Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E2F028B8C96D11EFA0FCE970762E951A.roa
File: E2F028B8C96D11EFA0FCE970762E951A.roa (raw, json)
Hash identifier: clU1uxXgM7528oG0Ll6Rs5KUfacl28XjElm749rBzEE=
Subject key identifier: 76:FE:1F:30:F8:48:13:01:AE:E7:69:FE:2A:C7:F7:2E:EC:63:DC:B6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F496
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E2F028B8C96D11EFA0FCE970762E951A.roa
Signing time: Fri 03 Jan 2025 00:58:47 +0000
ROA not before: Fri 03 Jan 2025 00:00:43 +0000
ROA not after: Mon 13 Dec 2027 00:00:43 +0000
asID: 17561
IP address blocks: 156.226.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62614 (0xf496)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 00:00:43 2025 GMT
Not After : Dec 13 00:00:43 2027 GMT
Subject: CN=67773647-4c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b1:d8:15:4b:01:3c:bc:9a:ab:ad:3b:68:c1:
0d:96:ba:2a:c6:8b:48:10:c4:2b:7c:00:43:18:73:
97:b8:e9:06:ab:9a:ad:c5:a9:27:3c:aa:4f:3c:8c:
37:ec:65:87:28:04:37:fa:ac:0c:48:c3:26:8b:59:
f7:9d:1a:42:8f:3f:55:52:9c:6c:2b:b0:6c:2e:dd:
b3:d7:ec:d8:63:4f:96:cf:c8:17:aa:dd:31:cb:83:
28:ab:2c:45:0f:40:37:d3:5b:de:45:44:b6:2d:e1:
2c:50:78:87:8c:fc:52:47:64:79:50:ce:99:f0:bf:
9f:3c:2c:65:a2:73:58:03:a7:a4:ba:59:94:ee:ed:
32:e3:76:eb:a6:e4:53:ce:d6:53:b7:bc:8b:9b:1a:
45:7c:14:2b:a0:53:2e:c3:3e:3a:58:66:3a:95:60:
65:f9:b8:3e:e8:01:20:47:f8:e0:ef:a9:07:ba:a3:
ee:76:5d:59:bb:f9:0e:71:10:0a:d5:31:ae:20:a9:
7a:44:70:45:46:15:a7:ba:b1:c7:8d:37:12:03:14:
f7:6e:74:78:42:4b:da:fc:8d:e4:c0:48:e7:28:33:
d2:4e:c2:c1:a8:c4:3c:06:95:68:17:82:b0:08:51:
52:51:6a:86:56:84:93:21:7e:4a:01:27:26:97:e6:
03:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:FE:1F:30:F8:48:13:01:AE:E7:69:FE:2A:C7:F7:2E:EC:63:DC:B6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E2F028B8C96D11EFA0FCE970762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.255.0/24
Signature Algorithm: sha256WithRSAEncryption
10:06:fe:0d:7c:6f:4f:0f:33:d4:8e:a1:fd:8c:9d:76:88:db:
e2:61:ba:2e:3a:f3:82:7d:8d:86:97:53:3e:16:f1:45:6d:ba:
8b:29:15:f9:a5:a5:e2:a8:69:0b:44:f2:de:5d:fe:77:f8:c6:
32:bf:d4:27:c4:a8:aa:cf:97:8a:57:22:6b:09:55:3d:54:55:
a6:b7:10:36:6a:c0:1f:e3:99:80:41:fc:28:a8:9c:32:8c:73:
a6:1e:63:47:aa:71:69:82:da:4a:c1:8e:ab:d6:22:11:c2:89:
59:2b:45:0c:aa:b3:61:81:37:54:ba:a0:a6:7c:b3:56:3a:e4:
81:b0:77:d8:f5:ab:7b:d5:87:b6:43:8e:42:92:a4:2e:1d:8b:
25:63:c2:40:05:17:a4:72:32:bc:15:64:1b:09:97:1a:47:6e:
c4:50:62:66:c2:33:0e:ae:c2:b0:92:ef:92:bc:c2:b1:21:83:
c2:88:88:87:c1:fb:56:01:d8:3d:8c:54:df:55:31:ff:45:8c:
a9:a3:4e:de:64:cf:bc:ee:ce:05:a3:51:13:c0:1a:d7:fa:01:
ba:e1:e4:e4:21:b8:85:49:84:89:bf:e6:46:e2:c8:19:c0:83:
71:cc:4c:c2:a7:0d:c1:59:af:6c:f9:c4:00:e2:43:c2:f1:b1:
49:ba:ff:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPSWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDAwMDQzWhcNMjcxMjEzMDAwMDQzWjAYMRYw
FAYDVQQDEw02Nzc3MzY0Ny00Yzc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1bHYFUsBPLyaq607aMENlroqxotIEMQrfABDGHOXuOkGq5qtxaknPKpP
PIw37GWHKAQ3+qwMSMMmi1n3nRpCjz9VUpxsK7BsLt2z1+zYY0+Wz8gXqt0xy4Mo
qyxFD0A301veRUS2LeEsUHiHjPxSR2R5UM6Z8L+fPCxlonNYA6ekulmU7u0y43br
puRTztZTt7yLmxpFfBQroFMuwz46WGY6lWBl+bg+6AEgR/jg76kHuqPudl1Zu/kO
cRAK1TGuIKl6RHBFRhWnurHHjTcSAxT3bnR4Qkva/I3kwEjnKDPSTsLBqMQ8BpVo
F4KwCFFSUWqGVoSTIX5KAScml+YDIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHb+
HzD4SBMBrudp/irH9y7sY9y2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMkYwMjhCOEM5NkQxMUVGQTBGQ0U5NzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOL/MA0GCSqGSIb3DQEBCwUA
A4IBAQAQBv4NfG9PDzPUjqH9jJ12iNviYbouOvOCfY2Gl1M+FvFFbbqLKRX5paXi
qGkLRPLeXf53+MYyv9QnxKiqz5eKVyJrCVU9VFWmtxA2asAf45mAQfwoqJwyjHOm
HmNHqnFpgtpKwY6r1iIRwolZK0UMqrNhgTdUuqCmfLNWOuSBsHfY9at71Ye2Q45C
kqQuHYslY8JABRekcjK8FWQbCZcaR27EUGJmwjMOrsKwku+SvMKxIYPCiIiHwftW
Adg9jFTfVTH/RYypo07eZM+87s4Fo1ETwBrX+gG64eTkIbiFSYSJv+ZG4sgZwINx
zEzCpw3BWa9s+cQA4kPC8bFJuv9c
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:22 2025 by rpki-client