Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/064CE830CD1711EF985F96B8762E951A.roa
File: 064CE830CD1711EF985F96B8762E951A.roa (raw, json)
Hash identifier: LauKA/ZWlxKXp1lke+7fg7TSBtr+0MS72E47bLcvkEM=
Subject key identifier: C0:AD:A4:DF:10:F3:62:37:FE:48:B5:1E:A4:92:19:23:1A:B5:C8:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD23
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/064CE830CD1711EF985F96B8762E951A.roa
Signing time: Tue 07 Jan 2025 16:47:05 +0000
ROA not before: Tue 07 Jan 2025 16:47:01 +0000
ROA not after: Mon 13 Dec 2027 16:47:01 +0000
asID: 17561
IP address blocks: 156.241.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64803 (0xfd23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:47:01 2025 GMT
Not After : Dec 13 16:47:01 2027 GMT
Subject: CN=677d5a88-f052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ff:c4:4e:78:94:0b:2c:ec:b1:26:92:e1:d3:
60:94:77:5b:b2:42:38:2f:ed:0f:61:90:e0:ea:b7:
95:ca:5f:13:0b:cf:b4:8a:64:86:7b:c0:81:b7:61:
3b:3e:99:e7:dd:2b:fe:49:9e:f3:7b:59:2a:56:67:
bd:df:95:d3:43:ab:fc:52:6f:6a:d2:0c:55:0a:32:
13:70:0f:e8:91:b7:00:49:b8:b1:94:e0:fd:7c:a1:
33:4e:24:51:33:24:e9:70:e6:7b:ff:cb:97:77:95:
ec:03:18:3c:96:f7:0e:f4:2c:27:3b:6a:0b:28:56:
08:b0:c9:36:36:8c:bb:24:ae:c6:b1:d9:f5:eb:0f:
d6:30:ad:d8:08:65:de:7b:d0:39:ab:4a:2d:c7:fc:
ad:32:86:3a:34:19:9a:25:f3:65:5b:f7:2c:62:e4:
5d:aa:06:af:c0:c1:05:bc:a8:5a:f2:04:ee:63:57:
98:08:c5:8d:9f:29:db:87:73:c4:c0:5f:db:be:61:
05:8b:0f:52:d4:21:18:ba:67:06:c3:71:64:fb:e8:
ae:86:b4:cc:cd:03:f2:a4:06:a0:30:9d:a7:08:78:
cc:25:f0:b2:07:16:23:83:7b:a5:89:5b:b8:53:30:
c4:13:f6:d3:52:c7:94:31:e5:bc:8d:64:55:9c:d1:
e3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AD:A4:DF:10:F3:62:37:FE:48:B5:1E:A4:92:19:23:1A:B5:C8:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/064CE830CD1711EF985F96B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.21.0/24
Signature Algorithm: sha256WithRSAEncryption
19:dd:8a:f6:5c:1a:d7:d8:b2:ce:9d:41:f3:06:b1:e4:a6:75:
62:5b:98:7d:ea:12:f0:a5:55:40:26:32:e0:85:02:a9:34:c1:
d5:1b:cd:6e:ca:4b:ea:82:20:fb:35:7d:08:48:be:f2:0e:77:
07:f4:66:73:0c:2d:21:0b:7c:6f:41:20:5e:07:80:52:d7:4d:
9b:7d:85:de:96:7d:5c:4c:cb:0b:34:cf:7c:1e:6d:06:51:79:
20:93:29:1d:e1:dd:ca:f1:b5:9a:d4:79:54:ab:0a:67:99:ec:
38:e9:a8:30:bb:53:58:f6:74:7c:9a:75:00:72:c5:3a:ee:dd:
8f:99:bb:30:a9:b3:51:60:9e:de:80:f1:0e:9f:63:54:b1:4b:
86:f8:d0:00:50:9e:a3:ea:dc:d8:ab:10:d1:06:c9:8d:03:39:
4a:64:b4:be:bb:18:5d:cd:88:57:3c:6a:b0:fb:e4:7b:10:e4:
de:6d:91:fc:e6:4f:c8:68:81:56:fe:0b:39:db:fb:be:9a:13:
74:0f:00:63:b0:df:61:09:dd:87:fd:dd:26:1f:d5:58:da:46:
de:48:ee:da:37:02:e2:ef:82:f8:3f:0f:b7:9d:c4:11:ae:df:
87:a1:f9:41:f4:72:dc:54:7c:90:56:b4:4e:f3:ac:4a:7e:01:
74:bb:ec:6e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTY0NzAxWhcNMjcxMjEzMTY0NzAxWjAYMRYw
FAYDVQQDEw02NzdkNWE4OC1mMDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7P/ETniUCyzssSaS4dNglHdbskI4L+0PYZDg6reVyl8TC8+0imSGe8CB
t2E7Ppnn3Sv+SZ7ze1kqVme935XTQ6v8Um9q0gxVCjITcA/okbcASbixlOD9fKEz
TiRRMyTpcOZ7/8uXd5XsAxg8lvcO9CwnO2oLKFYIsMk2Noy7JK7Gsdn16w/WMK3Y
CGXee9A5q0otx/ytMoY6NBmaJfNlW/csYuRdqgavwMEFvKha8gTuY1eYCMWNnynb
h3PEwF/bvmEFiw9S1CEYumcGw3Fk++iuhrTMzQPypAagMJ2nCHjMJfCyBxYjg3ul
iVu4UzDEE/bTUseUMeW8jWRVnNHjHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMCt
pN8Q82I3/ki1HqSSGSMatchRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNjRDRTgzMENEMTcxMUVGOTg1Rjk2Qjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEVMA0GCSqGSIb3DQEBCwUA
A4IBAQAZ3Yr2XBrX2LLOnUHzBrHkpnViW5h96hLwpVVAJjLghQKpNMHVG81uykvq
giD7NX0ISL7yDncH9GZzDC0hC3xvQSBeB4BS102bfYXeln1cTMsLNM98Hm0GUXkg
kykd4d3K8bWa1HlUqwpnmew46agwu1NY9nR8mnUAcsU67t2PmbswqbNRYJ7egPEO
n2NUsUuG+NAAUJ6j6tzYqxDRBsmNAzlKZLS+uxhdzYhXPGqw++R7EOTebZH85k/I
aIFW/gs52/u+mhN0DwBjsN9hCd2H/d0mH9VY2kbeSO7aNwLi74L4Pw+3ncQRrt+H
oflB9HLcVHyQVrRO86xKfgF0u+xu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:19 2025 by rpki-client