Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EEFD8B3CD2F011EF969BA069762E951A.roa
File: EEFD8B3CD2F011EF969BA069762E951A.roa (raw, json)
Hash identifier: DQxkZkf10uqv5I5S9ZTc/bgkvEFMse8IyKnb7wwD5Qg=
Subject key identifier: E4:D1:A9:A8:B7:98:D3:63:16:43:01:E8:18:94:49:3C:1F:F6:B5:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01077F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EEFD8B3CD2F011EF969BA069762E951A.roa
Signing time: Wed 15 Jan 2025 03:29:31 +0000
ROA not before: Wed 15 Jan 2025 03:29:28 +0000
ROA not after: Mon 03 Jan 2028 03:29:28 +0000
asID: 17561
IP address blocks: 156.241.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67455 (0x1077f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 03:29:28 2025 GMT
Not After : Jan 3 03:29:28 2028 GMT
Subject: CN=67872b9b-c2c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:45:43:4f:81:c5:95:ae:0d:ff:0d:87:8a:81:
7f:b0:ac:9b:dd:67:9d:8e:d5:a5:9f:f5:74:2c:f8:
b3:44:b9:77:94:5e:4c:de:3d:aa:6d:61:7c:be:d9:
4e:21:fd:1d:89:fc:7c:24:ba:a9:1a:38:42:91:ac:
97:1b:09:e7:34:eb:53:76:d9:38:16:bb:61:b8:d3:
c7:63:bb:6b:ac:36:e9:11:3f:e1:be:60:5e:89:4b:
90:44:b7:fa:20:13:6c:0b:12:ea:10:c7:d2:a5:2d:
c1:23:74:fa:93:24:37:81:0d:19:4d:75:a1:1c:f6:
b3:f9:a3:c9:45:ff:fc:18:bd:0e:87:1d:42:08:70:
35:a2:2c:fe:f8:9b:13:2a:42:f2:ce:91:7c:c4:0d:
3a:2e:97:aa:3a:11:73:6e:0d:86:56:2d:20:4b:b7:
b7:54:5b:00:1a:64:42:e4:78:98:a0:4b:f8:27:5e:
c8:66:7d:16:c9:5d:12:b7:4e:83:c0:53:3a:a1:3d:
ea:1d:6e:b6:6a:15:b2:33:16:77:23:24:39:a3:47:
a1:5d:c4:9c:6d:33:39:31:6c:28:c6:6a:92:28:5c:
e3:8a:96:d8:4a:04:60:3c:e8:2a:c0:a0:d6:17:de:
f1:17:94:87:27:ad:09:21:b7:9f:ed:d9:31:75:06:
87:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D1:A9:A8:B7:98:D3:63:16:43:01:E8:18:94:49:3C:1F:F6:B5:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EEFD8B3CD2F011EF969BA069762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.248.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:cc:1a:f8:82:6a:0e:21:b3:9f:96:07:f5:a3:38:39:8d:26:
39:d3:7f:12:c5:e4:5e:d6:48:f8:ff:4d:0f:7a:ed:e7:d8:83:
3f:46:d4:2a:9a:e9:88:44:5c:20:6f:55:2d:49:61:b8:d6:a6:
35:ea:d1:86:42:38:31:00:39:8d:4e:45:05:f1:9c:9d:9a:aa:
2f:ec:83:ba:94:90:78:d7:23:76:e1:5e:16:13:66:86:02:9a:
90:69:0a:e1:2b:77:18:84:0f:5d:5b:29:0b:9e:f2:91:3a:24:
fc:25:42:bc:e7:3c:a9:8b:28:e1:51:f0:6e:d6:c2:fd:24:58:
4c:9e:2d:78:6f:4f:27:3b:ec:ee:cd:50:7a:13:34:19:69:51:
7f:03:05:87:29:a4:43:b0:1d:37:d7:bd:0a:9f:2c:e4:59:33:
5f:d2:ad:c5:1a:c0:d5:14:8a:3d:e3:ca:43:47:42:ae:d0:e5:
36:db:1f:9c:ef:ac:ed:93:f7:97:05:85:6d:1d:89:a7:0b:56:
0a:f7:67:c5:d1:2e:f0:8f:8b:82:a4:d5:61:4e:ba:d5:0f:b8:
0f:78:30:01:0c:90:ea:3e:36:7a:e7:7c:2c:e7:17:54:cd:7f:
6b:66:56:64:2d:93:43:8c:02:7c:3d:75:0c:31:8b:88:b6:2c:
b2:67:e4:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQd/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDMyOTI4WhcNMjgwMTAzMDMyOTI4WjAYMRYw
FAYDVQQDEw02Nzg3MmI5Yi1jMmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuUVDT4HFla4N/w2HioF/sKyb3WedjtWln/V0LPizRLl3lF5M3j2qbWF8
vtlOIf0difx8JLqpGjhCkayXGwnnNOtTdtk4FrthuNPHY7trrDbpET/hvmBeiUuQ
RLf6IBNsCxLqEMfSpS3BI3T6kyQ3gQ0ZTXWhHPaz+aPJRf/8GL0Ohx1CCHA1oiz+
+JsTKkLyzpF8xA06LpeqOhFzbg2GVi0gS7e3VFsAGmRC5HiYoEv4J17IZn0WyV0S
t06DwFM6oT3qHW62ahWyMxZ3IyQ5o0ehXcScbTM5MWwoxmqSKFzjipbYSgRgPOgq
wKDWF97xF5SHJ60JIbef7dkxdQaH8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOTR
qai3mNNjFkMB6BiUSTwf9rUzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRUZEOEIzQ0QyRjAxMUVGOTY5QkEwNjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPH4MA0GCSqGSIb3DQEBCwUA
A4IBAQBazBr4gmoOIbOflgf1ozg5jSY5038SxeRe1kj4/00Peu3n2IM/RtQqmumI
RFwgb1UtSWG41qY16tGGQjgxADmNTkUF8Zydmqov7IO6lJB41yN24V4WE2aGApqQ
aQrhK3cYhA9dWykLnvKROiT8JUK85zypiyjhUfBu1sL9JFhMni14b08nO+zuzVB6
EzQZaVF/AwWHKaRDsB03170KnyzkWTNf0q3FGsDVFIo948pDR0Ku0OU22x+c76zt
k/eXBYVtHYmnC1YK92fF0S7wj4uCpNVhTrrVD7gPeDABDJDqPjZ653ws5xdUzX9r
ZlZkLZNDjAJ8PXUMMYuItiyyZ+Sw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:55 2025 by rpki-client