Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0D0CA8CCC9F11EF8B8C7643762E951A.roa
File: C0D0CA8CCC9F11EF8B8C7643762E951A.roa (raw, json)
Hash identifier: Un4LPigCvdI8WcM9Qwks0mcJbyJywElfJWrXbo9LGYk=
Subject key identifier: 24:59:D7:3B:85:9D:0B:9E:13:B3:24:FF:1C:20:9C:C6:8B:5C:09:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F988
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0D0CA8CCC9F11EF8B8C7643762E951A.roa
Signing time: Tue 07 Jan 2025 02:33:18 +0000
ROA not before: Tue 07 Jan 2025 02:33:14 +0000
ROA not after: Mon 13 Dec 2027 02:33:14 +0000
asID: 17561
IP address blocks: 156.227.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63880 (0xf988)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:33:14 2025 GMT
Not After : Dec 13 02:33:14 2027 GMT
Subject: CN=677c926e-4def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:60:83:de:64:11:43:ab:30:a8:d0:05:48:
4f:7d:f5:1c:e8:05:35:72:8a:8f:ba:5e:e6:81:24:
48:4d:3f:19:65:72:7d:13:e4:40:d9:97:75:3a:a7:
44:2e:44:8f:8c:31:3f:8e:ec:6f:1c:f5:93:bb:e7:
04:e0:90:99:cf:12:28:2b:cf:95:cc:09:54:96:ca:
85:fe:8e:53:58:a1:44:e3:2c:66:47:f8:c5:b7:06:
ee:2d:89:20:18:5d:22:13:99:c8:ba:42:af:fd:f3:
a6:45:58:ea:58:e1:20:cc:a3:41:73:48:11:02:9e:
35:a0:3f:f1:ba:db:13:53:18:20:be:39:43:bf:2d:
dc:7d:76:3d:b8:dd:61:cf:29:e0:39:c5:c7:ed:bb:
1c:fd:2a:8d:b6:b3:a7:ce:f8:f9:31:d2:bb:b1:e9:
d6:53:72:fc:db:cc:1a:6e:9c:4c:a9:94:85:28:39:
c2:ad:33:2d:5e:7d:98:18:64:23:0a:e1:5c:4f:51:
33:9a:a5:30:f5:68:cd:5a:e1:1e:c0:28:f4:cd:47:
c9:4f:e7:34:9a:56:d4:2c:7c:04:aa:ed:17:22:43:
44:0f:b9:85:ec:e7:f1:5e:7f:f8:93:ab:d9:b2:05:
4a:ad:da:54:9b:7a:5d:00:16:6d:d8:9f:d2:56:4f:
f5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:59:D7:3B:85:9D:0B:9E:13:B3:24:FF:1C:20:9C:C6:8B:5C:09:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C0D0CA8CCC9F11EF8B8C7643762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.122.0/24
Signature Algorithm: sha256WithRSAEncryption
08:ca:09:2f:ab:69:98:50:3a:d5:e6:46:f8:31:c6:4a:a7:aa:
2d:4b:79:22:7d:8a:c8:c2:73:34:bb:c0:7c:83:1b:6d:2c:ad:
6e:0e:ea:f0:e7:b4:3b:a7:3b:3b:97:a6:f4:62:aa:c0:7b:0c:
b9:01:8e:02:af:0c:ec:45:25:b2:f8:a4:56:d5:f7:b0:83:5a:
b2:7d:0b:14:ee:dd:7a:c0:7e:f4:23:59:bf:35:0e:58:fc:be:
b0:15:33:43:1e:83:96:cf:73:5f:58:46:b1:07:d0:e0:4a:ba:
1b:f0:3d:2c:89:6a:1e:df:c9:74:53:83:8b:d7:d6:65:5e:b1:
54:b6:d3:6b:32:23:3c:13:c1:98:bf:fa:fd:2e:0c:fe:51:79:
87:43:fd:9c:7e:02:13:2a:36:13:5f:7a:cf:71:ac:35:36:1b:
c6:b5:15:cd:e8:db:b4:77:fd:be:90:39:bd:9d:17:97:04:6c:
8b:0a:f4:ec:9d:52:bd:e0:3b:57:9e:9f:f6:53:07:15:de:22:
b4:6d:f1:3e:6a:8b:22:bd:d0:bb:83:50:a0:20:66:2b:27:22:
06:19:d5:9c:57:37:6b:a9:c8:be:5f:be:e9:35:c7:26:6c:b6:
43:70:51:bb:81:03:19:ba:2e:e3:ab:11:99:5a:2b:13:16:ce:
cc:25:57:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPmIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDIzMzE0WhcNMjcxMjEzMDIzMzE0WjAYMRYw
FAYDVQQDEw02NzdjOTI2ZS00ZGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuX1gg95kEUOrMKjQBUhPffUc6AU1coqPul7mgSRITT8ZZXJ9E+RA2Zd1
OqdELkSPjDE/juxvHPWTu+cE4JCZzxIoK8+VzAlUlsqF/o5TWKFE4yxmR/jFtwbu
LYkgGF0iE5nIukKv/fOmRVjqWOEgzKNBc0gRAp41oD/xutsTUxggvjlDvy3cfXY9
uN1hzyngOcXH7bsc/SqNtrOnzvj5MdK7senWU3L828wabpxMqZSFKDnCrTMtXn2Y
GGQjCuFcT1EzmqUw9WjNWuEewCj0zUfJT+c0mlbULHwEqu0XIkNED7mF7OfxXn/4
k6vZsgVKrdpUm3pdABZt2J/SVk/1+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCRZ
1zuFnQueE7Mk/xwgnMaLXAkwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMEQwQ0E4Q0NDOUYxMUVGOEI4Qzc2NDM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnON6MA0GCSqGSIb3DQEBCwUA
A4IBAQAIygkvq2mYUDrV5kb4McZKp6otS3kifYrIwnM0u8B8gxttLK1uDurw57Q7
pzs7l6b0YqrAewy5AY4CrwzsRSWy+KRW1fewg1qyfQsU7t16wH70I1m/NQ5Y/L6w
FTNDHoOWz3NfWEaxB9DgSrob8D0siWoe38l0U4OL19ZlXrFUttNrMiM8E8GYv/r9
Lgz+UXmHQ/2cfgITKjYTX3rPcaw1NhvGtRXN6Nu0d/2+kDm9nReXBGyLCvTsnVK9
4DtXnp/2UwcV3iK0bfE+aosivdC7g1CgIGYrJyIGGdWcVzdrqci+X77pNccmbLZD
cFG7gQMZui7jqxGZWisTFs7MJVfN
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:52 2025 by rpki-client