Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7C6BD04CD1311EF9FAF18A5762E951A.roa
File: D7C6BD04CD1311EF9FAF18A5762E951A.roa (raw, json)
Hash identifier: R+Ux+QfGhjGF1TMbIMh9j6Xl6eqsJ/q4OIfhVaqChJk=
Subject key identifier: 00:AA:C6:74:2B:63:EC:49:7A:DF:9C:F4:AC:A5:B8:BF:29:F9:F3:39
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD09
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7C6BD04CD1311EF9FAF18A5762E951A.roa
Signing time: Tue 07 Jan 2025 16:24:18 +0000
ROA not before: Tue 07 Jan 2025 16:24:14 +0000
ROA not after: Mon 13 Dec 2027 16:24:14 +0000
asID: 17561
IP address blocks: 156.241.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64777 (0xfd09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:24:14 2025 GMT
Not After : Dec 13 16:24:14 2027 GMT
Subject: CN=677d5532-ff6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:66:b2:c2:c4:45:cd:63:7d:83:e8:fb:34:02:
cd:e9:0b:5b:90:86:48:c6:c9:af:e1:1d:ad:c1:39:
fa:97:ff:cd:0e:77:b0:f2:25:88:d3:94:40:d5:bd:
9b:9f:ed:93:35:5c:17:f7:36:46:75:0b:a7:30:7f:
37:c9:b1:91:f8:e2:0b:0e:44:28:35:65:45:53:8b:
50:e9:fe:fc:83:a5:bd:87:40:20:c0:75:30:a1:5a:
4f:a6:db:7c:44:e3:31:ef:c6:0e:8a:68:0f:c3:89:
0b:17:f3:ee:5e:e5:cf:d7:6c:9a:82:be:28:31:a9:
e1:22:4d:23:a9:80:b9:93:58:c3:03:b4:9b:bd:5e:
92:cf:52:ab:a2:72:94:6e:0e:e1:74:fe:94:d6:c8:
f6:e4:75:63:bf:6a:c9:10:ea:62:68:80:39:6f:70:
79:38:c0:f1:34:ce:27:4d:94:2d:4a:dc:c9:0d:92:
b0:60:23:df:55:2b:b2:15:08:15:e5:36:97:0d:19:
71:2c:13:30:f2:bb:02:3b:07:25:cd:8e:6c:f4:05:
7d:d6:cf:f7:94:79:a2:41:57:37:ac:17:a1:a9:1f:
45:d5:ac:55:1f:6c:b4:8d:1b:b1:b7:f0:f2:7d:3d:
13:71:66:7a:cd:72:d1:bf:5a:e2:19:54:f3:be:5d:
2c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AA:C6:74:2B:63:EC:49:7A:DF:9C:F4:AC:A5:B8:BF:29:F9:F3:39
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7C6BD04CD1311EF9FAF18A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.8.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:20:f4:16:05:87:49:0d:4d:f0:64:0d:2f:ff:90:24:ba:1d:
cc:0b:0d:1c:32:b5:db:8d:27:53:f2:62:08:05:b8:dd:a8:25:
78:1b:8e:3f:60:a4:8d:4e:a1:fa:da:3e:82:66:36:70:a3:7f:
b5:34:38:51:82:99:2c:7a:1d:66:c3:ef:28:fa:9c:b5:8f:5a:
21:ef:e1:52:70:13:3e:ae:18:62:37:b2:90:dd:d8:ef:7e:e2:
63:81:64:e1:f0:57:dd:84:6e:9e:8a:b0:2a:ea:4d:ba:24:df:
f1:df:51:03:4b:23:b9:47:22:f7:70:a2:ea:6c:5e:a5:0d:be:
24:ec:dc:24:19:fb:f9:fd:d1:88:7e:0f:8f:a4:fb:eb:8a:f0:
94:5a:89:eb:6b:38:4d:79:e6:20:17:1e:91:4c:7f:50:c2:a9:
14:30:84:4b:df:5d:fa:f7:fb:e0:b0:ea:4c:e4:49:82:51:f5:
a6:bf:1a:be:64:3b:fe:de:63:aa:d6:f1:55:28:e1:36:c3:08:
3e:1d:dd:86:85:f2:d6:61:a1:59:f0:2f:a1:29:df:48:b7:9c:
13:78:ce:f6:6d:d4:6f:73:17:8d:62:23:aa:7e:7e:2d:c1:de:
56:69:06:19:72:16:9b:fa:d9:b8:52:a5:da:7f:b0:12:5e:cd:
38:e1:ba:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYyNDE0WhcNMjcxMjEzMTYyNDE0WjAYMRYw
FAYDVQQDEw02NzdkNTUzMi1mZjZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoGaywsRFzWN9g+j7NALN6QtbkIZIxsmv4R2twTn6l//NDnew8iWI05RA
1b2bn+2TNVwX9zZGdQunMH83ybGR+OILDkQoNWVFU4tQ6f78g6W9h0AgwHUwoVpP
ptt8ROMx78YOimgPw4kLF/PuXuXP12yagr4oManhIk0jqYC5k1jDA7SbvV6Sz1Kr
onKUbg7hdP6U1sj25HVjv2rJEOpiaIA5b3B5OMDxNM4nTZQtStzJDZKwYCPfVSuy
FQgV5TaXDRlxLBMw8rsCOwclzY5s9AV91s/3lHmiQVc3rBehqR9F1axVH2y0jRux
t/DyfT0TcWZ6zXLRv1riGVTzvl0s4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFACq
xnQrY+xJet+c9KyluL8p+fM5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EN0M2QkQwNENEMTMxMUVGOUZBRjE4QTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEIMA0GCSqGSIb3DQEBCwUA
A4IBAQC7IPQWBYdJDU3wZA0v/5Akuh3MCw0cMrXbjSdT8mIIBbjdqCV4G44/YKSN
TqH62j6CZjZwo3+1NDhRgpkseh1mw+8o+py1j1oh7+FScBM+rhhiN7KQ3djvfuJj
gWTh8FfdhG6eirAq6k26JN/x31EDSyO5RyL3cKLqbF6lDb4k7NwkGfv5/dGIfg+P
pPvrivCUWonrazhNeeYgFx6RTH9QwqkUMIRL31369/vgsOpM5EmCUfWmvxq+ZDv+
3mOq1vFVKOE2wwg+Hd2GhfLWYaFZ8C+hKd9It5wTeM72bdRvcxeNYiOqfn4twd5W
aQYZchab+tm4UqXaf7ASXs044brz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:16 2025 by rpki-client