Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E084D2A0CCD211EF9E8FB28C762E951A.roa
File: E084D2A0CCD211EF9E8FB28C762E951A.roa (raw, json)
Hash identifier: p08s+hCw/gUrGHoZ//7HKZFOMnJHIRBeyOQcz77zxOU=
Subject key identifier: 59:BA:28:8B:D0:AB:01:1F:F5:5F:6F:62:30:3D:F0:95:29:28:13:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAE4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E084D2A0CCD211EF9E8FB28C762E951A.roa
Signing time: Tue 07 Jan 2025 08:39:15 +0000
ROA not before: Tue 07 Jan 2025 08:39:12 +0000
ROA not after: Mon 13 Dec 2027 08:39:12 +0000
asID: 17561
IP address blocks: 156.233.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64228 (0xfae4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:39:12 2025 GMT
Not After : Dec 13 08:39:12 2027 GMT
Subject: CN=677ce833-6e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:4e:73:7e:fc:8e:3c:69:85:c5:ae:30:0d:00:
d4:6d:d9:e6:d2:e9:7e:0c:39:f4:c3:4d:74:4e:97:
14:d1:59:24:c6:81:1f:5f:c2:7f:79:6b:70:36:7f:
a4:b9:88:19:55:4d:ff:92:9c:16:ad:99:eb:82:6a:
41:bc:1e:01:25:42:e1:07:90:8b:5f:9c:80:38:99:
a9:52:c5:09:59:cb:68:ed:7f:25:2f:f8:7d:14:0c:
86:ca:5f:e6:4d:ad:2c:35:ca:ce:65:77:c2:e5:85:
1d:98:54:50:e8:b3:d8:25:f2:66:5a:f5:85:7e:30:
d8:8e:c6:47:c0:db:35:75:88:94:3d:f0:e8:58:bd:
4a:4a:94:eb:f4:90:fd:fc:73:ea:52:d9:84:0f:34:
a5:84:07:ec:e6:0d:1e:f9:a1:f7:38:5f:96:fe:50:
37:43:01:17:8e:bd:f5:05:92:ab:4a:5b:09:a2:30:
c1:78:f6:4a:c4:02:a2:3b:e0:66:ec:0f:8c:bf:bb:
33:18:e9:00:87:f4:d4:b0:ea:21:55:a8:15:4a:22:
82:b6:de:a1:42:c3:f6:2e:51:3b:04:90:a0:82:fe:
28:b1:bd:a8:63:13:0c:96:c1:3d:7b:f6:92:56:d7:
71:a5:ed:82:a4:72:4e:4e:d0:d9:7c:60:27:2a:89:
dc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BA:28:8B:D0:AB:01:1F:F5:5F:6F:62:30:3D:F0:95:29:28:13:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E084D2A0CCD211EF9E8FB28C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.161.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:8b:8e:1d:0b:12:ee:df:1a:26:dc:44:63:ae:81:db:96:b5:
c5:33:e0:24:5a:4b:f3:d2:95:99:67:1f:2e:f6:a4:aa:ae:b1:
f6:c0:e5:d4:cd:63:56:7f:c0:0e:30:1d:f5:4f:b1:6f:f1:e0:
69:65:df:d5:29:67:e8:bb:fe:2f:a9:04:2f:4b:79:65:c0:0f:
b4:72:b9:60:eb:ba:8d:21:69:6c:25:94:fe:a2:b1:31:f9:f9:
c2:8d:66:c3:ac:26:bc:07:e8:b9:35:fc:49:4a:e9:45:cd:0b:
3b:d4:df:42:d6:1e:23:ce:3b:22:a3:90:68:27:39:f2:3c:39:
c2:ac:b7:b0:2b:4e:81:11:11:c7:8c:30:f2:d4:1f:26:fb:98:
ae:8a:0b:60:f0:40:99:3a:6c:b5:4c:57:c3:94:68:a1:09:ff:
aa:63:90:be:9f:a4:26:ae:9b:3b:92:f4:2d:b6:18:bc:2d:20:
ed:9e:7c:23:46:f4:29:03:61:cc:b0:83:41:bb:cd:8b:7a:60:
7d:24:96:30:d9:16:a8:db:9c:4c:84:91:65:0b:64:59:d2:8c:
21:14:ea:a5:42:a5:4f:45:ba:a0:2f:9d:cb:3b:a1:a2:e6:99:
19:ff:d8:da:32:ae:e3:05:92:b9:81:dd:65:40:3f:21:3f:63:
b5:b7:1a:49
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPrkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgzOTEyWhcNMjcxMjEzMDgzOTEyWjAYMRYw
FAYDVQQDEw02NzdjZTgzMy02ZTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9E5zfvyOPGmFxa4wDQDUbdnm0ul+DDn0w010TpcU0VkkxoEfX8J/eWtw
Nn+kuYgZVU3/kpwWrZnrgmpBvB4BJULhB5CLX5yAOJmpUsUJWcto7X8lL/h9FAyG
yl/mTa0sNcrOZXfC5YUdmFRQ6LPYJfJmWvWFfjDYjsZHwNs1dYiUPfDoWL1KSpTr
9JD9/HPqUtmEDzSlhAfs5g0e+aH3OF+W/lA3QwEXjr31BZKrSlsJojDBePZKxAKi
O+Bm7A+Mv7szGOkAh/TUsOohVagVSiKCtt6hQsP2LlE7BJCggv4osb2oYxMMlsE9
e/aSVtdxpe2CpHJOTtDZfGAnKoncQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFm6
KIvQqwEf9V9vYjA98JUpKBOMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMDg0RDJBMENDRDIxMUVGOUU4RkIyOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmhMA0GCSqGSIb3DQEBCwUA
A4IBAQB+i44dCxLu3xom3ERjroHblrXFM+AkWkvz0pWZZx8u9qSqrrH2wOXUzWNW
f8AOMB31T7Fv8eBpZd/VKWfou/4vqQQvS3llwA+0crlg67qNIWlsJZT+orEx+fnC
jWbDrCa8B+i5NfxJSulFzQs71N9C1h4jzjsio5BoJznyPDnCrLewK06BERHHjDDy
1B8m+5iuigtg8ECZOmy1TFfDlGihCf+qY5C+n6Qmrps7kvQtthi8LSDtnnwjRvQp
A2HMsINBu82LemB9JJYw2Rao25xMhJFlC2RZ0owhFOqlQqVPRbqgL53LO6Gi5pkZ
/9jaMq7jBZK5gd1lQD8hP2O1txpJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:42 2025 by rpki-client