Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9ED9E68CC9D11EF9160BDB2762E951A.roa
File: B9ED9E68CC9D11EF9160BDB2762E951A.roa (raw, json)
Hash identifier: MXC2hQ4b5KvLbMExuKZsaHvdFagNueTXyCLGtN/uDcM=
Subject key identifier: B8:AE:38:41:E7:B7:26:9C:AB:CE:AF:EF:1D:DF:F9:01:B5:6A:3C:8A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F976
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9ED9E68CC9D11EF9160BDB2762E951A.roa
Signing time: Tue 07 Jan 2025 02:18:47 +0000
ROA not before: Tue 07 Jan 2025 02:18:44 +0000
ROA not after: Mon 13 Dec 2027 02:18:44 +0000
asID: 17561
IP address blocks: 156.227.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63862 (0xf976)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:18:44 2025 GMT
Not After : Dec 13 02:18:44 2027 GMT
Subject: CN=677c8f07-2d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a3:20:48:81:79:a4:28:dc:e6:c7:23:bc:bf:
69:b0:a9:2f:a3:c6:0b:56:eb:e3:26:50:92:b4:39:
84:86:1d:46:15:24:e7:f7:5d:d0:a1:a2:f8:46:23:
31:eb:4b:62:c0:92:32:4b:cb:56:ea:f6:44:50:91:
ce:f8:c6:2a:f0:6a:65:2e:81:7a:93:45:c6:b8:ee:
3b:9c:c3:14:54:13:86:c9:7e:4a:7b:3b:81:4b:c1:
5a:64:34:a5:8e:bc:90:b7:f1:eb:fc:3a:c2:78:a7:
75:ca:46:ac:48:a1:fc:86:c8:82:52:1f:86:01:b1:
35:93:3a:15:e2:4a:ec:7a:65:a9:6c:00:f4:70:c4:
5c:52:f0:1e:28:87:74:d4:b0:44:d1:8a:9f:dc:97:
09:1a:dc:93:78:43:48:dd:7a:02:bd:f1:5e:a8:6f:
14:33:1e:e2:fd:44:05:ac:ff:e7:84:4e:2f:39:20:
8c:8b:4b:b1:f4:a9:e8:21:6a:f1:67:6f:45:13:06:
17:79:19:34:3e:7d:16:6e:7d:13:ab:a7:ff:c5:da:
0f:32:69:0e:f2:de:3f:93:0a:81:d2:c6:84:a8:7c:
94:81:d9:7c:c5:98:ea:1d:98:2a:c7:dc:5a:d3:80:
0c:30:96:ea:30:2a:60:8e:36:db:07:60:ff:37:6d:
3a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AE:38:41:E7:B7:26:9C:AB:CE:AF:EF:1D:DF:F9:01:B5:6A:3C:8A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9ED9E68CC9D11EF9160BDB2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.113.0/24
Signature Algorithm: sha256WithRSAEncryption
74:11:7c:09:30:7d:cf:54:9c:c5:81:60:c1:20:0e:3a:5b:71:
34:7b:60:9e:4a:40:7c:d7:a3:9f:e6:1a:d8:e1:50:f1:90:18:
32:6b:7c:2f:0f:09:20:e9:10:33:81:64:27:32:9e:81:79:85:
a2:20:bd:e2:22:dc:8e:d6:61:71:c5:87:82:a2:31:52:88:05:
ef:e8:5d:9f:91:13:3a:dd:08:6c:e9:52:e0:97:81:c0:35:21:
6f:f1:ff:6d:c7:bb:80:4a:ab:10:94:99:b1:5e:88:3b:4d:1f:
86:74:32:a1:1e:d8:7a:e6:4f:ac:d9:df:29:32:9a:1f:d7:66:
f7:e8:e4:17:82:2a:ea:5c:94:2f:ee:42:11:e7:40:58:b2:2f:
24:44:f4:2a:35:12:20:fb:63:b3:51:77:0f:ec:fd:01:98:56:
3c:0c:07:0a:7d:27:1d:02:f0:68:35:08:30:64:38:c3:43:63:
2c:67:2a:87:e5:03:7c:a5:f0:2b:20:f9:61:fb:54:d3:ce:1f:
f1:7d:9f:5b:14:8f:b7:17:c1:1e:85:8c:9e:0e:d6:4b:9e:80:
7d:1d:48:80:94:cb:b5:e8:91:81:47:ca:2a:a1:98:7b:d1:a8:
d5:99:02:73:75:75:55:fd:7d:68:61:3a:82:41:52:fa:e3:45:
78:01:70:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPl2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDIxODQ0WhcNMjcxMjEzMDIxODQ0WjAYMRYw
FAYDVQQDEw02NzdjOGYwNy0yZDNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx6MgSIF5pCjc5scjvL9psKkvo8YLVuvjJlCStDmEhh1GFSTn913QoaL4
RiMx60tiwJIyS8tW6vZEUJHO+MYq8GplLoF6k0XGuO47nMMUVBOGyX5KezuBS8Fa
ZDSljryQt/Hr/DrCeKd1ykasSKH8hsiCUh+GAbE1kzoV4krsemWpbAD0cMRcUvAe
KId01LBE0Yqf3JcJGtyTeENI3XoCvfFeqG8UMx7i/UQFrP/nhE4vOSCMi0ux9Kno
IWrxZ29FEwYXeRk0Pn0Wbn0Tq6f/xdoPMmkO8t4/kwqB0saEqHyUgdl8xZjqHZgq
x9xa04AMMJbqMCpgjjbbB2D/N206dwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLiu
OEHntyacq86v7x3f+QG1ajyKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COUVEOUU2OENDOUQxMUVGOTE2MEJEQjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONxMA0GCSqGSIb3DQEBCwUA
A4IBAQB0EXwJMH3PVJzFgWDBIA46W3E0e2CeSkB816Of5hrY4VDxkBgya3wvDwkg
6RAzgWQnMp6BeYWiIL3iItyO1mFxxYeCojFSiAXv6F2fkRM63Qhs6VLgl4HANSFv
8f9tx7uASqsQlJmxXog7TR+GdDKhHth65k+s2d8pMpof12b36OQXgirqXJQv7kIR
50BYsi8kRPQqNRIg+2OzUXcP7P0BmFY8DAcKfScdAvBoNQgwZDjDQ2MsZyqH5QN8
pfArIPlh+1TTzh/xfZ9bFI+3F8EehYyeDtZLnoB9HUiAlMu16JGBR8oqoZh70ajV
mQJzdXVV/X1oYTqCQVL640V4AXBG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:11 2025 by rpki-client