Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE9DC2B6CD3511EF927B417A762E951A.roa
File: AE9DC2B6CD3511EF927B417A762E951A.roa (raw, json)
Hash identifier: vF3ZuaUPU5L8o3r0EHPi9vd42sNRkL6Vp08dmHqW5bU=
Subject key identifier: 6F:16:86:AB:71:1B:C2:EE:2A:B7:E5:93:36:95:DB:AF:2F:FE:DC:7B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE17
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE9DC2B6CD3511EF927B417A762E951A.roa
Signing time: Tue 07 Jan 2025 20:26:32 +0000
ROA not before: Tue 07 Jan 2025 20:26:28 +0000
ROA not after: Mon 13 Dec 2027 20:26:28 +0000
asID: 17561
IP address blocks: 156.243.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65047 (0xfe17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:26:28 2025 GMT
Not After : Dec 13 20:26:28 2027 GMT
Subject: CN=677d8df8-0a4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:36:55:17:9f:1c:e3:6a:34:ea:31:50:30:8a:
22:d8:c7:31:a4:11:75:f3:43:ba:95:33:b7:65:02:
24:39:da:0d:8c:ac:e8:c3:35:65:15:9d:46:5d:5a:
7a:71:e4:19:90:b2:d4:9d:f1:b1:36:23:d6:51:30:
19:53:a6:b6:4a:09:45:15:ed:32:7d:d0:68:d2:9f:
e5:13:97:ec:11:db:a8:62:a0:ea:17:25:b7:1b:23:
05:90:86:f7:b1:c3:8a:ad:77:c9:3f:40:dd:fd:ea:
48:52:eb:da:d6:21:1d:6b:fc:21:a9:78:db:13:e8:
70:84:ad:3b:c8:8f:ee:99:31:a1:25:be:f5:a1:40:
49:68:f5:bd:41:91:b6:b0:00:e3:79:ef:27:57:a9:
95:9b:b0:43:fe:d8:02:5c:25:ff:2b:fe:f6:e4:17:
04:b3:26:15:10:9c:5c:6b:78:a0:b1:3a:e4:e0:3f:
52:57:67:39:df:8b:8d:d5:91:67:74:73:82:21:bd:
6f:0d:28:cf:91:8f:a8:aa:29:e8:ee:2d:4a:50:8c:
e5:3d:88:00:19:d1:e2:87:89:1f:bf:2a:c2:0a:6e:
1d:a5:6f:c6:4b:87:50:5c:a6:50:32:93:89:1d:e9:
fb:e7:7e:1a:16:97:d5:fa:09:64:b8:5f:e6:f9:1e:
d2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:16:86:AB:71:1B:C2:EE:2A:B7:E5:93:36:95:DB:AF:2F:FE:DC:7B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE9DC2B6CD3511EF927B417A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.52.0/24
Signature Algorithm: sha256WithRSAEncryption
94:33:c9:a5:30:b1:4a:e3:c5:49:49:70:f8:56:f9:6d:79:20:
35:1b:0c:d7:68:87:05:99:2f:27:16:4d:15:3e:90:ea:18:90:
bd:03:97:1c:7c:19:9c:0f:3e:b1:a0:26:82:a7:7a:ca:b7:dd:
16:1c:be:86:42:21:a1:79:30:61:66:da:86:cb:77:d6:cb:9c:
3d:16:86:f8:b3:12:c3:e8:ed:30:ef:50:72:38:ff:44:c4:1a:
2a:76:18:ab:4a:14:5a:9d:ff:84:66:ae:04:e2:43:e3:44:32:
1e:2b:bc:87:09:be:26:c9:f1:2c:e8:1e:2f:de:47:58:3e:a8:
06:6d:51:3d:c3:37:8b:6b:77:5a:33:fd:8a:ed:3c:f1:70:64:
62:09:65:55:a8:eb:ee:e0:c8:bd:6c:15:f3:c5:78:04:4f:b4:
b6:11:a0:a8:42:04:be:aa:22:ba:83:7d:08:94:13:2b:27:30:
e5:89:99:80:11:9f:09:bd:e3:c3:a4:32:86:2c:98:a9:e7:12:
01:15:38:e7:ef:93:71:60:00:d5:44:29:ea:2f:24:a2:7a:4f:
09:f2:6e:ca:d1:4e:cc:a6:d1:8a:f4:9a:9c:78:2e:6b:29:d2:
f4:9d:9d:b7:09:43:23:67:cf:5f:dc:d5:66:12:d1:37:39:e0:
f8:6b:9f:40
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjAyNjI4WhcNMjcxMjEzMjAyNjI4WjAYMRYw
FAYDVQQDEw02NzdkOGRmOC0wYTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuDZVF58c42o06jFQMIoi2McxpBF180O6lTO3ZQIkOdoNjKzowzVlFZ1G
XVp6ceQZkLLUnfGxNiPWUTAZU6a2SglFFe0yfdBo0p/lE5fsEduoYqDqFyW3GyMF
kIb3scOKrXfJP0Dd/epIUuva1iEda/whqXjbE+hwhK07yI/umTGhJb71oUBJaPW9
QZG2sADjee8nV6mVm7BD/tgCXCX/K/725BcEsyYVEJxca3igsTrk4D9SV2c534uN
1ZFndHOCIb1vDSjPkY+oqino7i1KUIzlPYgAGdHih4kfvyrCCm4dpW/GS4dQXKZQ
MpOJHen7534aFpfV+glkuF/m+R7SwQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG8W
hqtxG8LuKrflkzaV268v/tx7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRTlEQzJCNkNEMzUxMUVGOTI3QjQxN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPM0MA0GCSqGSIb3DQEBCwUA
A4IBAQCUM8mlMLFK48VJSXD4VvlteSA1GwzXaIcFmS8nFk0VPpDqGJC9A5ccfBmc
Dz6xoCaCp3rKt90WHL6GQiGheTBhZtqGy3fWy5w9Fob4sxLD6O0w71ByOP9ExBoq
dhirShRanf+EZq4E4kPjRDIeK7yHCb4myfEs6B4v3kdYPqgGbVE9wzeLa3daM/2K
7TzxcGRiCWVVqOvu4Mi9bBXzxXgET7S2EaCoQgS+qiK6g30IlBMrJzDliZmAEZ8J
vePDpDKGLJip5xIBFTjn75NxYADVRCnqLySiek8J8m7K0U7MptGK9JqceC5rKdL0
nZ23CUMjZ89f3NVmEtE3OeD4a59A
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:26 2025 by rpki-client