Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E0681E62CE3511EFB408346E762E951A.roa
File: E0681E62CE3511EFB408346E762E951A.roa (raw, json)
Hash identifier: IoSA8Hm1FeQKKZRaAz4BRhcbyiFLsPgCYVykFC80eqo=
Subject key identifier: 53:2A:6E:C6:19:FE:91:87:29:F1:2E:59:07:FF:FD:BE:C8:54:0E:32
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01021F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E0681E62CE3511EFB408346E762E951A.roa
Signing time: Thu 09 Jan 2025 03:00:26 +0000
ROA not before: Thu 09 Jan 2025 03:00:23 +0000
ROA not after: Fri 09 Jan 2026 03:00:23 +0000
asID: 17561
IP address blocks: 156.247.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66079 (0x1021f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 03:00:23 2025 GMT
Not After : Jan 9 03:00:23 2026 GMT
Subject: CN=677f3bca-02a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:39:04:f4:70:a2:53:69:ff:26:05:17:c3:da:
0e:39:c0:c8:24:2b:c5:a0:f0:ca:a4:5b:73:6e:81:
44:c6:54:9b:80:1f:49:8c:51:b0:1a:e5:de:d7:1a:
db:8f:bd:87:64:66:8a:72:44:e9:bb:80:f4:c5:6b:
f8:a0:48:a6:f6:1a:c4:62:f6:86:cf:1b:83:ab:20:
2b:c9:e4:6d:22:4d:3f:3a:88:f1:cc:ef:34:95:6b:
2f:ce:eb:aa:9c:34:7c:f9:f8:0f:5b:4b:e8:0c:56:
da:09:e4:c2:8b:c9:97:b1:7c:e5:41:8a:22:c4:50:
80:c2:ae:2d:27:6f:21:67:38:6e:31:43:87:33:21:
e9:53:16:d0:03:4e:0e:9d:f5:49:3b:7d:91:85:df:
9a:e1:e8:57:e3:ce:70:ee:95:11:26:9b:33:57:92:
4a:a7:b5:ef:15:5f:07:db:a9:b3:cf:e4:55:1f:11:
e9:73:fc:41:da:c2:39:e5:9d:85:8e:2d:02:0b:c6:
0d:47:38:e7:e3:f6:39:34:29:68:ff:97:fd:ce:08:
6a:aa:b6:25:8d:a1:92:df:05:81:2a:01:4b:db:fc:
ae:f7:1c:cf:00:7f:f1:fe:3e:5a:47:e1:ff:7a:90:
66:90:c5:b6:2d:9c:14:bd:bb:b0:98:74:4f:65:37:
e5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:2A:6E:C6:19:FE:91:87:29:F1:2E:59:07:FF:FD:BE:C8:54:0E:32
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E0681E62CE3511EFB408346E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.35.0/24
Signature Algorithm: sha256WithRSAEncryption
71:65:70:07:83:45:0d:61:28:ef:b2:40:6c:5a:61:58:6c:0b:
30:28:be:d1:d7:d3:b8:12:05:da:41:bb:71:4b:14:1f:01:a3:
38:bc:df:41:a0:5b:ba:61:b9:05:f6:83:33:b3:5f:fc:54:94:
06:f0:c8:d4:68:22:d8:fc:af:82:3b:8a:cb:3d:67:b2:30:49:
98:eb:46:cb:1c:26:44:67:e4:5d:99:87:78:8d:8c:76:ac:0d:
86:c1:4d:9c:27:fb:cf:7f:db:5f:84:0c:6c:ed:8f:b3:4a:c8:
a0:f1:10:08:36:4f:46:fe:72:97:98:15:c0:04:23:20:74:1f:
11:3d:f5:61:b4:9f:21:08:14:2c:a8:d5:63:12:cb:ab:86:68:
94:57:99:72:33:89:61:0c:0e:6b:eb:b9:24:13:73:d7:98:56:
e2:0b:15:4c:ba:1d:6c:4f:45:49:48:89:9e:35:59:4b:6a:3a:
e0:99:8b:52:54:ef:fa:5b:d9:11:f6:ae:d8:1f:a7:d7:ef:af:
38:9e:88:4a:13:45:92:bc:8a:08:d5:40:2a:e4:05:96:f7:17:
24:0d:04:f9:e4:69:94:d1:16:77:53:cc:67:e7:1b:1b:8b:4e:
b9:f5:78:b8:74:08:96:53:0f:bb:24:c8:21:9e:2c:19:a3:ed:
ba:92:78:71
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQIfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDMwMDIzWhcNMjYwMTA5MDMwMDIzWjAYMRYw
FAYDVQQDEw02NzdmM2JjYS0wMmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxTkE9HCiU2n/JgUXw9oOOcDIJCvFoPDKpFtzboFExlSbgB9JjFGwGuXe
1xrbj72HZGaKckTpu4D0xWv4oEim9hrEYvaGzxuDqyAryeRtIk0/OojxzO80lWsv
zuuqnDR8+fgPW0voDFbaCeTCi8mXsXzlQYoixFCAwq4tJ28hZzhuMUOHMyHpUxbQ
A04OnfVJO32Rhd+a4ehX485w7pURJpszV5JKp7XvFV8H26mzz+RVHxHpc/xB2sI5
5Z2Fji0CC8YNRzjn4/Y5NClo/5f9zghqqrYljaGS3wWBKgFL2/yu9xzPAH/x/j5a
R+H/epBmkMW2LZwUvbuwmHRPZTflKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFMq
bsYZ/pGHKfEuWQf//b7IVA4yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMDY4MUU2MkNFMzUxMUVGQjQwODM0NkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcjMA0GCSqGSIb3DQEBCwUA
A4IBAQBxZXAHg0UNYSjvskBsWmFYbAswKL7R19O4EgXaQbtxSxQfAaM4vN9BoFu6
YbkF9oMzs1/8VJQG8MjUaCLY/K+CO4rLPWeyMEmY60bLHCZEZ+RdmYd4jYx2rA2G
wU2cJ/vPf9tfhAxs7Y+zSsig8RAINk9G/nKXmBXABCMgdB8RPfVhtJ8hCBQsqNVj
EsurhmiUV5lyM4lhDA5r67kkE3PXmFbiCxVMuh1sT0VJSImeNVlLajrgmYtSVO/6
W9kR9q7YH6fX7684nohKE0WSvIoI1UAq5AWW9xckDQT55GmU0RZ3U8xn5xsbi065
9Xi4dAiWUw+7JMghniwZo+26knhx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:47 2025 by rpki-client