Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366BE85/4DCDBDB4D29011EFB921AF78762E951A/7C21AA3ED29211EF86EA9485762E951A.roa
File: 7C21AA3ED29211EF86EA9485762E951A.roa (raw, json)
Hash identifier: 4sdnJ8RVycpCPlFVArT/uPl+lKxeM/KiQs7ThnHwqEM=
Subject key identifier: 59:2A:20:E7:6A:69:EF:70:30:EF:08:07:FF:B6:81:C6:A5:65:FC:E6
Certificate issuer: /CN=F366BE85AR/serialNumber=1E0522DE3CDAF68DC7A7857343D23C52E237B5A3
Certificate serial: 02
Authority key identifier: 1E:05:22:DE:3C:DA:F6:8D:C7:A7:85:73:43:D2:3C:52:E2:37:B5:A3
Authority info access: rsync://rpki.afrinic.net/repository/arin/HgUi3jza9o3Hp4VzQ9I8UuI3taM.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F366BE85/4DCDBDB4D29011EFB921AF78762E951A/7C21AA3ED29211EF86EA9485762E951A.roa
Signing time: Tue 14 Jan 2025 16:13:26 +0000
ROA not before: Wed 15 Jan 2025 16:13:22 +0000
ROA not after: Sun 31 Jan 2027 16:13:22 +0000
asID: 328704
IP address blocks: 156.0.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F366BE85/4DCDBDB4D29011EFB921AF78762E951A/HgUi3jza9o3Hp4VzQ9I8UuI3taM.crl
rsync://rpki.afrinic.net/repository/member_repository/F366BE85/4DCDBDB4D29011EFB921AF78762E951A/HgUi3jza9o3Hp4VzQ9I8UuI3taM.mft
rsync://rpki.afrinic.net/repository/arin/HgUi3jza9o3Hp4VzQ9I8UuI3taM.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Apr 2025 05:06:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F366BE85AR, serialNumber=1E0522DE3CDAF68DC7A7857343D23C52E237B5A3
Validity
Not Before: Jan 15 16:13:22 2025 GMT
Not After : Jan 31 16:13:22 2027 GMT
Subject: CN=67868d26-05d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:71:44:2f:82:e9:a9:4d:f4:d4:32:42:d2:45:
cd:f8:8e:62:2e:0c:5c:38:c1:df:75:8c:cc:ab:69:
c1:3c:00:a7:9c:d9:d6:20:23:93:b0:c3:b6:af:91:
c1:67:5f:fd:79:b4:d9:78:8e:b2:37:08:1d:3e:38:
a0:d1:8e:db:1b:ae:cf:08:c4:64:65:f9:d1:74:79:
ff:60:ea:69:81:1d:ca:d5:07:f6:ef:51:3d:c9:fe:
13:03:0c:43:53:0c:84:c8:71:0a:c3:e4:56:3a:14:
a1:e5:4d:b7:32:da:b0:16:63:d0:d9:f8:3c:d1:95:
54:de:ba:b8:5f:df:e3:37:b3:ca:e1:42:6e:de:92:
3a:c6:26:b6:0d:6e:89:88:a7:51:db:a1:61:5f:63:
73:f0:2b:b8:21:25:91:fb:70:c8:4a:a2:5b:1e:a1:
3b:bc:0f:64:2b:e5:d6:64:db:61:f4:12:b6:7f:28:
0b:bf:6e:87:84:90:91:67:62:51:93:6c:ec:1e:aa:
78:10:4e:51:20:40:64:20:74:8a:a7:ca:8d:b0:6e:
48:ba:56:12:98:76:bf:d3:df:62:5d:92:9d:e8:5e:
f3:d5:fc:0b:8a:f4:92:cd:e8:2f:59:8b:b8:51:df:
74:b8:88:80:46:90:f8:1a:86:18:f9:3d:fd:38:01:
7c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2A:20:E7:6A:69:EF:70:30:EF:08:07:FF:B6:81:C6:A5:65:FC:E6
X509v3 Authority Key Identifier:
keyid:1E:05:22:DE:3C:DA:F6:8D:C7:A7:85:73:43:D2:3C:52:E2:37:B5:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F366BE85/4DCDBDB4D29011EFB921AF78762E951A/HgUi3jza9o3Hp4VzQ9I8UuI3taM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/HgUi3jza9o3Hp4VzQ9I8UuI3taM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366BE85/4DCDBDB4D29011EFB921AF78762E951A/7C21AA3ED29211EF86EA9485762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.208.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:ee:b2:fa:7d:19:fe:88:24:a7:37:3b:21:6a:e3:54:9d:fc:
4b:a1:8d:6e:ee:94:18:04:40:26:48:ea:e3:b6:b1:09:8f:1b:
37:c5:08:9e:fb:56:3b:ad:23:52:58:5d:08:d7:62:79:93:3d:
e6:e3:95:d0:8e:24:96:4f:ba:22:fc:d3:d1:b1:0c:9e:86:2c:
f3:4d:80:6c:e7:5c:b6:c5:74:08:30:cc:ec:f8:b6:8f:5c:89:
73:78:9e:2a:66:fa:e2:c6:e4:3d:90:f3:89:89:72:a4:c3:1f:
b5:72:b1:5c:d1:e4:27:fa:ae:95:06:07:e5:e0:77:5b:d8:df:
8a:15:ec:8b:3e:76:c3:50:17:6c:eb:19:ac:26:0e:e9:34:58:
8b:13:3f:dd:57:bd:6c:93:c6:38:3e:9b:a2:8a:26:46:1d:85:
63:92:1b:f1:90:86:d2:5a:5c:3d:ec:80:24:1a:d4:96:8e:6f:
1a:7f:26:6e:5d:e5:f6:f0:f1:14:05:2d:74:b5:b2:49:dc:f2:
0f:db:38:c4:c7:94:41:14:c0:36:50:1a:f2:94:74:b3:e8:18:
ad:eb:1d:fe:b8:0a:d6:a1:a9:fc:3d:7d:ae:09:9c:0b:cf:91:
c2:95:5e:1e:00:64:30:e6:c6:54:04:88:7c:ea:cc:9b:f7:ea:
cb:b2:47:31
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
QkU4NUFSMTEwLwYDVQQFEygxRTA1MjJERTNDREFGNjhEQzdBNzg1NzM0M0QyM0M1
MkUyMzdCNUEzMB4XDTI1MDExNTE2MTMyMloXDTI3MDEzMTE2MTMyMlowGDEWMBQG
A1UEAxMNNjc4NjhkMjYtMDVkMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKVxRC+C6alN9NQyQtJFzfiOYi4MXDjB33WMzKtpwTwAp5zZ1iAjk7DDtq+R
wWdf/Xm02XiOsjcIHT44oNGO2xuuzwjEZGX50XR5/2DqaYEdytUH9u9RPcn+EwMM
Q1MMhMhxCsPkVjoUoeVNtzLasBZj0Nn4PNGVVN66uF/f4zezyuFCbt6SOsYmtg1u
iYinUduhYV9jc/AruCElkftwyEqiWx6hO7wPZCvl1mTbYfQStn8oC79uh4SQkWdi
UZNs7B6qeBBOUSBAZCB0iqfKjbBuSLpWEph2v9PfYl2Snehe89X8C4r0ks3oL1mL
uFHfdLiIgEaQ+BqGGPk9/TgBfHkCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRZKiDn
amnvcDDvCAf/toHGpWX85jAfBgNVHSMEGDAWgBQeBSLePNr2jcenhXND0jxS4je1
ozAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkJFODUvNERDREJEQjREMjkwMTFFRkI5MjFBRjc4NzYyRTk1MUEvSGdVaTNq
emE5bzNIcDRWelE5SThVdUkzdGFNLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
SGdVaTNqemE5bzNIcDRWelE5SThVdUkzdGFNLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NkJFODUvNERDREJEQjREMjkwMTFFRkI5MjFBRjc4NzYyRTk1
MUEvN0MyMUFBM0VEMjkyMTFFRjg2RUE5NDg1NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApwA0DANBgkqhkiG9w0BAQsFAAOC
AQEAmu6y+n0Z/ogkpzc7IWrjVJ38S6GNbu6UGARAJkjq47axCY8bN8UInvtWO60j
UlhdCNdieZM95uOV0I4klk+6IvzT0bEMnoYs802AbOdctsV0CDDM7Pi2j1yJc3ie
Kmb64sbkPZDziYlypMMftXKxXNHkJ/qulQYH5eB3W9jfihXsiz52w1AXbOsZrCYO
6TRYixM/3Ve9bJPGOD6booomRh2FY5Ib8ZCG0lpcPeyAJBrUlo5vGn8mbl3l9vDx
FAUtdLWySdzyD9s4xMeUQRTANlAa8pR0s+gYresd/rgK1qGp/D19rgmcC8+RwpVe
HgBkMObGVASIfOrMm/fqy7JHMQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:08:28 2025 by rpki-client