Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2C0BBE4CCD411EF87E78A99762E951A.roa
File: F2C0BBE4CCD411EF87E78A99762E951A.roa (raw, json)
Hash identifier: dZNVtB6zAbKD9/bpUDKTGYDzpEvJC/uMHcue3CHmJnc=
Subject key identifier: B7:25:75:D6:D8:D7:45:6F:3A:1C:0D:CC:97:4C:F9:4E:71:53:22:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAF6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2C0BBE4CCD411EF87E78A99762E951A.roa
Signing time: Tue 07 Jan 2025 08:54:05 +0000
ROA not before: Tue 07 Jan 2025 08:54:01 +0000
ROA not after: Mon 13 Dec 2027 08:54:01 +0000
asID: 17561
IP address blocks: 156.233.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64246 (0xfaf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:54:01 2025 GMT
Not After : Dec 13 08:54:01 2027 GMT
Subject: CN=677cebad-3c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:12:9e:0a:b0:e6:69:94:43:83:cd:55:d9:cc:
72:ee:d0:ce:6b:06:7f:34:85:de:e6:df:94:f7:e8:
68:e4:d9:86:17:4e:2a:ae:cf:1a:a0:9c:61:0b:41:
0b:ca:b2:b6:0c:2d:0a:fc:88:77:73:69:65:c9:32:
45:e9:c5:c0:5a:96:e2:e9:4f:b4:d7:c2:53:13:42:
8b:f3:1a:67:a9:5a:cf:c2:bc:1c:02:87:e1:7a:b1:
a1:0b:cd:d9:a5:65:22:b1:ae:d4:ba:f2:bd:a3:52:
be:51:5f:d2:f2:7f:08:d8:7e:14:11:11:15:3a:ab:
db:ad:ad:95:45:67:33:16:a0:62:04:e5:47:cd:ce:
a0:e2:d2:4d:df:ad:25:81:33:57:8c:9e:c6:9e:29:
d2:a5:5f:b1:76:f0:46:28:94:2e:e7:66:77:09:b3:
1b:ae:50:45:82:dd:71:aa:ff:8f:50:16:e8:85:26:
63:ba:c8:10:b0:e7:4a:01:d6:d2:f9:08:ce:05:51:
51:d7:ac:31:01:e2:45:95:24:c9:ff:be:e9:13:0f:
ab:f5:9f:03:55:c6:1a:37:a1:59:6e:64:b9:d3:93:
b1:df:49:4e:3f:07:41:b3:1b:16:3d:7f:73:c8:18:
3e:4e:9e:42:a2:74:8a:0b:00:5b:fd:e2:3d:eb:1b:
41:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:25:75:D6:D8:D7:45:6F:3A:1C:0D:CC:97:4C:F9:4E:71:53:22:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2C0BBE4CCD411EF87E78A99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:79:5a:9e:74:eb:90:6a:b3:19:5c:81:0a:9d:8f:4e:64:c6:
0c:30:79:bd:30:d7:1d:82:9a:3f:09:36:6a:57:01:bc:0e:4e:
1c:5e:ee:f3:b4:fa:d1:e8:3d:5c:eb:82:da:10:16:ee:90:c9:
3d:1a:98:d6:45:2c:42:8d:c0:50:36:39:ac:66:a0:41:79:0b:
f2:2b:ea:2d:5e:e1:2a:af:99:e0:eb:9f:b0:73:ec:04:78:a6:
f3:f3:35:bc:fd:12:d9:24:12:6a:ef:44:b2:f0:03:55:9f:2d:
14:fb:f6:d3:78:b1:69:0b:c7:77:d5:1e:16:b0:39:db:23:2e:
96:6f:30:bc:e9:9e:83:30:7f:30:4b:a3:04:2a:87:dc:8e:6c:
74:69:4f:33:a0:d6:70:27:a7:7b:fc:99:8e:b3:d9:ff:7d:75:
f3:3f:30:ca:4f:03:7c:d8:16:74:74:84:5f:a5:60:e0:6c:be:
b1:e6:23:0a:83:c7:1b:4f:f1:0a:9d:6f:af:a5:c5:9b:c1:4c:
99:82:76:d6:57:95:51:31:8d:f7:c3:45:cd:d1:0d:d0:0e:ce:
9d:55:ea:b7:93:d8:c1:fb:e5:50:1f:91:a1:36:da:a6:cd:35:
8b:11:1f:eb:9e:24:ea:fa:85:d6:57:31:c1:e8:e8:bf:cd:4d:
eb:2e:a2:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPr2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDg1NDAxWhcNMjcxMjEzMDg1NDAxWjAYMRYw
FAYDVQQDEw02NzdjZWJhZC0zYzIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxBKeCrDmaZRDg81V2cxy7tDOawZ/NIXe5t+U9+ho5NmGF04qrs8aoJxh
C0ELyrK2DC0K/Ih3c2llyTJF6cXAWpbi6U+018JTE0KL8xpnqVrPwrwcAofherGh
C83ZpWUisa7UuvK9o1K+UV/S8n8I2H4UEREVOqvbra2VRWczFqBiBOVHzc6g4tJN
360lgTNXjJ7GninSpV+xdvBGKJQu52Z3CbMbrlBFgt1xqv+PUBbohSZjusgQsOdK
AdbS+QjOBVFR16wxAeJFlSTJ/77pEw+r9Z8DVcYaN6FZbmS505Ox30lOPwdBsxsW
PX9zyBg+Tp5ConSKCwBb/eI96xtB1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLcl
ddbY10VvOhwNzJdM+U5xUyKnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMkMwQkJFNENDRDQxMUVGODdFNzhBOTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmqMA0GCSqGSIb3DQEBCwUA
A4IBAQANeVqedOuQarMZXIEKnY9OZMYMMHm9MNcdgpo/CTZqVwG8Dk4cXu7ztPrR
6D1c64LaEBbukMk9GpjWRSxCjcBQNjmsZqBBeQvyK+otXuEqr5ng65+wc+wEeKbz
8zW8/RLZJBJq70Sy8ANVny0U+/bTeLFpC8d31R4WsDnbIy6WbzC86Z6DMH8wS6ME
Kofcjmx0aU8zoNZwJ6d7/JmOs9n/fXXzPzDKTwN82BZ0dIRfpWDgbL6x5iMKg8cb
T/EKnW+vpcWbwUyZgnbWV5VRMY33w0XN0Q3QDs6dVeq3k9jB++VQH5GhNtqmzTWL
ER/rniTq+oXWVzHB6Oi/zU3rLqJs
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:32 2025 by rpki-client