Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E16F1B8ECCB011EFAB6664B6762E951A.roa
File: E16F1B8ECCB011EFAB6664B6762E951A.roa (raw, json)
Hash identifier: 2iLPtN805okPLIlleJXZ3cy8jQhTh/pg+LRBV8zGmVU=
Subject key identifier: 32:3E:0B:39:1C:28:AE:9B:32:69:B9:F2:F2:34:21:60:1D:8C:F5:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9F8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E16F1B8ECCB011EFAB6664B6762E951A.roa
Signing time: Tue 07 Jan 2025 04:35:54 +0000
ROA not before: Tue 07 Jan 2025 04:35:50 +0000
ROA not after: Mon 13 Dec 2027 04:35:50 +0000
asID: 17561
IP address blocks: 156.232.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63992 (0xf9f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:35:50 2025 GMT
Not After : Dec 13 04:35:50 2027 GMT
Subject: CN=677caf2a-93de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2d:5a:7c:dd:4a:9b:9e:a4:01:78:d1:15:da:
ed:95:b3:c2:3c:10:56:d7:83:41:d8:ee:83:31:ae:
31:ec:a7:22:98:02:30:75:53:21:fe:7e:da:ad:fa:
ad:68:71:5c:80:9e:8b:c9:21:c8:26:74:6e:6b:8d:
87:b4:ac:8d:4a:3f:89:7f:a8:c7:94:10:8c:40:8d:
88:e1:1c:17:9c:0e:04:29:0f:b5:29:7e:55:ee:60:
ee:70:36:e2:ca:df:97:f0:d1:8b:5a:3f:e6:99:ac:
5a:79:6a:f3:b5:b9:bb:4e:df:43:d4:a2:f4:0c:85:
8b:1a:a9:91:73:f1:b0:d3:8f:87:cc:74:86:1b:76:
0a:44:0f:f9:bb:c5:8e:fb:60:fd:af:81:19:e6:c0:
1a:49:0b:8b:7f:67:37:7f:6e:88:52:b9:41:0d:d2:
a0:41:14:c1:35:9f:ce:e0:ff:23:b8:55:80:2d:b9:
86:19:80:3e:46:c5:17:7d:1f:05:3a:5a:3e:12:eb:
6f:89:8b:cd:bd:16:0c:ae:09:d1:8c:61:4d:ae:0c:
5d:29:48:96:4a:1e:a2:4e:97:c0:d0:5a:19:78:30:
dc:d8:7c:2f:3e:66:8f:b7:b2:51:3b:f8:c1:7b:56:
2c:8d:1d:29:81:3a:de:b1:c5:eb:9f:58:e8:a4:6e:
38:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:3E:0B:39:1C:28:AE:9B:32:69:B9:F2:F2:34:21:60:1D:8C:F5:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E16F1B8ECCB011EFAB6664B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.79.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:8c:51:45:98:e1:e7:c2:6b:54:b8:59:71:68:60:f6:99:b6:
33:07:43:49:b6:4b:4e:87:2c:dc:52:2d:92:40:9b:30:99:14:
0b:0b:b0:22:08:27:80:b8:23:e9:8f:1c:b6:47:3b:35:8e:2b:
2c:3c:82:fc:ec:23:3c:ba:cb:13:18:66:1f:75:f4:67:bd:da:
40:6c:a2:1e:0c:1b:d7:e8:4e:e5:26:48:f5:73:cd:3f:b9:a2:
bd:8d:17:03:68:07:69:65:a4:ef:4c:4f:a2:e1:fa:f0:ef:92:
61:ab:1e:c1:40:93:ac:4a:03:32:e9:68:04:e2:0e:59:8c:a9:
a5:02:ac:57:30:f9:65:76:3e:9b:99:2b:76:f2:49:85:ed:87:
14:93:d9:e1:2e:45:91:eb:a2:30:c2:d2:d6:22:91:90:26:e9:
21:9b:57:b5:d6:f0:81:b6:c5:d7:95:ad:21:98:7e:60:ad:65:
78:69:e8:dd:4a:79:6c:43:d2:3c:38:57:af:63:46:d2:67:4c:
09:a9:46:10:9c:bc:02:9d:6a:26:0c:61:61:a5:e1:0d:e5:21:
46:c0:1b:e3:c3:5b:82:df:53:14:54:e3:dc:fb:09:e9:f4:51:
b4:41:d3:49:30:1f:eb:18:28:9a:26:73:d6:0f:3e:3b:25:68:
b9:7a:c2:07
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPn4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQzNTUwWhcNMjcxMjEzMDQzNTUwWjAYMRYw
FAYDVQQDEw02NzdjYWYyYS05M2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAui1afN1Km56kAXjRFdrtlbPCPBBW14NB2O6DMa4x7KcimAIwdVMh/n7a
rfqtaHFcgJ6LySHIJnRua42HtKyNSj+Jf6jHlBCMQI2I4RwXnA4EKQ+1KX5V7mDu
cDbiyt+X8NGLWj/mmaxaeWrztbm7Tt9D1KL0DIWLGqmRc/Gw04+HzHSGG3YKRA/5
u8WO+2D9r4EZ5sAaSQuLf2c3f26IUrlBDdKgQRTBNZ/O4P8juFWALbmGGYA+RsUX
fR8FOlo+EutviYvNvRYMrgnRjGFNrgxdKUiWSh6iTpfA0FoZeDDc2HwvPmaPt7JR
O/jBe1YsjR0pgTrescXrn1jopG44pQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDI+
CzkcKK6bMmm58vI0IWAdjPXTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMTZGMUI4RUNDQjAxMUVGQUI2NjY0QjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhPMA0GCSqGSIb3DQEBCwUA
A4IBAQAvjFFFmOHnwmtUuFlxaGD2mbYzB0NJtktOhyzcUi2SQJswmRQLC7AiCCeA
uCPpjxy2Rzs1jissPIL87CM8ussTGGYfdfRnvdpAbKIeDBvX6E7lJkj1c80/uaK9
jRcDaAdpZaTvTE+i4frw75Jhqx7BQJOsSgMy6WgE4g5ZjKmlAqxXMPlldj6bmSt2
8kmF7YcUk9nhLkWR66IwwtLWIpGQJukhm1e11vCBtsXXla0hmH5grWV4aejdSnls
Q9I8OFevY0bSZ0wJqUYQnLwCnWomDGFhpeEN5SFGwBvjw1uC31MUVOPc+wnp9FG0
QdNJMB/rGCiaJnPWDz47JWi5esIH
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:52 2025 by rpki-client