Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E77FA76ACCDC11EF86F7764D762E951A.roa
File: E77FA76ACCDC11EF86F7764D762E951A.roa (raw, json)
Hash identifier: j/viqQiygiYm3yrz0A3qL1OeCFU2J2hGMA9mrDliKp8=
Subject key identifier: 63:03:01:61:41:7C:05:AF:25:4D:B2:EA:92:BD:CE:61:88:44:64:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB77
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E77FA76ACCDC11EF86F7764D762E951A.roa
Signing time: Tue 07 Jan 2025 09:51:02 +0000
ROA not before: Tue 07 Jan 2025 09:50:58 +0000
ROA not after: Mon 13 Dec 2027 09:50:58 +0000
asID: 17561
IP address blocks: 156.233.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64375 (0xfb77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:50:58 2025 GMT
Not After : Dec 13 09:50:58 2027 GMT
Subject: CN=677cf906-1463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:59:e9:c7:72:fd:ce:8c:3f:11:d9:d9:12:3c:
8f:a4:15:f3:55:8b:2a:65:ca:ee:c6:4e:2c:88:8c:
5e:a5:87:a9:83:cf:b9:2a:e1:ff:90:de:cc:ef:b5:
51:11:d3:66:25:c3:c5:41:e4:ec:c5:43:47:78:62:
9a:de:9e:4d:3c:97:84:c8:bb:d0:9e:00:36:12:16:
13:3c:8b:13:75:f4:33:b3:34:71:0d:ef:bf:3c:68:
02:1d:8d:d5:b5:86:82:53:61:9c:ee:70:97:68:74:
e7:ab:f7:59:34:4c:9e:69:eb:cb:a8:fb:35:c6:6a:
bc:1a:6e:02:70:25:59:78:27:a4:a0:de:c3:f0:6e:
4f:6c:73:b4:e5:d8:66:93:4f:06:9d:1d:d9:e0:c2:
cf:26:57:6e:d6:05:67:c2:e9:d9:c6:53:c1:26:be:
cc:e9:a9:c6:96:cb:d7:c8:94:f3:c1:e7:16:fa:53:
2b:01:00:90:27:69:c6:ea:ca:28:4e:65:03:90:c2:
76:2b:30:27:af:5b:29:fd:da:9c:71:fc:ab:ae:b5:
17:46:b3:11:49:b9:a9:3e:15:d3:10:56:72:91:93:
c2:80:bb:c1:96:9f:0c:a1:c8:6b:ac:11:da:d5:f0:
26:8c:19:96:ef:1c:a6:96:35:c0:36:3a:56:7e:aa:
cd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:03:01:61:41:7C:05:AF:25:4D:B2:EA:92:BD:CE:61:88:44:64:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E77FA76ACCDC11EF86F7764D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.209.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d4:e0:34:ce:40:6a:fd:1d:61:6d:18:7e:63:3f:81:fd:cd:
74:cc:7f:30:50:db:c2:50:a8:5a:37:27:a2:b8:a3:af:55:4f:
94:ae:21:c3:2e:ee:34:dc:03:95:e3:9d:32:02:a2:b7:67:fb:
05:a3:e9:f6:76:03:d1:b9:40:96:5f:f3:1e:7e:7e:dc:3e:70:
a4:83:c2:a8:16:9d:82:d5:64:fb:e1:34:ba:96:33:4b:16:09:
64:53:40:46:e7:87:6e:1a:54:14:81:32:84:05:84:34:3a:07:
a2:e4:b3:3c:ae:83:4b:a8:6e:41:48:b6:9b:49:af:ef:1a:a7:
91:92:3c:68:b4:06:0b:43:00:45:54:66:0b:1e:52:53:ea:5f:
8f:89:ca:79:dc:f9:d7:77:df:9e:08:43:92:49:7c:7d:79:3c:
fb:66:6d:83:65:1a:bc:06:07:47:0e:13:6c:97:3d:b8:50:80:
02:ff:21:d1:c0:29:15:a6:12:b3:e1:29:01:c9:5d:2a:74:3b:
c6:a3:cf:89:3f:97:f5:be:c6:45:e0:b2:85:41:de:83:3f:2e:
de:b4:37:d4:cc:52:19:f4:b2:d2:05:fa:0f:e1:15:e6:ec:08:
5d:84:cf:c3:c5:dc:83:b1:7d:bb:c5:8d:14:e1:1e:b3:67:d7:
42:f6:f3:83
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPt3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDk1MDU4WhcNMjcxMjEzMDk1MDU4WjAYMRYw
FAYDVQQDEw02NzdjZjkwNi0xNDYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnlnpx3L9zow/EdnZEjyPpBXzVYsqZcruxk4siIxepYepg8+5KuH/kN7M
77VREdNmJcPFQeTsxUNHeGKa3p5NPJeEyLvQngA2EhYTPIsTdfQzszRxDe+/PGgC
HY3VtYaCU2Gc7nCXaHTnq/dZNEyeaevLqPs1xmq8Gm4CcCVZeCekoN7D8G5PbHO0
5dhmk08GnR3Z4MLPJldu1gVnwunZxlPBJr7M6anGlsvXyJTzwecW+lMrAQCQJ2nG
6sooTmUDkMJ2KzAnr1sp/dqccfyrrrUXRrMRSbmpPhXTEFZykZPCgLvBlp8Mochr
rBHa1fAmjBmW7xymljXANjpWfqrNEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGMD
AWFBfAWvJU2y6pK9zmGIRGTPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNzdGQTc2QUNDREMxMUVGODZGNzc2NEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnRMA0GCSqGSIb3DQEBCwUA
A4IBAQAQ1OA0zkBq/R1hbRh+Yz+B/c10zH8wUNvCUKhaNyeiuKOvVU+UriHDLu40
3AOV450yAqK3Z/sFo+n2dgPRuUCWX/Mefn7cPnCkg8KoFp2C1WT74TS6ljNLFglk
U0BG54duGlQUgTKEBYQ0Ogei5LM8roNLqG5BSLabSa/vGqeRkjxotAYLQwBFVGYL
HlJT6l+Picp53PnXd9+eCEOSSXx9eTz7Zm2DZRq8BgdHDhNslz24UIAC/yHRwCkV
phKz4SkByV0qdDvGo8+JP5f1vsZF4LKFQd6DPy7etDfUzFIZ9LLSBfoP4RXm7Ahd
hM/DxdyDsX27xY0U4R6zZ9dC9vOD
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:36 2025 by rpki-client