Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C87582E6CCDB11EFA59BBF46762E951A.roa
File: C87582E6CCDB11EFA59BBF46762E951A.roa (raw, json)
Hash identifier: 9+F4lA/nKLJjt4xV9lGBlrf0oEDt1MIMvIAyv6pzgcg=
Subject key identifier: 3D:1C:6D:AB:4A:13:75:DD:06:C2:29:43:59:33:FC:38:6A:ED:DD:85
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB65
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C87582E6CCDB11EFA59BBF46762E951A.roa
Signing time: Tue 07 Jan 2025 09:43:00 +0000
ROA not before: Tue 07 Jan 2025 09:42:57 +0000
ROA not after: Mon 13 Dec 2027 09:42:57 +0000
asID: 17561
IP address blocks: 156.233.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64357 (0xfb65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:42:57 2025 GMT
Not After : Dec 13 09:42:57 2027 GMT
Subject: CN=677cf724-7c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f2:e1:18:87:78:b4:d7:44:2b:9c:28:3f:27:
f3:36:b8:3d:09:b1:86:4a:02:f9:d1:6d:ed:f9:20:
62:56:67:59:f6:11:ba:65:2a:30:63:27:72:c2:22:
00:c5:cd:01:0f:a3:f2:fb:c7:cf:1b:2a:88:16:76:
8e:8f:a9:a2:d4:4f:e4:f2:19:2d:67:b1:27:d1:e7:
ff:6b:c1:c9:37:32:19:36:5b:68:f3:14:c7:56:c5:
b3:9c:8f:9c:1c:4c:48:3d:1d:d1:24:0c:2a:9b:b7:
0c:b8:4a:e2:e4:ec:e4:7f:be:8e:c5:2c:72:60:13:
dc:73:af:cb:5c:d1:de:c9:b3:44:ac:2d:be:4e:8d:
72:1a:05:cd:47:69:bc:b2:cc:6d:2f:8b:0e:41:45:
41:da:43:67:fb:ef:20:53:f1:b3:a5:3d:8c:59:2a:
f7:45:41:25:f5:96:3b:de:df:f8:2b:4f:c7:65:b1:
c6:22:81:c7:04:1f:72:4d:92:c0:4b:c2:87:6d:de:
2c:b3:f7:7b:d7:89:9d:b1:a4:ba:35:de:f2:25:1f:
e7:94:75:df:0e:02:26:c6:67:d2:9d:77:5a:2d:41:
49:53:ea:81:f9:6c:82:43:f9:21:7d:a2:7e:0a:3a:
a9:cb:e1:e3:f9:ce:9e:58:cd:e8:37:08:76:db:4b:
57:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1C:6D:AB:4A:13:75:DD:06:C2:29:43:59:33:FC:38:6A:ED:DD:85
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C87582E6CCDB11EFA59BBF46762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.203.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:24:16:8d:ea:fc:31:70:82:27:39:1e:c6:55:87:d5:ac:ec:
e3:ca:da:46:7c:f8:7d:97:81:54:df:f2:24:a5:2e:b7:36:ab:
a1:ae:7a:b1:93:56:b1:44:80:96:66:f6:4d:eb:85:f9:f0:0d:
d2:77:a7:41:9d:b9:e3:14:75:82:de:91:76:20:89:01:99:9b:
24:21:a7:88:5e:24:0e:c6:15:20:e9:ef:4c:9d:31:9e:3a:81:
28:90:a2:a1:ef:7d:73:0a:19:f7:39:63:c1:10:ed:ab:ab:ba:
d0:5a:02:1d:23:95:ea:84:97:5e:59:d1:dc:14:f0:c2:7f:50:
47:80:a7:d5:7d:50:ec:fa:8e:3b:1d:f6:02:4f:91:e5:19:e4:
5c:db:19:4c:cd:c4:5d:d6:6f:12:34:d0:54:85:56:6b:dd:43:
7f:1e:1e:8a:4a:33:5e:1a:82:17:de:2a:c1:cd:f5:66:76:c8:
21:65:dc:de:fa:6e:d3:6e:8a:b3:ef:9f:ca:9f:92:51:50:99:
1b:7d:ee:6f:84:ee:12:62:85:93:b4:cd:ee:f2:94:22:47:bf:
db:d4:ce:77:d0:92:10:21:f2:fe:f9:c6:5a:03:d6:76:ca:77:
7f:ae:a0:34:76:9e:df:77:62:2e:10:7f:d3:d5:39:d7:56:4b:
93:82:59:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPtlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDk0MjU3WhcNMjcxMjEzMDk0MjU3WjAYMRYw
FAYDVQQDEw02NzdjZjcyNC03YzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs/LhGId4tNdEK5woPyfzNrg9CbGGSgL50W3t+SBiVmdZ9hG6ZSowYydy
wiIAxc0BD6Py+8fPGyqIFnaOj6mi1E/k8hktZ7En0ef/a8HJNzIZNlto8xTHVsWz
nI+cHExIPR3RJAwqm7cMuEri5Ozkf76OxSxyYBPcc6/LXNHeybNErC2+To1yGgXN
R2m8ssxtL4sOQUVB2kNn++8gU/GzpT2MWSr3RUEl9ZY73t/4K0/HZbHGIoHHBB9y
TZLAS8KHbd4ss/d714mdsaS6Nd7yJR/nlHXfDgImxmfSnXdaLUFJU+qB+WyCQ/kh
faJ+Cjqpy+Hj+c6eWM3oNwh220tX6wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD0c
batKE3XdBsIpQ1kz/Dhq7d2FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DODc1ODJFNkNDREIxMUVGQTU5QkJGNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnLMA0GCSqGSIb3DQEBCwUA
A4IBAQBdJBaN6vwxcIInOR7GVYfVrOzjytpGfPh9l4FU3/IkpS63Nquhrnqxk1ax
RICWZvZN64X58A3Sd6dBnbnjFHWC3pF2IIkBmZskIaeIXiQOxhUg6e9MnTGeOoEo
kKKh731zChn3OWPBEO2rq7rQWgIdI5XqhJdeWdHcFPDCf1BHgKfVfVDs+o47HfYC
T5HlGeRc2xlMzcRd1m8SNNBUhVZr3UN/Hh6KSjNeGoIX3irBzfVmdsghZdze+m7T
boqz75/Kn5JRUJkbfe5vhO4SYoWTtM3u8pQiR7/b1M530JIQIfL++cZaA9Z2ynd/
rqA0dp7fd2IuEH/T1TnXVkuTgllZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:42 2025 by rpki-client