Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF6BADC2CDA211EFA6A03342762E951A.roa
File: EF6BADC2CDA211EFA6A03342762E951A.roa (raw, json)
Hash identifier: 4MAxzGgM7Mvh1hLy7lPaYGcjg9cKNRPyeFHvXE09Z3c=
Subject key identifier: 1F:A1:EF:A4:CB:7C:DC:6D:8E:6E:3C:4E:5A:85:61:04:0D:6B:3C:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100F9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF6BADC2CDA211EFA6A03342762E951A.roa
Signing time: Wed 08 Jan 2025 09:28:36 +0000
ROA not before: Wed 08 Jan 2025 09:28:32 +0000
ROA not after: Mon 13 Dec 2027 09:28:32 +0000
asID: 17561
IP address blocks: 156.253.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65785 (0x100f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:28:32 2025 GMT
Not After : Dec 13 09:28:32 2027 GMT
Subject: CN=677e4544-2317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fb:1b:d8:50:16:6f:cb:1e:81:10:c2:6d:42:
99:27:18:de:78:e8:29:c8:ca:3d:7e:6a:43:48:98:
7a:ca:c4:b7:d5:fc:b4:21:f2:0c:4f:a7:c5:b6:2c:
91:f1:d7:0c:58:e5:25:d8:4a:38:f7:b5:ab:2b:ea:
eb:24:3d:98:63:4c:38:db:cd:6b:37:8f:cf:be:0b:
1b:e3:22:54:87:49:82:1f:da:71:fd:7a:a4:e7:b4:
42:6c:94:b8:af:64:fa:9b:67:84:53:ba:9d:f1:0c:
ff:30:2e:31:be:96:01:d2:f0:c2:20:09:58:4c:64:
3b:08:f7:f2:c2:95:54:59:6f:6d:93:85:2c:90:06:
21:52:26:38:59:90:7f:76:3a:0f:d9:45:ab:cb:70:
ec:62:4d:53:8b:58:8a:0c:db:9d:52:7f:50:59:1b:
cf:3b:ec:45:01:fd:87:3f:86:95:79:f6:74:72:49:
39:20:84:89:11:a1:52:b4:b7:dd:7b:b1:1e:f8:fc:
a3:86:4b:31:1c:53:d2:b1:bf:68:6e:4a:f5:66:1e:
7d:dc:aa:3d:ab:56:f2:74:54:40:25:00:be:f3:b9:
7b:a7:38:67:16:68:28:ab:d4:7b:ac:f2:48:40:93:
95:bc:67:75:96:7e:09:03:52:f3:78:37:23:84:78:
6b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A1:EF:A4:CB:7C:DC:6D:8E:6E:3C:4E:5A:85:61:04:0D:6B:3C:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF6BADC2CDA211EFA6A03342762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.48.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:35:87:bb:56:6b:f5:ca:05:b9:e4:47:80:06:f2:7e:c2:65:
3c:ba:90:db:bf:90:47:ee:63:e9:96:d8:35:a4:2f:15:94:d8:
79:f4:09:98:d9:0b:84:54:2c:21:09:6e:0a:d1:46:51:75:9d:
f8:d7:a6:44:f5:94:dc:9b:25:b5:42:53:10:47:4e:e0:32:85:
57:fe:45:a4:21:c2:a0:4e:7b:b3:23:f3:42:91:b7:38:2d:4e:
05:1d:71:ac:9b:6f:0c:b3:a7:7e:25:6c:4d:6d:67:0b:5a:e4:
72:98:91:3f:cc:f2:92:d9:8f:ef:e3:3c:28:71:ea:77:7c:b6:
50:d2:0f:40:a9:77:6e:14:a0:cf:2f:9b:51:26:aa:66:a5:35:
c2:a9:6b:82:f4:f4:06:96:f8:81:a1:84:99:15:fa:72:57:dd:
bc:99:0a:ad:63:9e:54:c4:a4:cd:bf:4e:ab:4b:c9:26:58:41:
2d:4a:e3:a7:d3:06:47:dd:62:36:1f:10:c6:7b:ee:d3:35:ec:
82:5c:68:df:19:a5:f5:56:74:3b:1b:58:32:16:b1:a0:95:18:
02:e2:cc:03:61:3e:fb:bb:77:4f:70:d0:a8:c1:c5:03:ad:23:
1b:51:bc:8c:0c:9c:15:52:0b:a3:0f:62:e6:59:ec:6d:c1:59:
75:c5:6c:49
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQD5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkyODMyWhcNMjcxMjEzMDkyODMyWjAYMRYw
FAYDVQQDEw02NzdlNDU0NC0yMzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyvsb2FAWb8segRDCbUKZJxjeeOgpyMo9fmpDSJh6ysS31fy0IfIMT6fF
tiyR8dcMWOUl2Eo497WrK+rrJD2YY0w4281rN4/Pvgsb4yJUh0mCH9px/Xqk57RC
bJS4r2T6m2eEU7qd8Qz/MC4xvpYB0vDCIAlYTGQ7CPfywpVUWW9tk4UskAYhUiY4
WZB/djoP2UWry3DsYk1Ti1iKDNudUn9QWRvPO+xFAf2HP4aVefZ0ckk5IISJEaFS
tLfde7Ee+PyjhksxHFPSsb9obkr1Zh593Ko9q1bydFRAJQC+87l7pzhnFmgoq9R7
rPJIQJOVvGd1ln4JA1LzeDcjhHhr4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB+h
76TLfNxtjm48TlqFYQQNazzpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRjZCQURDMkNEQTIxMUVGQTZBMDMzNDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP0wMA0GCSqGSIb3DQEBCwUA
A4IBAQCMNYe7Vmv1ygW55EeABvJ+wmU8upDbv5BH7mPpltg1pC8VlNh59AmY2QuE
VCwhCW4K0UZRdZ3416ZE9ZTcmyW1QlMQR07gMoVX/kWkIcKgTnuzI/NCkbc4LU4F
HXGsm28Ms6d+JWxNbWcLWuRymJE/zPKS2Y/v4zwocep3fLZQ0g9AqXduFKDPL5tR
JqpmpTXCqWuC9PQGlviBoYSZFfpyV928mQqtY55UxKTNv06rS8kmWEEtSuOn0wZH
3WI2HxDGe+7TNeyCXGjfGaX1VnQ7G1gyFrGglRgC4swDYT77u3dPcNCowcUDrSMb
UbyMDJwVUgujD2LmWextwVl1xWxJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:53 2025 by rpki-client