Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364C81D/57069ECC890E11E98E15F062F8AEA228/74AA29FC3E9A11EFB1E37554762E951A.roa
File: 74AA29FC3E9A11EFB1E37554762E951A.roa (raw, json)
Hash identifier: WV585CADX8C6BW4JHivJOJddO/5hxxRDI5ze3ORaNIk=
Subject key identifier: 9E:6E:8E:61:8C:C5:70:7D:4F:0A:34:C1:84:B8:E0:58:D7:F1:16:32
Certificate issuer: /CN=F364C81DAR/serialNumber=0D27394E9CDE92155E4599D68410992D708BF244
Certificate serial: 0787
Authority key identifier: 0D:27:39:4E:9C:DE:92:15:5E:45:99:D6:84:10:99:2D:70:8B:F2:44
Authority info access: rsync://rpki.afrinic.net/repository/arin/DSc5TpzekhVeRZnWhBCZLXCL8kQ.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364C81D/57069ECC890E11E98E15F062F8AEA228/74AA29FC3E9A11EFB1E37554762E951A.roa
Signing time: Wed 10 Jul 2024 08:57:38 +0000
ROA not before: Wed 10 Jul 2024 08:57:34 +0000
ROA not after: Thu 01 Jan 2026 08:57:34 +0000
asID: 327822
IP address blocks: 169.255.20.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364C81D/57069ECC890E11E98E15F062F8AEA228/DSc5TpzekhVeRZnWhBCZLXCL8kQ.crl
rsync://rpki.afrinic.net/repository/member_repository/F364C81D/57069ECC890E11E98E15F062F8AEA228/DSc5TpzekhVeRZnWhBCZLXCL8kQ.mft
rsync://rpki.afrinic.net/repository/arin/DSc5TpzekhVeRZnWhBCZLXCL8kQ.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1927 (0x787)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364C81DAR
Validity
Not Before: Jul 10 08:57:34 2024 GMT
Not After : Jan 1 08:57:34 2026 GMT
Subject: CN=668e4d01-4ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:2b:3f:50:3f:0d:d7:62:5a:d8:39:4c:60:
ae:c9:56:2e:95:6a:90:dd:57:cc:cf:83:ee:df:f7:
86:94:f8:79:2f:1e:31:24:2a:62:f0:ba:a2:1a:3c:
01:59:5c:60:ab:e9:4c:02:be:6e:93:94:f9:39:f7:
a8:68:47:88:8e:a6:fe:b4:0d:97:59:2b:ef:cd:15:
2f:df:1b:6c:f6:9a:f6:03:b9:bf:ff:06:94:50:a2:
51:f3:ff:ba:32:f9:81:a3:a5:c1:f6:8b:34:38:1b:
44:e0:59:50:69:aa:e9:49:43:dd:39:e1:6c:9a:82:
0c:8e:4c:b0:95:e4:8c:08:dd:f2:0d:76:81:29:b9:
a4:48:80:a1:8e:24:5c:72:2a:17:ce:aa:19:d9:ba:
c1:fe:54:1f:ec:96:dd:97:a3:03:83:1b:76:da:3d:
27:48:53:69:cc:32:a8:24:a7:00:d3:0a:08:4d:1d:
06:2c:94:60:5c:cc:d3:2c:f5:ea:84:ba:7e:26:d0:
f3:1b:90:e3:a5:c2:e5:c1:8e:ec:cc:e5:91:1b:c6:
9e:76:a2:56:15:99:cb:16:73:2b:1b:10:08:8f:13:
cf:4a:9e:33:53:91:97:fe:5d:3a:af:80:cf:f7:7a:
3c:06:91:3b:1b:bd:a6:c6:57:11:11:0f:2b:f8:ea:
59:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6E:8E:61:8C:C5:70:7D:4F:0A:34:C1:84:B8:E0:58:D7:F1:16:32
X509v3 Authority Key Identifier:
keyid:0D:27:39:4E:9C:DE:92:15:5E:45:99:D6:84:10:99:2D:70:8B:F2:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364C81D/57069ECC890E11E98E15F062F8AEA228/DSc5TpzekhVeRZnWhBCZLXCL8kQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/DSc5TpzekhVeRZnWhBCZLXCL8kQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364C81D/57069ECC890E11E98E15F062F8AEA228/74AA29FC3E9A11EFB1E37554762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
169.255.20.0/22
Signature Algorithm: sha256WithRSAEncryption
45:27:eb:d0:5c:b7:f7:3f:d8:a6:08:4d:99:05:fc:b3:b2:80:
3a:97:27:7d:4a:dc:9c:ab:da:31:2a:95:64:6d:c1:de:ef:5e:
8b:6f:9a:af:b9:7a:70:b3:d6:42:6b:29:8f:ac:81:c5:c9:85:
48:51:85:2a:dc:36:6c:b3:01:fc:f2:84:d5:a1:0f:f5:d2:76:
fb:ee:d8:c6:11:3c:9d:f6:ba:6e:75:ce:67:1e:b4:60:41:fd:
75:73:ec:a6:76:4c:31:ea:ef:84:71:ce:b3:bf:12:0a:4e:5a:
57:ef:af:7f:31:96:68:66:78:ed:f4:11:ca:0c:27:d7:85:ae:
e4:69:4b:3e:b7:c5:5a:18:e8:c2:65:95:5e:c8:4f:38:17:3e:
d3:8e:99:2b:b9:6b:3e:fe:c9:a3:4e:09:5c:b0:89:a7:03:b9:
48:e5:11:e2:2b:76:6d:d9:d0:b8:a8:44:1e:1a:26:92:5a:1e:
15:d3:fd:ed:ba:99:37:4d:5a:d1:87:bf:d5:d3:36:60:27:9e:
da:bf:c9:cd:79:a8:48:cb:a6:ac:5d:34:03:8f:fd:89:be:9c:
a1:c1:8b:ef:55:df:6d:b3:8c:48:c7:55:15:6d:06:1a:27:7a:
e6:51:0e:8d:d6:72:b1:dc:50:da:c6:6e:50:92:fb:3e:d2:e2:
1d:fc:6d:1f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICB4cwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NEM4MURBUjExMC8GA1UEBRMoMEQyNzM5NEU5Q0RFOTIxNTVFNDU5OUQ2ODQxMDk5
MkQ3MDhCRjI0NDAeFw0yNDA3MTAwODU3MzRaFw0yNjAxMDEwODU3MzRaMBgxFjAU
BgNVBAMTDTY2OGU0ZDAxLTRiYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8yis/UD8N12Ja2DlMYK7JVi6VapDdV8zPg+7f94aU+HkvHjEkKmLwuqIa
PAFZXGCr6UwCvm6TlPk596hoR4iOpv60DZdZK+/NFS/fG2z2mvYDub//BpRQolHz
/7oy+YGjpcH2izQ4G0TgWVBpqulJQ9054WyaggyOTLCV5IwI3fINdoEpuaRIgKGO
JFxyKhfOqhnZusH+VB/slt2XowODG3baPSdIU2nMMqgkpwDTCghNHQYslGBczNMs
9eqEun4m0PMbkOOlwuXBjuzM5ZEbxp52olYVmcsWcysbEAiPE89KnjNTkZf+XTqv
gM/3ejwGkTsbvabGVxERDyv46llLAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUnm6O
YYzFcH1PCjTBhLjgWNfxFjIwHwYDVR0jBBgwFoAUDSc5TpzekhVeRZnWhBCZLXCL
8kQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjRDODFELzU3MDY5RUNDODkwRTExRTk4RTE1RjA2MkY4QUVBMjI4L0RTYzVU
cHpla2hWZVJabldoQkNaTFhDTDhrUS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0RTYzVUcHpla2hWZVJabldoQkNaTFhDTDhrUS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjRDODFELzU3MDY5RUNDODkwRTExRTk4RTE1RjA2MkY4QUVB
MjI4Lzc0QUEyOUZDM0U5QTExRUZCMUUzNzU1NDc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKp/xQwDQYJKoZIhvcNAQELBQAD
ggEBAEUn69Bct/c/2KYITZkF/LOygDqXJ31K3Jyr2jEqlWRtwd7vXotvmq+5enCz
1kJrKY+sgcXJhUhRhSrcNmyzAfzyhNWhD/XSdvvu2MYRPJ32um51zmcetGBB/XVz
7KZ2TDHq74RxzrO/EgpOWlfvr38xlmhmeO30EcoMJ9eFruRpSz63xVoY6MJllV7I
TzgXPtOOmSu5az7+yaNOCVywiacDuUjlEeIrdm3Z0LioRB4aJpJaHhXT/e26mTdN
WtGHv9XTNmAnntq/yc15qEjLpqxdNAOP/Ym+nKHBi+9V322zjEjHVRVtBhoneuZR
Do3WcrHcUNrGblCS+z7S4h38bR8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:01:20 2025 by rpki-client