Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A91075F4CCD211EF9FE0A28C762E951A.roa
File: A91075F4CCD211EF9FE0A28C762E951A.roa (raw, json)
Hash identifier: eHrKWAv26Q4NBsBi/VQoMZLft93nVebPtiEUcrTQ1gc=
Subject key identifier: 1B:29:09:CC:0D:75:34:7C:B4:72:BB:E2:BA:58:D8:13:82:86:4A:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAE2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A91075F4CCD211EF9FE0A28C762E951A.roa
Signing time: Tue 07 Jan 2025 08:37:42 +0000
ROA not before: Tue 07 Jan 2025 08:37:39 +0000
ROA not after: Mon 13 Dec 2027 08:37:39 +0000
asID: 17561
IP address blocks: 156.233.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64226 (0xfae2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:37:39 2025 GMT
Not After : Dec 13 08:37:39 2027 GMT
Subject: CN=677ce7d6-35fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:25:6a:6f:a5:8c:78:85:e7:77:5d:41:69:76:
21:8a:41:ab:bd:c3:2b:35:67:58:5a:0b:1b:e1:62:
13:aa:19:de:80:b2:31:aa:a7:27:26:a9:9b:0a:f1:
87:b0:eb:26:2e:f2:67:78:bc:04:2d:38:ae:8c:36:
cd:e5:95:d0:84:64:ed:7c:66:a3:95:ec:9b:6e:aa:
52:27:dc:f6:fe:e7:5f:50:8b:92:43:98:0c:c2:6c:
94:97:b0:67:ff:88:5e:94:78:d7:be:b6:48:c9:f4:
65:5b:a5:9b:92:72:df:cf:f6:25:f7:ca:ae:d8:f7:
88:43:0b:64:af:ad:b0:b6:04:d7:34:43:95:59:f6:
d1:dc:24:b8:04:05:2b:6a:27:79:17:b4:00:e1:e6:
20:cf:1b:d2:79:73:23:00:7b:71:59:22:72:f0:5c:
f4:50:37:0c:73:e6:ad:ef:f5:a5:18:46:32:c2:b4:
ef:95:e5:d3:3b:cf:7d:68:31:0a:c8:ef:5c:fc:dc:
80:f7:c6:01:31:29:34:6e:02:b2:5c:3d:93:fc:12:
51:49:c3:c9:9f:c5:c9:93:97:32:a3:86:43:07:b5:
bd:e0:6f:61:e0:23:9a:3e:5d:de:c3:05:dc:ae:28:
8a:fd:8d:96:e1:c5:b2:f1:ea:cf:a6:fb:1d:e3:b4:
a9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:29:09:CC:0D:75:34:7C:B4:72:BB:E2:BA:58:D8:13:82:86:4A:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A91075F4CCD211EF9FE0A28C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.160.0/24
Signature Algorithm: sha256WithRSAEncryption
36:98:43:04:37:96:be:39:05:22:23:0e:4a:87:da:a2:20:19:
cb:4f:ed:01:bc:d5:6f:a6:28:a2:8f:21:ad:73:05:3e:db:2b:
39:19:4b:38:35:e7:13:d3:72:a4:0d:c4:5b:25:2f:82:fa:6d:
ed:37:f3:4c:ff:d3:9f:c1:6c:7f:fc:ff:d1:e3:5d:df:af:38:
f9:d0:93:be:cb:90:61:4e:29:41:1e:48:6b:59:0d:2e:fa:51:
d8:a1:dd:5e:20:36:15:07:5d:2d:cb:3d:cf:3d:7e:4e:00:66:
2a:4d:bf:a9:d8:86:66:27:9a:a7:71:9a:e1:99:12:57:01:b1:
d0:69:54:e6:76:12:0e:8a:0e:d6:61:45:f6:a6:b3:81:c8:a9:
16:b1:3c:4f:47:68:bf:9c:40:c5:6b:f2:a1:78:ed:70:f1:ef:
7e:42:d6:cc:6d:21:bf:72:b5:ae:cf:9d:b2:2f:7c:54:17:ef:
73:10:87:88:9a:7c:36:69:2d:ec:af:c2:a8:b1:04:35:66:fb:
27:06:1d:19:ec:59:a4:b5:ac:2c:af:ee:c5:44:0e:f2:59:a8:
ab:24:db:f9:a5:c2:33:8a:c6:da:85:71:8b:ae:58:87:4d:c1:
b6:c2:f1:7b:68:b2:ce:1d:f7:c5:71:2d:a3:a8:af:e3:07:67:
5a:a4:da:eb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPriMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgzNzM5WhcNMjcxMjEzMDgzNzM5WjAYMRYw
FAYDVQQDEw02NzdjZTdkNi0zNWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9yVqb6WMeIXnd11BaXYhikGrvcMrNWdYWgsb4WITqhnegLIxqqcnJqmb
CvGHsOsmLvJneLwELTiujDbN5ZXQhGTtfGajleybbqpSJ9z2/udfUIuSQ5gMwmyU
l7Bn/4helHjXvrZIyfRlW6WbknLfz/Yl98qu2PeIQwtkr62wtgTXNEOVWfbR3CS4
BAUraid5F7QA4eYgzxvSeXMjAHtxWSJy8Fz0UDcMc+at7/WlGEYywrTvleXTO899
aDEKyO9c/NyA98YBMSk0bgKyXD2T/BJRScPJn8XJk5cyo4ZDB7W94G9h4COaPl3e
wwXcriiK/Y2W4cWy8erPpvsd47SpJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBsp
CcwNdTR8tHK74rpY2BOChkrRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOTEwNzVGNENDRDIxMUVGOUZFMEEyOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmgMA0GCSqGSIb3DQEBCwUA
A4IBAQA2mEMEN5a+OQUiIw5Kh9qiIBnLT+0BvNVvpiiijyGtcwU+2ys5GUs4NecT
03KkDcRbJS+C+m3tN/NM/9OfwWx//P/R413frzj50JO+y5BhTilBHkhrWQ0u+lHY
od1eIDYVB10tyz3PPX5OAGYqTb+p2IZmJ5qncZrhmRJXAbHQaVTmdhIOig7WYUX2
prOByKkWsTxPR2i/nEDFa/KheO1w8e9+QtbMbSG/crWuz52yL3xUF+9zEIeImnw2
aS3sr8KosQQ1ZvsnBh0Z7Fmktawsr+7FRA7yWairJNv5pcIzisbahXGLrliHTcG2
wvF7aLLOHffFcS2jqK/jB2dapNrr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:40 2025 by rpki-client