Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EFB826F0CD5911EF87AAA05E762E951A.roa
File: EFB826F0CD5911EF87AAA05E762E951A.roa (raw, json)
Hash identifier: qkxjnK6xEBMOeEQBb9rXNx70rb067EIDsUrcUB/KYzY=
Subject key identifier: 7E:7C:D2:F6:CA:E8:C9:5A:EB:81:B8:EC:A5:18:19:73:D3:22:6E:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF01
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EFB826F0CD5911EF87AAA05E762E951A.roa
Signing time: Wed 08 Jan 2025 00:46:03 +0000
ROA not before: Wed 08 Jan 2025 00:00:59 +0000
ROA not after: Sat 13 Dec 2025 00:00:59 +0000
asID: 984
IP address blocks: 156.247.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65281 (0xff01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 00:00:59 2025 GMT
Not After : Dec 13 00:00:59 2025 GMT
Subject: CN=677dcacb-cd80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:83:ff:c1:52:37:7b:ca:a8:46:34:3d:f6:d3:
e6:53:31:b1:be:53:e9:78:64:07:b9:94:d4:80:37:
14:1f:10:54:d5:56:a6:b8:a2:63:fd:3f:67:8d:c1:
f0:5d:f2:69:57:91:af:35:0d:fc:d4:4f:96:1f:f1:
5c:c1:35:66:61:48:e9:1b:b8:56:53:dc:fd:bd:73:
6c:34:f5:c2:8d:f9:06:06:5a:a7:a8:7a:71:9e:cc:
11:a9:f6:bb:21:80:53:4f:14:8d:4b:44:37:37:91:
61:08:ba:16:2a:04:8f:45:30:96:80:41:c3:32:d5:
85:39:07:b7:11:91:cd:78:18:ac:70:63:6d:93:87:
4e:44:5d:0e:92:c6:6a:79:66:41:b1:20:5c:44:39:
03:b0:54:e3:47:26:de:e1:1f:f5:4f:78:6e:1c:6a:
87:fb:eb:0f:de:21:24:0f:39:a7:55:48:12:80:78:
e7:7d:fe:fa:ec:6d:a2:f0:25:aa:23:c3:a4:35:4e:
7b:65:ef:4a:95:ae:11:57:58:9b:f6:66:2e:56:7a:
05:84:1a:72:1e:ff:b0:5f:d0:07:b7:03:64:9c:28:
86:62:7e:08:22:4e:8e:9c:4c:bb:5d:3b:dc:73:7e:
67:94:69:1e:8a:fb:cd:7a:09:85:f9:6f:ff:ff:e5:
7b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:7C:D2:F6:CA:E8:C9:5A:EB:81:B8:EC:A5:18:19:73:D3:22:6E:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EFB826F0CD5911EF87AAA05E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.73.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:98:c4:58:b4:73:6c:46:19:fc:23:9c:d2:0e:9d:c2:54:b9:
f3:e8:67:ee:1c:5b:c7:36:c1:b2:88:0d:70:11:98:de:92:56:
3d:a2:82:12:2b:97:af:26:77:7b:c4:a3:14:05:33:8b:98:39:
9a:4e:6e:d3:97:b8:ee:cf:87:5d:1e:27:64:69:f1:10:8d:88:
85:99:b3:73:fe:d7:ab:15:4d:de:01:6a:24:80:cc:12:fc:ac:
a5:17:4c:64:85:af:c9:74:ce:27:7a:5d:a9:d1:c8:ed:e4:12:
c5:ac:59:cf:bf:88:5a:94:67:30:af:55:0a:e3:af:fd:96:09:
e1:b2:4f:a6:5b:2f:55:26:f4:49:98:14:e7:6b:ce:ac:18:c9:
f3:92:1a:71:c9:4e:4d:f1:70:21:a0:91:fc:92:15:31:78:16:
9b:79:9e:14:07:90:59:16:ff:6e:db:aa:f5:ac:08:b2:23:fd:
94:15:c0:53:61:cc:67:e6:2f:92:5b:de:8a:31:ce:17:a6:2a:
e5:d0:84:5a:cb:d9:17:5a:f2:1f:6a:33:36:8a:c6:a5:75:8f:
52:dc:a6:f3:cf:c5:db:f2:82:94:04:06:6b:db:28:6e:47:c9:
34:c1:53:29:9b:d8:31:de:3e:9b:46:48:d8:b0:27:ba:f4:7f:
ab:93:d0:7a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP8BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDAwMDU5WhcNMjUxMjEzMDAwMDU5WjAYMRYw
FAYDVQQDEw02NzdkY2FjYi1jZDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwYP/wVI3e8qoRjQ99tPmUzGxvlPpeGQHuZTUgDcUHxBU1VamuKJj/T9n
jcHwXfJpV5GvNQ381E+WH/FcwTVmYUjpG7hWU9z9vXNsNPXCjfkGBlqnqHpxnswR
qfa7IYBTTxSNS0Q3N5FhCLoWKgSPRTCWgEHDMtWFOQe3EZHNeBiscGNtk4dORF0O
ksZqeWZBsSBcRDkDsFTjRybe4R/1T3huHGqH++sP3iEkDzmnVUgSgHjnff767G2i
8CWqI8OkNU57Ze9Kla4RV1ib9mYuVnoFhBpyHv+wX9AHtwNknCiGYn4IIk6OnEy7
XTvcc35nlGkeivvNegmF+W///+V79wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH58
0vbK6Mla64G47KUYGXPTIm7MMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRkI4MjZGMENENTkxMUVGODdBQUEwNUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdJMA0GCSqGSIb3DQEBCwUA
A4IBAQC4mMRYtHNsRhn8I5zSDp3CVLnz6GfuHFvHNsGyiA1wEZjeklY9ooISK5ev
Jnd7xKMUBTOLmDmaTm7Tl7juz4ddHidkafEQjYiFmbNz/terFU3eAWokgMwS/Kyl
F0xkha/JdM4nel2p0cjt5BLFrFnPv4halGcwr1UK46/9lgnhsk+mWy9VJvRJmBTn
a86sGMnzkhpxyU5N8XAhoJH8khUxeBabeZ4UB5BZFv9u26r1rAiyI/2UFcBTYcxn
5i+SW96KMc4Xpirl0IRay9kXWvIfajM2isaldY9S3Kbzz8Xb8oKUBAZr2yhuR8k0
wVMpm9gx3j6bRkjYsCe69H+rk9B6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:24 2025 by rpki-client