Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF6D5242CCE011EFAF772E65762E951A.roa
File: AF6D5242CCE011EFAF772E65762E951A.roa (raw, json)
Hash identifier: hDsYbLve4U8lKqTVevlovJLalXs2At5L0OWvGzJjHrU=
Subject key identifier: 61:3D:B6:57:C2:7A:E1:FE:C1:42:D9:41:F0:CE:E6:80:0F:D6:AE:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB9F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF6D5242CCE011EFAF772E65762E951A.roa
Signing time: Tue 07 Jan 2025 10:18:06 +0000
ROA not before: Tue 07 Jan 2025 10:18:02 +0000
ROA not after: Mon 13 Dec 2027 10:18:02 +0000
asID: 17561
IP address blocks: 156.233.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64415 (0xfb9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:18:02 2025 GMT
Not After : Dec 13 10:18:02 2027 GMT
Subject: CN=677cff5e-e15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:14:ec:51:f2:8c:48:f7:64:31:12:cb:ac:6d:
e3:c7:55:86:7e:4e:c9:50:fe:fa:2a:05:90:e2:a9:
68:6e:fe:14:fe:d4:23:27:e7:5d:c5:fd:a7:c0:57:
72:ba:39:e4:98:6d:4f:f5:0a:20:d3:b9:44:4d:f8:
14:21:0c:6b:62:e9:b0:3e:ab:09:70:7a:c4:e2:cc:
99:63:4d:b8:28:71:12:17:8f:1e:41:4d:f0:92:93:
c5:76:9d:92:a6:d9:09:33:b7:3c:84:47:0c:2f:a2:
c1:4f:c5:79:e6:00:be:42:b8:ac:f8:37:80:66:dd:
5f:67:99:32:95:de:be:f8:a7:8f:87:c6:12:cd:d1:
c4:88:62:f3:5a:22:6a:af:31:90:3f:98:d6:d8:a9:
7b:c5:9e:68:ab:0f:99:12:00:8c:b3:eb:4c:cd:2d:
1a:9e:af:de:cf:bc:b3:a8:56:e5:82:9c:cd:d0:04:
aa:ed:be:ca:15:0d:1b:19:0d:27:85:df:b5:28:bb:
f5:70:00:f0:48:59:42:4f:6d:7b:3f:41:10:50:11:
9e:37:2f:d3:a2:ce:bd:6c:28:b4:fd:b6:98:33:4e:
7d:ab:cf:37:91:54:cf:0a:89:88:91:05:d5:db:8e:
e6:bc:78:bb:26:ae:05:fe:8b:c4:61:fb:39:5a:5a:
f5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3D:B6:57:C2:7A:E1:FE:C1:42:D9:41:F0:CE:E6:80:0F:D6:AE:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF6D5242CCE011EFAF772E65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.228.0/24
Signature Algorithm: sha256WithRSAEncryption
87:d0:ad:e6:42:79:10:3c:91:3c:ec:7a:6c:d9:dd:17:17:ce:
f3:6a:41:7a:6e:6d:92:f9:7b:bf:ab:78:e1:4e:de:10:c8:b3:
f7:d0:cc:3d:5b:e6:6d:2b:fa:f6:93:b4:60:4f:24:be:f5:95:
a8:60:98:02:97:50:1a:fd:15:1d:8d:db:da:0e:f3:ec:48:24:
43:ae:64:0a:7e:a3:6a:d5:d1:77:c0:99:64:20:99:ce:3b:a5:
0f:79:0d:a8:0a:a5:f9:27:03:68:d5:5a:67:cd:59:76:31:c5:
dd:7f:91:58:94:f2:c2:43:a9:e1:c5:94:26:5d:0e:99:7d:8a:
a6:34:55:aa:cd:d3:b0:21:fa:92:28:93:f6:1d:15:90:f1:4c:
82:9e:1c:0c:65:5d:83:f3:28:22:63:0b:8b:b1:c0:f7:73:ca:
a8:90:3d:53:89:78:46:4b:91:28:25:9b:1e:5b:1e:65:12:e3:
2a:3a:c1:21:56:b6:84:b6:2b:87:ba:b9:8a:68:33:58:68:4f:
0a:ea:f7:26:43:48:11:45:76:29:d9:16:62:7b:62:ed:a2:e7:
4f:04:1c:47:f8:ac:90:c4:e9:17:dd:e4:5a:e0:3c:70:47:d1:
5c:88:4e:87:d9:40:e3:78:fa:1f:3e:7a:44:59:82:da:11:37:
0c:15:4c:4a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPufMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAxODAyWhcNMjcxMjEzMTAxODAyWjAYMRYw
FAYDVQQDEw02NzdjZmY1ZS1lMTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3RTsUfKMSPdkMRLLrG3jx1WGfk7JUP76KgWQ4qlobv4U/tQjJ+ddxf2n
wFdyujnkmG1P9Qog07lETfgUIQxrYumwPqsJcHrE4syZY024KHESF48eQU3wkpPF
dp2SptkJM7c8hEcML6LBT8V55gC+Qris+DeAZt1fZ5kyld6++KePh8YSzdHEiGLz
WiJqrzGQP5jW2Kl7xZ5oqw+ZEgCMs+tMzS0anq/ez7yzqFblgpzN0ASq7b7KFQ0b
GQ0nhd+1KLv1cADwSFlCT217P0EQUBGeNy/Tos69bCi0/baYM059q883kVTPComI
kQXV247mvHi7Jq4F/ovEYfs5Wlr1nwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGE9
tlfCeuH+wULZQfDO5oAP1q7EMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjZENTI0MkNDRTAxMUVGQUY3NzJFNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnkMA0GCSqGSIb3DQEBCwUA
A4IBAQCH0K3mQnkQPJE87Hps2d0XF87zakF6bm2S+Xu/q3jhTt4QyLP30Mw9W+Zt
K/r2k7RgTyS+9ZWoYJgCl1Aa/RUdjdvaDvPsSCRDrmQKfqNq1dF3wJlkIJnOO6UP
eQ2oCqX5JwNo1VpnzVl2McXdf5FYlPLCQ6nhxZQmXQ6ZfYqmNFWqzdOwIfqSKJP2
HRWQ8UyCnhwMZV2D8ygiYwuLscD3c8qokD1TiXhGS5EoJZseWx5lEuMqOsEhVraE
tiuHurmKaDNYaE8K6vcmQ0gRRXYp2RZie2LtoudPBBxH+KyQxOkX3eRa4DxwR9Fc
iE6H2UDjePofPnpEWYLaETcMFUxK
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:29 2025 by rpki-client