Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1C7F61CCC8F11EFB4E19B4E762E951A.roa
File: E1C7F61CCC8F11EFB4E19B4E762E951A.roa (raw, json)
Hash identifier: 1cc1+gRe1xbFBqGIrVPyu7dFuhh89wklpDEqsofwVx0=
Subject key identifier: B8:2A:03:13:02:2C:60:7A:16:E3:05:C9:DE:A5:97:6D:A4:F4:57:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8FF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1C7F61CCC8F11EFB4E19B4E762E951A.roa
Signing time: Tue 07 Jan 2025 00:39:41 +0000
ROA not before: Tue 07 Jan 2025 00:00:37 +0000
ROA not after: Mon 13 Dec 2027 00:00:37 +0000
asID: 17561
IP address blocks: 156.226.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63743 (0xf8ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 00:00:37 2025 GMT
Not After : Dec 13 00:00:37 2027 GMT
Subject: CN=677c77cd-b43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ae:f9:d5:b3:34:b9:0a:ad:e6:99:38:c7:8d:
14:8b:51:ca:92:3d:f3:a3:fd:00:36:df:ee:c9:04:
c9:ae:c3:62:e4:54:0f:a7:ba:6e:db:9b:64:57:82:
3e:fa:9c:77:a5:08:c0:f1:b3:0f:25:17:2e:c4:b6:
16:33:16:e0:f4:f1:4f:6c:f5:96:ea:db:e8:e3:8c:
bc:fa:fb:63:01:43:48:fa:25:44:78:3d:ab:37:0f:
83:4a:ca:e0:96:b1:fe:63:0f:a7:93:87:64:83:ac:
89:e7:98:ad:18:a7:8a:c4:7c:eb:59:dd:7d:a3:a7:
c5:51:91:9d:ed:90:7c:60:7a:f6:b5:b3:57:09:8e:
04:e9:a4:4d:80:fa:56:b5:40:86:bb:4e:cf:40:cb:
ca:92:65:29:c0:b8:b4:29:13:c4:7e:e0:a5:aa:fd:
bd:42:95:86:11:9e:80:2a:25:15:a7:3c:c5:6a:c1:
2f:90:bf:53:80:a8:f1:e5:48:c4:d0:1e:80:36:2e:
5d:33:e1:aa:2e:ef:4c:c3:5b:82:e9:82:bf:0c:10:
63:0f:9c:25:2f:1d:bd:4c:77:e8:e7:0a:0c:1e:89:
53:ea:cf:0b:43:49:6d:d2:f5:15:20:03:76:07:38:
b7:c1:51:da:28:6f:50:03:a4:2a:72:ae:ae:29:9e:
c0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:2A:03:13:02:2C:60:7A:16:E3:05:C9:DE:A5:97:6D:A4:F4:57:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1C7F61CCC8F11EFB4E19B4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.246.0/24
Signature Algorithm: sha256WithRSAEncryption
75:73:2e:0b:44:58:fd:08:65:2f:21:bd:16:9f:0e:c6:0c:af:
55:fd:0f:11:5e:b2:4b:7a:b0:12:40:32:8b:24:0a:16:45:89:
48:81:b8:9f:ca:c2:a0:0d:9a:fc:97:82:f9:f8:c6:18:a8:72:
42:34:fc:39:7a:24:ab:b1:b1:d2:50:16:bd:31:fd:21:87:57:
1c:d4:4e:93:93:20:44:54:fb:e0:ae:77:5d:08:e8:d3:41:53:
04:5e:86:29:5d:81:d6:2c:7b:ae:f9:cb:40:1e:45:5c:8d:ba:
f3:1a:37:9d:aa:9a:36:68:f5:0f:75:4d:84:c7:d0:14:24:b7:
d0:32:6b:3a:97:d6:92:b3:8e:a1:dc:45:30:46:56:5c:67:c6:
0d:5d:55:7c:08:0b:82:0e:46:0a:3a:15:35:cc:c8:19:2a:2c:
56:6e:59:9f:65:bf:48:ee:2a:e1:82:ce:5e:76:52:dd:a0:c2:
98:36:79:32:82:ea:60:74:b5:3a:cb:bb:cf:01:a7:8a:12:1d:
1d:ec:80:52:1a:c4:cd:38:db:07:38:79:5b:18:78:dc:1c:90:
ab:29:43:13:93:b3:5c:3f:fa:1c:1f:31:7c:4d:a3:b9:ee:5c:
0a:54:03:38:39:30:b5:4f:4e:48:12:d7:22:c9:74:aa:09:fb:
dc:48:88:45
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPj/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDAwMDM3WhcNMjcxMjEzMDAwMDM3WjAYMRYw
FAYDVQQDEw02NzdjNzdjZC1iNDNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzq751bM0uQqt5pk4x40Ui1HKkj3zo/0ANt/uyQTJrsNi5FQPp7pu25tk
V4I++px3pQjA8bMPJRcuxLYWMxbg9PFPbPWW6tvo44y8+vtjAUNI+iVEeD2rNw+D
SsrglrH+Yw+nk4dkg6yJ55itGKeKxHzrWd19o6fFUZGd7ZB8YHr2tbNXCY4E6aRN
gPpWtUCGu07PQMvKkmUpwLi0KRPEfuClqv29QpWGEZ6AKiUVpzzFasEvkL9TgKjx
5UjE0B6ANi5dM+GqLu9Mw1uC6YK/DBBjD5wlLx29THfo5woMHolT6s8LQ0lt0vUV
IAN2Bzi3wVHaKG9QA6Qqcq6uKZ7AowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLgq
AxMCLGB6FuMFyd6ll22k9Fe/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMUM3RjYxQ0NDOEYxMUVGQjRFMTlCNEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOL2MA0GCSqGSIb3DQEBCwUA
A4IBAQB1cy4LRFj9CGUvIb0Wnw7GDK9V/Q8RXrJLerASQDKLJAoWRYlIgbifysKg
DZr8l4L5+MYYqHJCNPw5eiSrsbHSUBa9Mf0hh1cc1E6TkyBEVPvgrnddCOjTQVME
XoYpXYHWLHuu+ctAHkVcjbrzGjedqpo2aPUPdU2Ex9AUJLfQMms6l9aSs46h3EUw
RlZcZ8YNXVV8CAuCDkYKOhU1zMgZKixWblmfZb9I7irhgs5edlLdoMKYNnkygupg
dLU6y7vPAaeKEh0d7IBSGsTNONsHOHlbGHjcHJCrKUMTk7NcP/ocHzF8TaO57lwK
VAM4OTC1T05IEtciyXSqCfvcSIhF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:23 2025 by rpki-client