Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3DF5924CCC411EF905BC2B2762E951A.roa
File: E3DF5924CCC411EF905BC2B2762E951A.roa (raw, json)
Hash identifier: Fv+atEykKo2ea5HY3siuUZbHP32CE+wKaF41g2pR98Y=
Subject key identifier: 22:D2:5E:A0:34:B9:E1:3A:92:65:58:E7:96:08:A5:55:EB:67:98:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA4E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3DF5924CCC411EF905BC2B2762E951A.roa
Signing time: Tue 07 Jan 2025 06:59:08 +0000
ROA not before: Tue 07 Jan 2025 06:59:04 +0000
ROA not after: Mon 13 Dec 2027 06:59:04 +0000
asID: 17561
IP address blocks: 156.233.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64078 (0xfa4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 06:59:04 2025 GMT
Not After : Dec 13 06:59:04 2027 GMT
Subject: CN=677cd0bc-2be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:76:ab:28:54:7f:27:63:0a:28:c3:e5:43:
55:34:b8:be:3f:6b:81:68:fa:68:98:ea:4e:a5:86:
c7:6c:23:3a:dd:92:1c:51:84:9b:4e:06:60:38:06:
55:ed:91:26:02:f9:24:be:23:a1:75:ab:4c:bb:d8:
0b:5e:7b:87:58:fc:2c:61:d4:da:c9:8f:0c:a9:2e:
5b:40:a2:67:b2:0b:c0:94:0d:30:4a:b9:74:44:97:
98:42:60:59:aa:91:92:f5:df:a8:56:1c:fe:81:c8:
ca:fe:77:61:7c:d2:e0:92:2e:65:0d:6a:39:02:4f:
ce:3c:e1:fd:0c:d3:0a:f0:2c:11:49:b7:08:a2:c2:
f5:96:75:a8:9f:39:2f:99:a6:08:08:e6:0e:e6:1e:
46:24:6e:11:27:44:ec:ba:1f:1f:ff:1b:af:e9:48:
b4:98:5d:74:2e:fa:a8:ea:a9:69:5f:4a:97:d0:0e:
e1:09:e9:9b:8c:b9:28:3d:57:24:9c:19:75:62:65:
2f:51:fd:82:23:fa:b1:4a:4b:d8:fc:6d:b3:1c:e0:
2d:0a:04:a6:7f:e7:51:90:8a:68:a1:1c:e3:ad:72:
64:23:48:46:09:83:d0:bd:cf:c5:a3:d5:26:0e:7a:
a7:fc:c4:5a:b8:24:f7:25:a7:08:4f:6e:57:5d:cc:
97:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D2:5E:A0:34:B9:E1:3A:92:65:58:E7:96:08:A5:55:EB:67:98:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3DF5924CCC411EF905BC2B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.59.0/24
Signature Algorithm: sha256WithRSAEncryption
61:03:5e:5a:30:72:16:2a:4f:08:32:66:df:c9:98:3c:b3:7f:
f5:ca:10:3e:2f:a1:ed:a9:b1:24:6d:19:3e:2f:63:d5:01:73:
51:4c:6b:c1:d2:da:91:07:9d:e9:63:5e:79:a7:ea:46:46:21:
fa:4c:60:17:d8:cb:62:28:be:36:e2:7a:bd:62:df:97:63:7c:
d3:dc:f6:fb:38:6c:3c:4a:b2:25:ec:2b:22:20:77:2b:81:57:
d1:77:1c:a8:d1:da:be:35:e1:14:87:3f:aa:e5:66:e3:95:dc:
a4:69:e4:ed:90:90:61:6b:21:ab:f4:78:20:98:d7:66:f7:f8:
73:86:1a:ed:e5:f0:c0:fd:99:27:4b:1d:6b:c5:6a:16:59:57:
37:0e:d1:21:a3:e8:20:6f:30:e0:c1:e4:d2:e0:5c:c7:a2:41:
65:57:05:6d:31:d2:49:3b:30:f2:4e:27:39:b8:ff:12:19:f4:
b4:1d:ca:6a:89:bf:86:e7:57:32:3f:e1:ae:45:4e:55:08:64:
47:74:9a:99:01:f7:4f:19:1e:e6:e3:08:8f:17:fe:1f:09:2e:
33:c8:0c:5c:98:1d:2a:99:cf:7b:33:d0:c0:89:2d:c0:e5:c6:
8a:46:a3:2f:0c:07:6a:9a:ad:76:fa:ce:bf:25:8a:f5:42:8e:
07:6a:5f:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPpOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDY1OTA0WhcNMjcxMjEzMDY1OTA0WjAYMRYw
FAYDVQQDEw02NzdjZDBiYy0yYmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr8t2qyhUfydjCijD5UNVNLi+P2uBaPpomOpOpYbHbCM63ZIcUYSbTgZg
OAZV7ZEmAvkkviOhdatMu9gLXnuHWPwsYdTayY8MqS5bQKJnsgvAlA0wSrl0RJeY
QmBZqpGS9d+oVhz+gcjK/ndhfNLgki5lDWo5Ak/OPOH9DNMK8CwRSbcIosL1lnWo
nzkvmaYICOYO5h5GJG4RJ0Tsuh8f/xuv6Ui0mF10Lvqo6qlpX0qX0A7hCembjLko
PVcknBl1YmUvUf2CI/qxSkvY/G2zHOAtCgSmf+dRkIpooRzjrXJkI0hGCYPQvc/F
o9UmDnqn/MRauCT3JacIT25XXcyXtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCLS
XqA0ueE6kmVY55YIpVXrZ5jfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FM0RGNTkyNENDQzQxMUVGOTA1QkMyQjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk7MA0GCSqGSIb3DQEBCwUA
A4IBAQBhA15aMHIWKk8IMmbfyZg8s3/1yhA+L6HtqbEkbRk+L2PVAXNRTGvB0tqR
B53pY155p+pGRiH6TGAX2MtiKL424nq9Yt+XY3zT3Pb7OGw8SrIl7CsiIHcrgVfR
dxyo0dq+NeEUhz+q5WbjldykaeTtkJBhayGr9HggmNdm9/hzhhrt5fDA/ZknSx1r
xWoWWVc3DtEho+ggbzDgweTS4FzHokFlVwVtMdJJOzDyTic5uP8SGfS0Hcpqib+G
51cyP+GuRU5VCGRHdJqZAfdPGR7m4wiPF/4fCS4zyAxcmB0qmc97M9DAiS3A5caK
RqMvDAdqmq12+s6/JYr1Qo4Hal/C
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:21 2025 by rpki-client