Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE7A61BECCEA11EF8AFFBDA4762E951A.roa
File: EE7A61BECCEA11EF8AFFBDA4762E951A.roa (raw, json)
Hash identifier: xpZJWFX3Uanp+F66IF3PgJwIfn/9oqGS6/JcHD2F0KM=
Subject key identifier: 1A:B9:82:B0:EF:0F:4F:F9:39:D1:72:7B:2C:D9:05:9E:53:D5:39:B6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBF9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE7A61BECCEA11EF8AFFBDA4762E951A.roa
Signing time: Tue 07 Jan 2025 11:31:27 +0000
ROA not before: Tue 07 Jan 2025 11:31:23 +0000
ROA not after: Mon 13 Dec 2027 11:31:23 +0000
asID: 17561
IP address blocks: 156.236.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64505 (0xfbf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 11:31:23 2025 GMT
Not After : Dec 13 11:31:23 2027 GMT
Subject: CN=677d108f-3a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b4:e2:d6:35:46:2e:4b:2e:ab:d6:d3:6f:6e:
f2:db:4e:02:3e:96:74:27:33:a7:d9:2e:c6:d8:ed:
50:d8:84:f5:d7:3a:3e:91:36:41:17:02:72:bf:ed:
c7:1e:3e:1f:10:f4:e8:e8:1f:33:f0:69:f2:75:11:
ce:0e:e1:be:fc:4b:df:36:b2:ec:21:9a:4a:10:fe:
86:8c:ff:6d:b4:a6:18:4b:17:7c:ed:bc:2b:d7:ff:
47:c6:2d:c9:c5:23:23:09:dd:cf:b6:3b:fa:3f:ff:
11:8f:51:fd:7b:ef:9e:7c:15:82:89:c9:4e:b4:96:
c7:dc:da:33:d2:41:18:65:6f:f1:7f:64:77:dc:6b:
ab:67:20:93:5f:7e:54:8b:97:ae:be:d3:4e:fa:f3:
50:fb:57:66:fd:16:51:0a:9c:5b:96:dc:3f:7f:36:
f0:d2:da:65:8e:6b:a2:f3:11:6a:88:47:52:ea:75:
b0:d2:07:ac:6a:f0:15:63:6e:7d:d3:8e:64:75:20:
de:df:21:81:61:27:16:82:4a:c7:cc:9d:33:22:f3:
78:02:3b:e3:84:68:b9:d6:c9:d4:08:9d:3c:35:30:
a8:04:27:0c:1b:99:40:c9:b8:f9:ec:bf:9e:43:fa:
65:f1:db:0e:bd:07:43:c3:94:8a:b6:93:fa:ff:3f:
19:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B9:82:B0:EF:0F:4F:F9:39:D1:72:7B:2C:D9:05:9E:53:D5:39:B6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE7A61BECCEA11EF8AFFBDA4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.7.0/24
Signature Algorithm: sha256WithRSAEncryption
05:67:b7:aa:94:2c:4e:ea:a6:8b:54:0b:0e:37:82:92:8a:aa:
de:ab:2b:e2:63:5b:30:14:a7:01:75:d8:ff:49:58:b7:40:bc:
7a:2d:0d:b7:99:86:27:3c:08:5f:b9:03:d2:77:6f:33:cf:ad:
b4:61:8f:83:9d:09:25:81:8b:4f:32:01:1d:3a:fe:82:b0:e0:
c1:05:6b:c5:f8:33:75:73:83:08:08:a5:df:e1:db:a4:d4:c2:
16:4f:8e:2b:07:d0:53:ba:c9:a8:b6:92:bc:06:b3:33:b0:99:
0c:cf:e2:8e:49:c3:84:89:22:73:a8:24:04:99:d1:ce:38:7b:
58:fa:65:0e:a5:92:c2:31:cb:30:00:09:47:72:f0:cf:28:5e:
72:a8:98:75:d5:b7:01:28:37:08:ba:00:50:28:7a:e9:87:27:
20:08:bb:83:33:c9:0f:50:52:65:3a:63:c0:77:87:c7:ba:f2:
b4:cd:10:82:f5:53:36:eb:64:56:83:0e:c2:94:ef:d3:3a:51:
cf:43:b3:32:55:ee:3e:3b:6d:b2:58:92:c3:18:13:f8:9c:2c:
b9:17:7b:c2:45:f3:c5:d7:1d:b6:06:0d:58:d2:72:64:ca:f0:
c4:ea:22:b0:ea:fc:0b:18:18:0f:25:ca:a3:aa:6e:b2:f8:66:
05:0e:d2:ed
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPv5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTEzMTIzWhcNMjcxMjEzMTEzMTIzWjAYMRYw
FAYDVQQDEw02NzdkMTA4Zi0zYTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqrTi1jVGLksuq9bTb27y204CPpZ0JzOn2S7G2O1Q2IT11zo+kTZBFwJy
v+3HHj4fEPTo6B8z8GnydRHODuG+/EvfNrLsIZpKEP6GjP9ttKYYSxd87bwr1/9H
xi3JxSMjCd3Ptjv6P/8Rj1H9e++efBWCiclOtJbH3Noz0kEYZW/xf2R33GurZyCT
X35Ui5euvtNO+vNQ+1dm/RZRCpxbltw/fzbw0tpljmui8xFqiEdS6nWw0gesavAV
Y259045kdSDe3yGBYScWgkrHzJ0zIvN4AjvjhGi51snUCJ08NTCoBCcMG5lAybj5
7L+eQ/pl8dsOvQdDw5SKtpP6/z8ZcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBq5
grDvD0/5OdFyeyzZBZ5T1Tm2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRTdBNjFCRUNDRUExMUVGOEFGRkJEQTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwHMA0GCSqGSIb3DQEBCwUA
A4IBAQAFZ7eqlCxO6qaLVAsON4KSiqreqyviY1swFKcBddj/SVi3QLx6LQ23mYYn
PAhfuQPSd28zz620YY+DnQklgYtPMgEdOv6CsODBBWvF+DN1c4MICKXf4duk1MIW
T44rB9BTusmotpK8BrMzsJkMz+KOScOEiSJzqCQEmdHOOHtY+mUOpZLCMcswAAlH
cvDPKF5yqJh11bcBKDcIugBQKHrphycgCLuDM8kPUFJlOmPAd4fHuvK0zRCC9VM2
62RWgw7ClO/TOlHPQ7MyVe4+O22yWJLDGBP4nCy5F3vCRfPF1x22Bg1Y0nJkyvDE
6iKw6vwLGBgPJcqjqm6y+GYFDtLt
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:09 2025 by rpki-client