Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7BACFE4EB8911EFAF8D5A95762E951A.roa
File: A7BACFE4EB8911EFAF8D5A95762E951A.roa (raw, json)
Hash identifier: 0xdqV/SifU8Pdn5NmwoS/JpHwN6Fg/8zJrhUYGSj8ZE=
Subject key identifier: E9:08:16:52:AC:53:E7:9E:EC:25:32:70:BC:DB:A5:0D:CD:15:D0:F0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012447
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7BACFE4EB8911EFAF8D5A95762E951A.roa
Signing time: Sat 15 Feb 2025 10:43:13 +0000
ROA not before: Sat 15 Feb 2025 10:43:09 +0000
ROA not after: Sat 22 Feb 2025 10:43:09 +0000
asID: 152700
IP address blocks: 156.228.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74823 (0x12447)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 15 10:43:09 2025 GMT
Not After : Feb 22 10:43:09 2025 GMT
Subject: CN=67b06fc1-6f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:af:95:8b:16:02:d6:4f:09:b2:13:51:ce:87:
58:91:2a:2b:e9:d6:9c:7b:7e:1c:90:3e:f7:8a:b5:
ae:6d:6c:56:6a:da:c2:f3:6d:ff:38:48:67:53:a0:
f3:5f:df:11:f5:be:a1:f7:31:76:cf:70:74:07:22:
ec:70:3d:35:5f:ea:43:b3:35:26:e2:0e:88:d0:8f:
40:38:8d:fb:1d:7f:16:91:3b:b0:49:96:b5:73:d2:
41:15:66:10:85:30:c1:bb:4c:21:0b:74:c8:34:a0:
70:93:cb:68:0c:a1:b6:32:9f:61:89:53:b2:15:c1:
ba:da:94:3f:d1:74:3a:a8:56:ee:8f:b4:c1:55:ca:
28:ad:04:c4:ec:f8:8c:1b:2d:2e:30:00:f0:64:3c:
79:cc:d0:24:53:b2:d6:05:d8:82:f1:45:ad:4e:bf:
da:5e:9d:c0:df:e1:2c:c7:d8:25:13:42:37:cc:ac:
d6:8c:c1:de:34:3d:c7:38:2e:17:28:f8:82:7d:f6:
f6:2c:a2:68:1c:ad:82:16:75:10:ea:a5:cc:9d:5c:
c4:99:30:70:79:29:42:e4:b3:78:a6:2b:06:e8:fd:
e8:5d:4e:02:0f:f3:b1:14:ad:09:14:90:d7:c5:0f:
cb:76:33:78:f3:61:68:1f:85:4e:f2:6e:b5:db:4f:
95:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:08:16:52:AC:53:E7:9E:EC:25:32:70:BC:DB:A5:0D:CD:15:D0:F0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7BACFE4EB8911EFAF8D5A95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:8b:47:a8:c2:e7:9e:d7:07:62:2c:ee:fe:77:71:c6:b3:da:
55:29:5e:ec:ab:cc:0e:70:4e:5c:66:37:27:97:98:b4:ce:cf:
60:a5:59:ca:c1:4a:ea:d1:7f:5b:30:b7:a8:39:46:d0:b9:7b:
eb:46:b5:a2:38:a7:c5:94:5d:b3:54:97:0a:b3:88:2d:52:7e:
eb:ce:b0:61:86:a2:07:fc:a0:5c:c7:3c:97:2a:93:ca:74:3f:
b3:90:12:97:0a:90:e9:81:a0:45:b7:a5:bd:1c:da:ca:17:21:
5f:76:a9:b5:15:58:95:db:df:53:87:9b:9c:cf:6c:05:49:d3:
db:c7:8b:ab:f4:6a:e0:dd:d3:46:02:5d:6e:e3:5c:bd:a5:ff:
e3:45:51:c8:fe:12:e1:45:04:57:c1:2d:de:21:4a:42:61:4c:
f6:ad:6a:56:6c:69:4a:26:e0:a5:e9:4b:08:7c:7d:51:7f:97:
6a:81:c4:6f:44:eb:e4:10:b5:2e:d5:f4:c2:45:5f:28:ea:35:
4d:aa:02:23:b7:16:44:e1:47:5e:6e:15:11:a8:b9:81:c8:a5:
77:09:04:b1:ce:cf:34:43:77:f1:17:33:11:be:55:bb:36:4e:
f8:07:00:7a:e8:3e:27:85:ce:0f:9f:5e:9c:95:1d:3f:b3:53:
54:a7:47:77
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASRHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjE1MTA0MzA5WhcNMjUwMjIyMTA0MzA5WjAYMRYw
FAYDVQQDEw02N2IwNmZjMS02ZjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy6+VixYC1k8JshNRzodYkSor6dace34ckD73irWubWxWatrC823/OEhn
U6DzX98R9b6h9zF2z3B0ByLscD01X+pDszUm4g6I0I9AOI37HX8WkTuwSZa1c9JB
FWYQhTDBu0whC3TINKBwk8toDKG2Mp9hiVOyFcG62pQ/0XQ6qFbuj7TBVcoorQTE
7PiMGy0uMADwZDx5zNAkU7LWBdiC8UWtTr/aXp3A3+Esx9glE0I3zKzWjMHeND3H
OC4XKPiCffb2LKJoHK2CFnUQ6qXMnVzEmTBweSlC5LN4pisG6P3oXU4CD/OxFK0J
FJDXxQ/LdjN482FoH4VO8m6120+VZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOkI
FlKsU+ee7CUycLzbpQ3NFdDwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BN0JBQ0ZFNEVCODkxMUVGQUY4RDVBOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOR/MA0GCSqGSIb3DQEBCwUA
A4IBAQAci0eowuee1wdiLO7+d3HGs9pVKV7sq8wOcE5cZjcnl5i0zs9gpVnKwUrq
0X9bMLeoOUbQuXvrRrWiOKfFlF2zVJcKs4gtUn7rzrBhhqIH/KBcxzyXKpPKdD+z
kBKXCpDpgaBFt6W9HNrKFyFfdqm1FViV299Th5ucz2wFSdPbx4ur9Grg3dNGAl1u
41y9pf/jRVHI/hLhRQRXwS3eIUpCYUz2rWpWbGlKJuCl6UsIfH1Rf5dqgcRvROvk
ELUu1fTCRV8o6jVNqgIjtxZE4UdebhURqLmByKV3CQSxzs80Q3fxFzMRvlW7Nk74
BwB66D4nhc4Pn16clR0/s1NUp0d3
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:48:36 2025 by rpki-client