96:f3:1a:e9:04:
d2:6b:83:99:05:70:a7:6a:4b:da:49:34:2e:bf:24:
b1:52:67:bd:42:71:4e:04:90:43:99:92:85:1f:c1:
7b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2E:30:89:3D:70:C3:C3:CD:C3:FD:35:54:C8:D6:8C:82:9D:9E:D4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A2E1A02ECD6B11EFB1EF3B61762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.7.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:39:47:a1:5d:b7:ac:26:94:cf:f3:fc:d1:6b:4f:c4:d3:a6:
82:61:54:53:3d:9f:a1:55:ce:14:48:c5:7a:9d:b1:a6:4d:28:
dd:5a:39:ca:c7:95:3d:de:4a:0d:bf:02:84:84:a1:25:65:cb:
e1:4e:2b:d7:fc:42:27:52:df:c4:c4:8b:43:6d:93:12:c2:d3:
d5:38:d4:69:44:a8:15:7e:c8:41:22:1e:45:1b:a6:14:c0:4c:
1c:fb:96:74:88:46:ef:27:a4:5e:ea:93:24:89:01:f4:d1:0f:
23:12:be:c7:37:2a:f4:09:28:1c:ae:b2:11:0c:bc:39:fb:b3:
7a:40:3e:81:dd:f3:1b:d0:a3:e5:c2:6c:2c:60:db:42:f0:48:
2a:3a:0c:ca:05:e8:33:86:0c:5b:d6:39:0c:ac:52:9d:0e:a3:
8d:8d:db:09:2d:b8:d8:89:92:65:29:1d:46:4d:fb:9a:ec:8c:
a1:33:b0:6d:81:46:35:8d:cc:8b:73:9b:38:c1:56:72:0a:df:
93:67:85:86:f8:e8:96:4c:7d:5e:eb:df:07:b4:cf:44:27:ea:
29:28:2a:73:d4:e7:86:ad:59:b5:20:5c:1a:b6:cb:84:ed:87:
95:9e:00:78:11:29:84:66:53:3e:e5:87:8f:7a:1f:03:c5:80:
07:a8:bd:fe
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP9rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDI1MjQxWhcNMjcxMjEzMDI1MjQxWjAYMRYw
FAYDVQQDEw02NzdkZTg3ZC0wYWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwRgqbToJOKIsid79clFtU5zQAI7rOjKE1OnP25SpKRJ/NztpDJ+2zCfb
mbbyzVvQChZcd8QHEugr/VpeyYXgmQNe/IHuKpqKr7wvJ+f1jSQ064yqPAn1Labk
a4BVsGNxbsxLvECF5v14OdFL13yokLgh9Eez+pj8VMNFETv57sACm2kvLVkEc4Mu
mljB+xToAUXayoUBnv6cdm298JY1zIPAJsaYkdsSojSKteOg7EnSCZV+siTkZ36x
4T3WHDvyhspePtiJasAbC26JkzeU0Dr/WlCWL6p/qOzslvMa6QTSa4OZBXCnakva
STQuvySxUme9QnFOBJBDmZKFH8F7JwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIku
MIk9cMPDzcP9NVTI1oyCnZ7UMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMkUxQTAyRUNENkIxMUVGQjFFRjNCNjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPgHMA0GCSqGSIb3DQEBCwUA
A4IBAQCgOUehXbesJpTP8/zRa0/E06aCYVRTPZ+hVc4USMV6nbGmTSjdWjnKx5U9
3koNvwKEhKElZcvhTivX/EInUt/ExItDbZMSwtPVONRpRKgVfshBIh5FG6YUwEwc
+5Z0iEbvJ6Re6pMkiQH00Q8jEr7HNyr0CSgcrrIRDLw5+7N6QD6B3fMb0KPlwmws
YNtC8EgqOgzKBegzhgxb1jkMrFKdDqONjdsJLbjYiZJlKR1GTfua7IyhM7BtgUY1
jcyLc5s4wVZyCt+TZ4WG+OiWTH1e698HtM9EJ+opKCpz1OeGrVm1IFwatsuE7YeV
ngB4ESmEZlM+5YePeh8DxYAHqL3+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:45 2025 by rpki-client