Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EFFAA4EACD5811EFA1CC3058762E951A.roa
File: EFFAA4EACD5811EFA1CC3058762E951A.roa (raw, json)
Hash identifier: 1zOqg37gikBbrFiJFPHLESqTEl0jDC5SmVevmvTlFNE=
Subject key identifier: 45:89:45:C9:E6:3E:4D:BE:8A:7F:A8:AF:48:09:FD:F2:4E:25:C4:E7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEF9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EFFAA4EACD5811EFA1CC3058762E951A.roa
Signing time: Wed 08 Jan 2025 00:38:54 +0000
ROA not before: Wed 08 Jan 2025 00:00:50 +0000
ROA not after: Mon 13 Dec 2027 00:00:50 +0000
asID: 17561
IP address blocks: 156.247.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65273 (0xfef9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 00:00:50 2025 GMT
Not After : Dec 13 00:00:50 2027 GMT
Subject: CN=677dc91e-3640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:79:fd:3f:8a:66:ec:50:e9:c2:21:09:82:cf:
c5:1c:60:c8:b5:97:46:30:1b:f8:58:5b:d5:46:08:
99:8b:af:7a:0f:e8:d8:33:62:6c:45:5f:6c:55:61:
aa:5d:a1:bb:fb:f7:da:30:d1:d1:12:91:dd:7c:98:
af:ec:22:f0:c0:f8:db:8b:ff:03:74:a2:a4:18:36:
93:85:30:1b:7f:a1:d0:58:a7:32:86:9b:24:80:27:
3f:3d:2e:21:67:52:c7:ad:11:4d:89:ce:57:6d:61:
1d:25:05:33:32:05:80:5b:53:c6:08:c4:45:f9:a0:
9b:5b:4f:90:24:be:ba:bc:4c:37:70:80:4b:71:30:
f6:d0:98:b3:02:46:a8:a1:5b:23:57:5c:b9:3b:0d:
a9:b4:cc:65:2d:8b:82:51:05:43:a1:c6:30:c5:31:
18:80:3a:36:1b:1a:49:5f:41:9e:78:a9:84:3e:84:
28:e9:b6:d1:11:f0:ae:e1:bc:c0:66:cf:8b:6b:a0:
d4:d6:76:b6:15:29:d4:2a:42:6f:7f:70:ee:f8:7c:
bc:45:d6:89:54:65:60:4d:96:ae:2d:53:9d:b6:f7:
dd:4f:ff:da:c2:73:ab:a3:40:b4:fd:08:3f:6f:ac:
f1:82:3c:09:bd:50:b4:d2:3f:aa:63:fd:1a:c0:79:
74:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:89:45:C9:E6:3E:4D:BE:8A:7F:A8:AF:48:09:FD:F2:4E:25:C4:E7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EFFAA4EACD5811EFA1CC3058762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.69.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:3c:16:30:57:be:63:c0:cd:be:6f:44:e9:fc:cf:30:54:62:
e3:14:c7:2e:1d:96:61:69:94:87:d8:4b:a3:d2:4e:5b:92:6d:
0e:68:87:0a:bc:25:bf:af:a1:47:2a:da:65:fc:c2:10:92:a2:
96:37:7a:0b:26:4e:19:15:05:05:b5:ec:5c:27:3c:ba:f4:7c:
70:eb:45:c6:59:24:3c:ff:cb:7a:b4:9e:f5:02:d1:b8:04:ed:
55:82:df:4b:3f:a7:11:ed:13:e2:19:54:ee:c2:9c:ad:ef:d7:
4c:13:a1:84:51:69:53:f4:7f:64:1b:82:ee:d7:7c:82:2e:a2:
02:0d:f7:ae:c7:80:76:8e:70:3a:1b:8d:69:6f:3e:33:45:a3:
c7:c1:58:43:bf:17:5e:10:f3:68:3f:8b:44:45:aa:2b:10:3c:
c2:58:90:27:1e:84:3e:58:9c:2c:f2:66:84:f8:43:23:5c:96:
80:fb:a3:98:87:79:a6:c3:d4:bb:92:fb:15:6d:83:25:6b:0b:
51:fb:36:f3:0a:5d:8e:d4:65:02:e2:e8:3d:9d:cb:a9:8f:51:
12:49:34:07:31:56:52:10:d4:be:b7:19:c5:60:a9:d8:ab:e2:
f6:6d:ae:59:c7:a5:94:a5:35:c5:63:fb:54:36:84:e9:26:dd:
c8:14:7d:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP75MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDAwMDUwWhcNMjcxMjEzMDAwMDUwWjAYMRYw
FAYDVQQDEw02NzdkYzkxZS0zNjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA53n9P4pm7FDpwiEJgs/FHGDItZdGMBv4WFvVRgiZi696D+jYM2JsRV9s
VWGqXaG7+/faMNHREpHdfJiv7CLwwPjbi/8DdKKkGDaThTAbf6HQWKcyhpskgCc/
PS4hZ1LHrRFNic5XbWEdJQUzMgWAW1PGCMRF+aCbW0+QJL66vEw3cIBLcTD20Jiz
AkaooVsjV1y5Ow2ptMxlLYuCUQVDocYwxTEYgDo2GxpJX0GeeKmEPoQo6bbREfCu
4bzAZs+La6DU1na2FSnUKkJvf3Du+Hy8RdaJVGVgTZauLVOdtvfdT//awnOro0C0
/Qg/b6zxgjwJvVC00j+qY/0awHl0VwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEWJ
RcnmPk2+in+or0gJ/fJOJcTnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRkZBQTRFQUNENTgxMUVGQTFDQzMwNTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdFMA0GCSqGSIb3DQEBCwUA
A4IBAQCePBYwV75jwM2+b0Tp/M8wVGLjFMcuHZZhaZSH2Euj0k5bkm0OaIcKvCW/
r6FHKtpl/MIQkqKWN3oLJk4ZFQUFtexcJzy69Hxw60XGWSQ8/8t6tJ71AtG4BO1V
gt9LP6cR7RPiGVTuwpyt79dME6GEUWlT9H9kG4Lu13yCLqICDfeux4B2jnA6G41p
bz4zRaPHwVhDvxdeEPNoP4tERaorEDzCWJAnHoQ+WJws8maE+EMjXJaA+6OYh3mm
w9S7kvsVbYMlawtR+zbzCl2O1GUC4ug9ncupj1ESSTQHMVZSENS+txnFYKnYq+L2
ba5Zx6WUpTXFY/tUNoTpJt3IFH1S
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:24 2025 by rpki-client