Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C80AD67ACD1811EF98BAD444762E951A.roa
File: C80AD67ACD1811EF98BAD444762E951A.roa (raw, json)
Hash identifier: e7mJJqN445SBWkF8f8YLwKEqYLK645QoPm0EBrxx46I=
Subject key identifier: 53:EE:A0:70:F4:0B:04:21:1A:83:A6:B2:9C:66:92:61:55:3B:5F:5E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD31
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C80AD67ACD1811EF98BAD444762E951A.roa
Signing time: Tue 07 Jan 2025 16:59:39 +0000
ROA not before: Tue 07 Jan 2025 16:59:36 +0000
ROA not after: Mon 13 Dec 2027 16:59:36 +0000
asID: 17561
IP address blocks: 156.241.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64817 (0xfd31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:59:36 2025 GMT
Not After : Dec 13 16:59:36 2027 GMT
Subject: CN=677d5d7b-af73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:25:5c:9e:90:0d:62:7e:31:22:d2:0a:b4:f8:
a1:3f:bd:0c:97:56:05:0a:41:51:77:13:ea:2e:8d:
30:af:aa:df:ea:1c:47:37:34:21:13:0c:69:92:1e:
0d:d8:c8:fa:03:8b:f4:57:95:2b:1b:88:62:29:42:
cf:9a:fa:89:63:24:33:0b:fe:8c:9c:34:21:65:fe:
6d:29:37:de:8f:07:b4:c3:7a:50:6d:92:47:55:9d:
69:a8:1e:ed:c7:95:10:a3:58:29:f8:80:5c:43:e1:
f9:b3:fc:20:26:f8:d7:7e:7b:03:4c:b2:e6:24:a1:
b1:37:4e:20:0e:2a:16:10:23:68:ff:3e:f3:cb:38:
4b:eb:9b:d4:25:4f:50:59:84:7c:0a:f9:05:ce:2f:
b7:b5:b9:b1:4e:11:ea:a4:9f:e0:80:5e:21:f0:d2:
25:49:1e:73:b9:8c:55:1b:93:02:9c:fa:42:20:a6:
0e:c4:42:2c:12:5c:1c:c9:1f:40:48:94:24:fd:53:
2e:67:3a:f9:38:e8:b3:b7:4f:69:62:c3:cb:e5:92:
e4:20:a6:58:06:57:6f:77:85:6a:b9:7e:52:8e:8a:
95:ce:00:97:27:10:80:19:36:d0:1c:b5:e4:ac:19:
0d:a2:ab:a8:5b:9c:bb:7d:27:6b:e1:5e:0a:8e:a0:
ff:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EE:A0:70:F4:0B:04:21:1A:83:A6:B2:9C:66:92:61:55:3B:5F:5E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C80AD67ACD1811EF98BAD444762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.28.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:c4:5a:99:5d:cb:53:4e:b0:67:46:97:14:ea:bd:07:d9:4e:
2f:6f:1d:b8:7e:a5:a0:33:64:78:99:f2:1e:a5:e0:b5:7b:e2:
3b:b0:2d:c8:e7:6c:0f:7d:d7:09:06:a2:6e:f7:21:f8:ae:3e:
6d:7b:5f:29:9c:6b:55:9a:2f:bf:ed:98:52:2c:ca:b3:97:c5:
d2:af:e9:51:39:7d:23:59:9d:1d:ea:53:9f:44:cf:d1:c3:73:
33:4b:3f:21:d2:33:31:12:8d:33:a7:0d:ac:de:09:9a:36:2c:
54:c9:32:2f:ce:2d:d5:23:d6:5b:11:dd:ff:32:40:40:1e:29:
ee:b1:2c:a5:a7:0b:7f:48:17:06:ab:67:06:57:f8:88:1a:8a:
fb:b3:c4:34:08:18:94:1c:b7:89:c7:52:24:cb:e2:8b:54:8d:
e1:a1:44:9e:3b:ed:9a:8a:d1:71:20:17:98:86:04:41:bc:ab:
ba:55:36:79:3d:cb:8f:30:90:03:af:f2:95:e2:0f:c0:08:28:
8b:54:de:c6:ba:15:da:cb:e7:f0:cd:3b:0f:09:ef:db:89:56:
12:48:f3:0a:46:87:7d:47:f0:73:8d:24:b0:b2:4e:a2:60:fc:
90:b1:7e:e8:37:a8:c5:80:d4:a8:e6:f4:40:48:5e:2a:88:c5:
c6:f7:14:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTY1OTM2WhcNMjcxMjEzMTY1OTM2WjAYMRYw
FAYDVQQDEw02NzdkNWQ3Yi1hZjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyyVcnpANYn4xItIKtPihP70Ml1YFCkFRdxPqLo0wr6rf6hxHNzQhEwxp
kh4N2Mj6A4v0V5UrG4hiKULPmvqJYyQzC/6MnDQhZf5tKTfejwe0w3pQbZJHVZ1p
qB7tx5UQo1gp+IBcQ+H5s/wgJvjXfnsDTLLmJKGxN04gDioWECNo/z7zyzhL65vU
JU9QWYR8CvkFzi+3tbmxThHqpJ/ggF4h8NIlSR5zuYxVG5MCnPpCIKYOxEIsElwc
yR9ASJQk/VMuZzr5OOizt09pYsPL5ZLkIKZYBldvd4VquX5SjoqVzgCXJxCAGTbQ
HLXkrBkNoquoW5y7fSdr4V4KjqD/1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFPu
oHD0CwQhGoOmspxmkmFVO19eMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DODBBRDY3QUNEMTgxMUVGOThCQUQ0NDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEcMA0GCSqGSIb3DQEBCwUA
A4IBAQBqxFqZXctTTrBnRpcU6r0H2U4vbx24fqWgM2R4mfIepeC1e+I7sC3I52wP
fdcJBqJu9yH4rj5te18pnGtVmi+/7ZhSLMqzl8XSr+lROX0jWZ0d6lOfRM/Rw3Mz
Sz8h0jMxEo0zpw2s3gmaNixUyTIvzi3VI9ZbEd3/MkBAHinusSylpwt/SBcGq2cG
V/iIGor7s8Q0CBiUHLeJx1Iky+KLVI3hoUSeO+2aitFxIBeYhgRBvKu6VTZ5PcuP
MJADr/KV4g/ACCiLVN7GuhXay+fwzTsPCe/biVYSSPMKRod9R/BzjSSwsk6iYPyQ
sX7oN6jFgNSo5vRASF4qiMXG9xQJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:13 2025 by rpki-client