Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EBC81932C99511EF913A3285762E951A.roa
File: EBC81932C99511EF913A3285762E951A.roa (raw, json)
Hash identifier: 9oJEElxkxzrcQ9zn20fZfh8LIrzQ2Oy/CSBNZ9NgNdg=
Subject key identifier: 5D:B8:69:24:ED:82:C8:86:6B:33:94:5D:44:13:2E:B5:AF:77:65:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F611
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EBC81932C99511EF913A3285762E951A.roa
Signing time: Fri 03 Jan 2025 05:45:22 +0000
ROA not before: Fri 03 Jan 2025 05:45:18 +0000
ROA not after: Mon 13 Dec 2027 05:45:18 +0000
asID: 17561
IP address blocks: 156.233.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62993 (0xf611)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:45:18 2025 GMT
Not After : Dec 13 05:45:18 2027 GMT
Subject: CN=67777971-bdaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:19:4d:af:8a:fe:be:69:4a:60:c8:b2:ac:e8:
3e:11:aa:6f:b7:00:ca:ba:6d:73:2d:ca:4a:cf:8f:
b6:09:99:bb:5a:d3:14:7f:7f:9f:bd:bf:d9:92:3f:
95:2a:e6:a0:9f:42:1f:8a:56:4c:35:52:71:43:32:
d5:6d:5e:9a:e8:c7:42:b2:65:02:ca:1f:68:f0:a3:
46:fd:4f:29:e2:21:f2:48:f1:f4:bc:6d:fe:12:6b:
54:a3:ab:e0:15:78:ef:f9:00:77:0f:0a:bf:92:fb:
a0:10:ff:d1:8c:14:da:a1:1f:ff:a3:f6:e5:db:7e:
21:84:3b:47:05:74:cd:8c:ee:d9:c8:28:db:48:dc:
c1:b6:21:0a:d6:9d:63:53:67:c7:8f:1f:3a:9d:ec:
02:54:c6:42:ac:ba:b9:aa:f3:f1:dd:a7:83:06:12:
06:a0:17:a9:96:fb:80:e9:e5:29:8b:d7:6b:d0:8a:
3d:1c:5d:fa:25:ef:2c:ab:cc:ba:5f:82:b5:7c:ff:
45:47:cc:36:bd:46:e3:91:57:af:6e:a8:4b:cb:26:
21:65:a1:c7:39:2e:c2:cc:f0:c2:6f:ef:1c:01:d4:
fb:f1:ea:f4:52:ed:4f:42:94:18:41:36:20:cd:5b:
a3:c2:77:f0:d3:fc:12:f6:38:36:74:c8:11:64:38:
81:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B8:69:24:ED:82:C8:86:6B:33:94:5D:44:13:2E:B5:AF:77:65:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EBC81932C99511EF913A3285762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.141.0/24
Signature Algorithm: sha256WithRSAEncryption
14:83:0a:59:a1:6f:df:5d:9b:d6:b5:f0:45:37:3c:da:27:78:
0b:18:da:af:5d:5a:a8:4f:31:53:f0:08:61:1f:43:33:93:c5:
c5:9e:49:26:36:8e:f1:38:a3:13:ae:ff:b9:ce:a8:c5:63:be:
f6:60:8d:47:37:4f:f0:61:68:78:25:36:0a:11:87:f4:3f:ee:
a9:18:0b:2a:be:30:dc:79:3c:e1:db:2f:91:7e:96:21:17:e4:
aa:67:58:1b:32:15:f8:1f:86:f3:6f:77:a6:0c:92:86:cd:b2:
21:9e:c1:cd:d8:38:93:9e:07:e3:56:43:70:0c:c5:3e:d2:52:
6a:e2:2a:f6:3b:eb:a1:39:05:0a:cf:e9:c0:60:35:7e:53:de:
86:14:e6:ed:1b:cb:01:5a:68:43:20:dd:6c:9e:d5:63:39:08:
2c:50:1e:2c:08:08:0f:99:64:d1:7d:fd:70:81:72:f3:b5:89:
0a:1a:63:b4:8c:84:a5:69:cb:ed:24:eb:95:45:38:f0:ed:79:
24:85:34:46:43:6a:6d:47:86:e7:c5:43:96:d6:d6:81:ed:b0:
bf:30:bd:ae:5b:73:39:98:fa:f9:23:bf:07:6e:3d:46:c4:84:
07:92:15:29:93:7c:66:97:6e:1b:42:87:ce:61:45:1f:3b:88:
d7:c3:9c:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDU0NTE4WhcNMjcxMjEzMDU0NTE4WjAYMRYw
FAYDVQQDEw02Nzc3Nzk3MS1iZGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvRlNr4r+vmlKYMiyrOg+EapvtwDKum1zLcpKz4+2CZm7WtMUf3+fvb/Z
kj+VKuagn0IfilZMNVJxQzLVbV6a6MdCsmUCyh9o8KNG/U8p4iHySPH0vG3+EmtU
o6vgFXjv+QB3Dwq/kvugEP/RjBTaoR//o/bl234hhDtHBXTNjO7ZyCjbSNzBtiEK
1p1jU2fHjx86newCVMZCrLq5qvPx3aeDBhIGoBeplvuA6eUpi9dr0Io9HF36Je8s
q8y6X4K1fP9FR8w2vUbjkVevbqhLyyYhZaHHOS7CzPDCb+8cAdT78er0Uu1PQpQY
QTYgzVujwnfw0/wS9jg2dMgRZDiBGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF24
aSTtgsiGazOUXUQTLrWvd2V6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQkM4MTkzMkM5OTUxMUVGOTEzQTMyODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmNMA0GCSqGSIb3DQEBCwUA
A4IBAQAUgwpZoW/fXZvWtfBFNzzaJ3gLGNqvXVqoTzFT8AhhH0Mzk8XFnkkmNo7x
OKMTrv+5zqjFY772YI1HN0/wYWh4JTYKEYf0P+6pGAsqvjDceTzh2y+RfpYhF+Sq
Z1gbMhX4H4bzb3emDJKGzbIhnsHN2DiTngfjVkNwDMU+0lJq4ir2O+uhOQUKz+nA
YDV+U96GFObtG8sBWmhDIN1sntVjOQgsUB4sCAgPmWTRff1wgXLztYkKGmO0jISl
acvtJOuVRTjw7XkkhTRGQ2ptR4bnxUOW1taB7bC/ML2uW3M5mPr5I78Hbj1GxIQH
khUpk3xml24bQofOYUUfO4jXw5xH
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:50 2025 by rpki-client