Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9FC27F4CCDE11EFBB025158762E951A.roa
File: A9FC27F4CCDE11EFBB025158762E951A.roa (raw, json)
Hash identifier: eHrR2I3NBWtvMldLW6y754pCoXXfduQI4IKgV7XyVIw=
Subject key identifier: F9:2D:ED:21:07:16:E8:69:52:80:8B:64:A0:79:B9:6E:10:1F:98:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB8D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9FC27F4CCDE11EFBB025158762E951A.roa
Signing time: Tue 07 Jan 2025 10:03:38 +0000
ROA not before: Tue 07 Jan 2025 10:03:34 +0000
ROA not after: Mon 13 Dec 2027 10:03:34 +0000
asID: 17561
IP address blocks: 156.233.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64397 (0xfb8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:03:34 2025 GMT
Not After : Dec 13 10:03:34 2027 GMT
Subject: CN=677cfbfa-7dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:30:7e:80:bd:2b:f0:cf:eb:d5:4e:78:d7:06:
03:76:ae:2d:ae:69:d6:fa:81:c4:f9:12:91:95:09:
02:ae:28:bb:f2:f5:06:4a:fd:7d:b1:ce:02:ea:4e:
8e:7d:d2:cb:31:1f:85:38:0a:a3:19:00:e3:f8:e7:
7c:08:59:a9:ca:7a:5a:68:98:82:2e:7a:a5:b5:e6:
b5:b4:34:db:58:ff:dd:f0:1d:45:dd:19:08:5d:14:
81:41:ed:75:af:9d:f3:18:e0:3e:8d:32:37:56:d3:
60:34:02:09:77:3f:84:a5:1a:10:11:ef:63:82:f1:
a0:be:e9:93:b5:5b:a6:ae:3f:04:14:fd:df:45:55:
55:fd:b5:72:98:bd:4d:83:2f:38:c5:94:45:c6:b1:
25:f6:43:c2:a8:5e:20:ec:1d:b2:b4:e3:cf:06:92:
d8:56:21:0e:21:93:42:b9:8f:d4:41:a7:fa:c8:cd:
d7:91:1d:42:9d:fa:5a:ed:89:68:c6:f5:76:9d:20:
90:cf:b5:18:5f:71:43:b1:34:4b:87:29:06:ec:8a:
82:a8:b1:89:04:16:30:a6:14:2f:27:05:8d:8b:48:
ee:c9:05:9c:29:fb:c1:b4:b6:68:89:1c:cc:44:09:
6a:dd:79:d8:bf:cb:d4:d3:be:53:ce:64:95:76:8a:
28:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2D:ED:21:07:16:E8:69:52:80:8B:64:A0:79:B9:6E:10:1F:98:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9FC27F4CCDE11EFBB025158762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.218.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:64:c5:b8:f8:f3:a6:b7:f0:18:14:cc:07:85:5e:98:df:a2:
78:38:1c:c0:fe:17:a9:9f:ea:1f:3c:66:39:20:4e:2b:a9:25:
01:f3:75:11:9d:ba:4c:47:7a:ca:9b:24:1f:0e:79:1b:91:31:
9c:ef:89:55:f1:b0:11:f9:6f:f3:b0:06:94:65:aa:a6:ba:b0:
7f:d0:77:18:65:49:5b:e9:e5:08:22:79:ce:50:fe:7a:97:ff:
68:c3:a9:ba:56:a0:16:54:15:22:c9:a1:7e:97:08:14:02:a3:
68:f0:b5:8f:64:bf:17:49:c9:f6:9d:87:97:06:0a:ab:39:62:
c9:30:3e:c7:fa:38:8d:f9:b0:d8:95:3d:7b:5f:cd:1c:fe:64:
85:1a:bd:14:0a:4f:ad:28:2d:40:cc:4d:25:27:19:ec:35:d1:
59:f4:76:6d:67:d8:93:69:f2:ad:d4:97:98:fe:f3:7c:ab:f6:
cb:ba:31:1c:c3:e8:e8:6f:3b:cd:18:97:84:b1:25:1f:77:59:
af:06:48:ff:59:68:35:ab:79:89:70:89:eb:44:e0:1e:e5:46:
aa:7d:fa:d7:13:d3:17:ec:42:ed:86:db:92:11:ab:ef:7a:32:
20:d3:45:34:0c:39:3e:1f:58:4a:f1:13:77:5f:55:49:5c:45:
66:26:7d:b9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPuNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAwMzM0WhcNMjcxMjEzMTAwMzM0WjAYMRYw
FAYDVQQDEw02NzdjZmJmYS03ZGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArjB+gL0r8M/r1U541wYDdq4trmnW+oHE+RKRlQkCrii78vUGSv19sc4C
6k6OfdLLMR+FOAqjGQDj+Od8CFmpynpaaJiCLnqltea1tDTbWP/d8B1F3RkIXRSB
Qe11r53zGOA+jTI3VtNgNAIJdz+EpRoQEe9jgvGgvumTtVumrj8EFP3fRVVV/bVy
mL1Ngy84xZRFxrEl9kPCqF4g7B2ytOPPBpLYViEOIZNCuY/UQaf6yM3XkR1Cnfpa
7YloxvV2nSCQz7UYX3FDsTRLhykG7IqCqLGJBBYwphQvJwWNi0juyQWcKfvBtLZo
iRzMRAlq3XnYv8vU075TzmSVdoooiQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPkt
7SEHFuhpUoCLZKB5uW4QH5jCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOUZDMjdGNENDREUxMUVGQkIwMjUxNTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnaMA0GCSqGSIb3DQEBCwUA
A4IBAQCdZMW4+POmt/AYFMwHhV6Y36J4OBzA/hepn+ofPGY5IE4rqSUB83URnbpM
R3rKmyQfDnkbkTGc74lV8bAR+W/zsAaUZaqmurB/0HcYZUlb6eUIInnOUP56l/9o
w6m6VqAWVBUiyaF+lwgUAqNo8LWPZL8XScn2nYeXBgqrOWLJMD7H+jiN+bDYlT17
X80c/mSFGr0UCk+tKC1AzE0lJxnsNdFZ9HZtZ9iTafKt1JeY/vN8q/bLujEcw+jo
bzvNGJeEsSUfd1mvBkj/WWg1q3mJcInrROAe5UaqffrXE9MX7ELthtuSEavvejIg
00U0DDk+H1hK8RN3X1VJXEVmJn25
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:50 2025 by rpki-client