Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EA2AF80EC98811EF9B6EFEB1762E951A.roa
File: EA2AF80EC98811EF9B6EFEB1762E951A.roa (raw, json)
Hash identifier: oT2sv76Odwj4iO9fQhlT6NiOoSEw96s/E68uKhfj8Dk=
Subject key identifier: 9F:F5:80:30:78:05:51:B3:CE:7B:6D:69:EB:7F:09:6F:88:47:93:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F599
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EA2AF80EC98811EF9B6EFEB1762E951A.roa
Signing time: Fri 03 Jan 2025 04:12:15 +0000
ROA not before: Fri 03 Jan 2025 04:12:12 +0000
ROA not after: Sat 13 Dec 2025 04:12:12 +0000
asID: 984
IP address blocks: 156.233.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62873 (0xf599)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:12:12 2025 GMT
Not After : Dec 13 04:12:12 2025 GMT
Subject: CN=6777639f-97bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9f:01:c8:2b:1e:97:66:d3:6c:f4:b7:18:ac:
e0:26:85:92:28:a2:78:cf:03:8a:74:6a:a7:b1:3d:
7f:16:1c:f6:cb:6d:72:f5:ea:e7:c7:b4:da:0c:3b:
34:9e:d7:36:46:19:e8:71:e0:3b:9b:ba:6c:8e:e4:
10:aa:f8:57:80:9e:c1:4f:5d:23:5d:10:3e:02:c8:
f2:fc:61:45:31:3f:67:5d:69:c8:44:8a:03:18:18:
f7:65:c1:a8:96:31:55:6e:89:d4:a4:69:7b:51:21:
0f:d4:40:ca:3d:f3:59:79:43:22:cc:1b:5a:57:65:
d3:1e:da:31:83:70:bd:97:89:14:b0:45:6e:b5:b2:
1a:be:7a:0b:ef:61:d0:50:cb:ff:2c:17:8a:9b:e2:
f4:b0:33:99:4c:a4:5f:2f:f8:6d:68:75:37:41:af:
43:6e:4f:3f:48:01:c5:b8:1c:47:f7:7a:fd:2d:b8:
40:a1:32:9a:08:1c:19:e3:79:fe:3b:f2:95:57:6d:
69:87:0f:dc:5e:3b:cb:5c:6e:e3:ab:15:b1:b8:f4:
97:55:95:18:57:4b:46:25:29:6a:1c:fb:44:d6:49:
e9:26:68:fd:c1:dd:a7:98:6d:8a:60:23:58:c6:76:
36:d3:b8:88:55:bd:c7:e2:4a:eb:b5:a9:82:47:2b:
28:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:F5:80:30:78:05:51:B3:CE:7B:6D:69:EB:7F:09:6F:88:47:93:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EA2AF80EC98811EF9B6EFEB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.18.0/24
Signature Algorithm: sha256WithRSAEncryption
96:fe:be:6a:c1:e7:f0:f4:4c:c0:63:3c:c2:34:23:ad:d7:90:
60:31:99:a7:a8:80:e6:79:f2:51:fd:f5:a9:c9:16:31:94:40:
2f:e3:a8:b7:b3:6f:bc:2c:96:3b:43:b4:d7:9c:ec:b5:7d:16:
0d:19:c5:2b:ea:d3:e8:35:0c:d5:99:e2:43:2b:b6:0f:29:1a:
59:c6:c4:c6:6c:ce:c7:10:c3:43:37:13:fb:35:22:27:70:38:
f5:76:e5:84:dc:a4:f4:c3:4a:e6:3f:7f:1e:7a:fe:bf:cc:eb:
8b:82:50:36:46:e0:b9:db:a4:0d:13:61:0e:8f:56:00:4e:ff:
f5:03:a7:f9:6c:cc:16:02:fa:48:75:18:d8:d1:8f:36:d8:d8:
ca:bd:e9:99:e5:b0:f6:da:d3:62:37:f0:a5:ae:e0:1b:94:17:
e4:06:13:98:f5:5f:c2:69:b7:d9:0b:06:f0:69:57:9d:19:a8:
8f:95:03:09:e0:e3:88:78:2b:a4:a3:57:44:86:93:90:f4:95:
d2:e6:d4:a3:96:9a:2c:be:fe:66:71:26:34:6c:64:f9:af:7d:
b0:3c:8b:ea:6e:69:af:1c:5a:e4:7a:28:e6:87:9b:88:95:ab:
2e:0c:9d:06:58:5f:08:aa:ae:bd:52:04:f0:55:96:01:be:cf:
22:15:39:94
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQxMjEyWhcNMjUxMjEzMDQxMjEyWjAYMRYw
FAYDVQQDEw02Nzc3NjM5Zi05N2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq58ByCsel2bTbPS3GKzgJoWSKKJ4zwOKdGqnsT1/Fhz2y21y9ernx7Ta
DDs0ntc2RhnoceA7m7psjuQQqvhXgJ7BT10jXRA+Asjy/GFFMT9nXWnIRIoDGBj3
ZcGoljFVbonUpGl7USEP1EDKPfNZeUMizBtaV2XTHtoxg3C9l4kUsEVutbIavnoL
72HQUMv/LBeKm+L0sDOZTKRfL/htaHU3Qa9Dbk8/SAHFuBxH93r9LbhAoTKaCBwZ
43n+O/KVV21phw/cXjvLXG7jqxWxuPSXVZUYV0tGJSlqHPtE1knpJmj9wd2nmG2K
YCNYxnY207iIVb3H4krrtamCRysoKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ/1
gDB4BVGzznttaet/CW+IR5M6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQTJBRjgwRUM5ODgxMUVGOUI2RUZFQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkSMA0GCSqGSIb3DQEBCwUA
A4IBAQCW/r5qwefw9EzAYzzCNCOt15BgMZmnqIDmefJR/fWpyRYxlEAv46i3s2+8
LJY7Q7TXnOy1fRYNGcUr6tPoNQzVmeJDK7YPKRpZxsTGbM7HEMNDNxP7NSIncDj1
duWE3KT0w0rmP38eev6/zOuLglA2RuC526QNE2EOj1YATv/1A6f5bMwWAvpIdRjY
0Y822NjKvemZ5bD22tNiN/ClruAblBfkBhOY9V/CabfZCwbwaVedGaiPlQMJ4OOI
eCuko1dEhpOQ9JXS5tSjlposvv5mcSY0bGT5r32wPIvqbmmvHFrkeijmh5uIlasu
DJ0GWF8Iqq69UgTwVZYBvs8iFTmU
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:44 2025 by rpki-client