Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D02EBFD2CD1411EF9D2585AB762E951A.roa
File: D02EBFD2CD1411EF9D2585AB762E951A.roa (raw, json)
Hash identifier: 9lzl8y7kbtjNarQgl3NKaUBzTedhEwVuG92doRpnXTs=
Subject key identifier: 71:B0:6B:58:27:BD:C2:C6:31:CF:48:25:12:04:59:48:4D:18:12:50
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD11
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D02EBFD2CD1411EF9D2585AB762E951A.roa
Signing time: Tue 07 Jan 2025 16:31:15 +0000
ROA not before: Tue 07 Jan 2025 16:31:11 +0000
ROA not after: Mon 13 Dec 2027 16:31:11 +0000
asID: 17561
IP address blocks: 156.241.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64785 (0xfd11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:31:11 2025 GMT
Not After : Dec 13 16:31:11 2027 GMT
Subject: CN=677d56d3-4294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:81:59:e3:d1:d4:91:4c:ef:7e:b7:cb:a8:91:
2a:7c:42:e1:13:77:e1:ae:c8:60:c3:98:1a:6d:f2:
56:b4:46:f3:8d:d1:ac:6c:bb:77:e0:05:29:df:bb:
72:9b:43:c6:b9:5e:0d:74:bb:84:28:21:24:49:2b:
b8:c6:79:1f:a2:e3:19:8f:f9:55:8c:83:e2:58:d8:
61:c0:0c:1f:ca:d0:24:19:d3:68:a4:da:1b:e7:2e:
1f:ae:2a:0c:3a:4e:64:e9:59:7f:6e:11:e1:69:08:
bc:27:c5:16:59:bb:28:41:21:8a:58:64:f1:ed:43:
5c:de:cf:fc:6b:46:78:43:83:87:52:ac:51:fc:5c:
bd:f2:6d:e2:1b:69:12:de:f6:27:a4:89:cf:dc:cd:
c3:15:10:37:98:3f:6c:30:ab:e1:ae:7d:a2:da:1d:
52:1e:9d:ca:d6:85:07:e1:8e:1a:19:99:1d:01:e8:
17:cb:f2:84:0d:b8:36:aa:9a:a9:c5:a4:49:70:89:
2d:f2:c5:49:58:02:4b:7d:a8:01:18:e3:83:f2:00:
f9:b2:28:08:a3:b8:3e:d8:68:5f:4e:51:e5:14:9a:
6c:90:c1:4d:3f:2d:8f:ba:27:ff:eb:6a:86:c4:0e:
06:7b:fe:17:21:ff:5e:f2:11:35:d0:d8:18:e2:0a:
5b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B0:6B:58:27:BD:C2:C6:31:CF:48:25:12:04:59:48:4D:18:12:50
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D02EBFD2CD1411EF9D2585AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.12.0/24
Signature Algorithm: sha256WithRSAEncryption
36:1f:44:fb:eb:7f:c8:73:21:59:88:07:a4:fe:fc:9c:16:97:
49:f1:91:29:5e:da:b0:7d:99:8c:11:62:97:e1:55:87:65:86:
0b:41:f0:ac:cd:97:8d:72:fc:63:f6:45:71:16:a5:74:0d:e7:
cd:fd:65:26:0d:9d:ea:f9:52:a8:13:80:f5:76:51:2c:3e:7c:
d6:ad:90:66:1c:4a:a5:42:48:99:f1:de:f8:20:f7:5e:78:b0:
50:25:7d:47:d1:6c:3a:f4:1e:f5:30:56:07:b2:1f:90:a6:bb:
2d:6f:5e:db:af:52:a5:19:a6:28:f0:68:ae:2a:0f:88:f0:b2:
8a:b8:68:07:e7:50:c1:f3:1b:03:e4:1d:71:50:33:84:a7:b5:
cb:81:01:e1:ee:8d:fc:ad:11:ea:1e:9c:f4:9a:8b:04:b4:f1:
e0:97:cb:63:5a:2a:b3:43:ad:42:60:f8:98:40:59:2b:e3:41:
3e:b6:34:36:60:86:34:cc:41:e0:32:82:54:38:51:04:2c:d4:
9f:cb:e5:f7:11:f1:40:16:06:d6:60:00:f2:de:27:4c:ca:c5:
43:a1:23:d8:43:1a:79:cc:d2:32:90:b4:9a:33:19:74:8f:fd:
54:1b:0f:71:ba:56:66:58:b1:ee:38:f2:63:7e:e3:f8:dc:da:
fb:57:fb:7e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYzMTExWhcNMjcxMjEzMTYzMTExWjAYMRYw
FAYDVQQDEw02NzdkNTZkMy00Mjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvIFZ49HUkUzvfrfLqJEqfELhE3fhrshgw5gabfJWtEbzjdGsbLt34AUp
37tym0PGuV4NdLuEKCEkSSu4xnkfouMZj/lVjIPiWNhhwAwfytAkGdNopNob5y4f
rioMOk5k6Vl/bhHhaQi8J8UWWbsoQSGKWGTx7UNc3s/8a0Z4Q4OHUqxR/Fy98m3i
G2kS3vYnpInP3M3DFRA3mD9sMKvhrn2i2h1SHp3K1oUH4Y4aGZkdAegXy/KEDbg2
qpqpxaRJcIkt8sVJWAJLfagBGOOD8gD5sigIo7g+2GhfTlHlFJpskMFNPy2Puif/
62qGxA4Ge/4XIf9e8hE10NgY4gpbPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHGw
a1gnvcLGMc9IJRIEWUhNGBJQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDJFQkZEMkNEMTQxMUVGOUQyNTg1QUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEMMA0GCSqGSIb3DQEBCwUA
A4IBAQA2H0T763/IcyFZiAek/vycFpdJ8ZEpXtqwfZmMEWKX4VWHZYYLQfCszZeN
cvxj9kVxFqV0DefN/WUmDZ3q+VKoE4D1dlEsPnzWrZBmHEqlQkiZ8d74IPdeeLBQ
JX1H0Ww69B71MFYHsh+Qprstb17br1KlGaYo8GiuKg+I8LKKuGgH51DB8xsD5B1x
UDOEp7XLgQHh7o38rRHqHpz0mosEtPHgl8tjWiqzQ61CYPiYQFkr40E+tjQ2YIY0
zEHgMoJUOFEELNSfy+X3EfFAFgbWYADy3idMysVDoSPYQxp5zNIykLSaMxl0j/1U
Gw9xulZmWLHuOPJjfuP43Nr7V/t+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:04 2025 by rpki-client