Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/06938E90D24211EFB9CCEF8D762E951A.roa
File: 06938E90D24211EFB9CCEF8D762E951A.roa (raw, json)
Hash identifier: LF6gfvD1hSQxXXnSgYzgNyLlXAF5mPZNooM1efAvwOk=
Subject key identifier: B2:12:00:8B:2C:92:D5:45:24:29:C9:6C:14:06:7D:4A:0A:F8:40:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106B4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/06938E90D24211EFB9CCEF8D762E951A.roa
Signing time: Tue 14 Jan 2025 06:37:29 +0000
ROA not before: Tue 14 Jan 2025 06:37:26 +0000
ROA not after: Thu 15 May 2025 06:37:26 +0000
asID: 55020
IP address blocks: 156.224.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67252 (0x106b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 06:37:26 2025 GMT
Not After : May 15 06:37:26 2025 GMT
Subject: CN=67860629-5461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:15:7c:f9:0a:8e:10:45:cc:aa:cf:97:ec:dd:
fc:73:2e:85:01:52:55:44:c2:dd:f5:56:e0:21:39:
48:b6:6c:ea:14:cc:1b:2c:f3:d6:ac:42:15:54:03:
05:0a:96:d0:12:cf:1c:30:40:3c:6d:2b:50:6b:14:
3e:c7:10:9a:a5:c4:6a:d8:a4:b3:25:bb:e2:3d:77:
5c:3b:14:b4:2e:61:fc:af:ff:bd:70:be:e7:65:72:
66:7c:1f:88:2c:28:a0:82:89:c5:5d:8c:47:e8:1f:
43:bb:67:b7:6c:5c:c7:11:73:77:8c:10:93:6d:be:
66:7e:9b:8b:4e:91:49:c4:d1:46:89:b4:a6:12:f3:
7c:e9:17:a2:45:c6:0c:e9:9b:a1:15:7e:de:7e:8a:
4c:bd:43:9a:84:79:71:75:16:63:33:59:fb:60:9d:
49:f2:ae:be:68:4e:90:0f:e3:52:ad:fd:85:c6:e1:
1a:5e:e1:56:b8:9d:45:f4:b4:39:f4:56:2a:a1:58:
4b:ed:45:77:e1:b7:ae:17:11:21:19:21:62:68:ea:
7c:24:6d:0f:0f:5f:09:ff:a3:f2:c2:2f:e5:25:84:
84:74:dd:ad:39:5e:fb:c3:9a:5e:5c:12:0b:92:03:
09:28:93:17:56:d1:1d:b7:ea:11:5a:5b:37:5d:ba:
cf:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:12:00:8B:2C:92:D5:45:24:29:C9:6C:14:06:7D:4A:0A:F8:40:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/06938E90D24211EFB9CCEF8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.28.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:95:cd:3f:d9:37:b8:8d:84:d2:98:27:fa:75:25:22:62:4e:
01:33:68:cd:69:a1:84:e7:b1:37:32:e2:59:38:ad:4d:a1:ba:
18:30:83:a9:da:51:e7:ae:9e:8a:91:53:c3:b3:9f:a2:5d:75:
80:45:9c:64:d4:60:e4:d3:53:fe:be:bb:da:7d:28:4b:70:ca:
64:49:ef:c3:90:19:53:75:1b:06:c6:89:de:9f:b0:7a:43:4c:
f0:39:06:f0:c0:fb:d2:4e:a2:09:80:e2:e4:03:a3:75:80:bc:
14:6b:58:97:1a:53:e5:76:60:68:4e:5e:ca:9e:62:ea:8d:e3:
d0:fc:e9:11:c5:3d:01:4d:ba:fd:52:67:72:a6:b6:5c:18:66:
4d:c8:67:0f:a5:b6:e6:bd:c6:dd:24:f6:7c:33:3a:a8:0e:4b:
3a:51:c4:3a:c1:4f:36:31:4f:19:95:44:21:b4:9d:d4:4c:8d:
45:ad:be:81:d2:d0:cd:b2:46:6b:ee:1c:56:13:21:89:ba:bb:
41:52:5d:9a:15:0b:e6:68:79:b0:29:6a:a3:06:0c:76:a2:f6:
e8:cb:ac:3f:70:76:bd:04:38:72:48:eb:84:bd:d3:d6:cb:6c:
2c:28:7a:30:96:b6:f4:32:70:ae:69:fe:f1:2b:55:fe:ac:66:
ad:cf:0a:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQa0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDYzNzI2WhcNMjUwNTE1MDYzNzI2WjAYMRYw
FAYDVQQDEw02Nzg2MDYyOS01NDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqBV8+QqOEEXMqs+X7N38cy6FAVJVRMLd9VbgITlItmzqFMwbLPPWrEIV
VAMFCpbQEs8cMEA8bStQaxQ+xxCapcRq2KSzJbviPXdcOxS0LmH8r/+9cL7nZXJm
fB+ILCiggonFXYxH6B9Du2e3bFzHEXN3jBCTbb5mfpuLTpFJxNFGibSmEvN86Rei
RcYM6ZuhFX7efopMvUOahHlxdRZjM1n7YJ1J8q6+aE6QD+NSrf2FxuEaXuFWuJ1F
9LQ59FYqoVhL7UV34beuFxEhGSFiaOp8JG0PD18J/6Pywi/lJYSEdN2tOV77w5pe
XBILkgMJKJMXVtEdt+oRWls3XbrPQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLIS
AIssktVFJCnJbBQGfUoK+EDZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNjkzOEU5MEQyNDIxMUVGQjlDQ0VGOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOAcMA0GCSqGSIb3DQEBCwUA
A4IBAQC8lc0/2Te4jYTSmCf6dSUiYk4BM2jNaaGE57E3MuJZOK1NoboYMIOp2lHn
rp6KkVPDs5+iXXWARZxk1GDk01P+vrvafShLcMpkSe/DkBlTdRsGxonen7B6Q0zw
OQbwwPvSTqIJgOLkA6N1gLwUa1iXGlPldmBoTl7KnmLqjePQ/OkRxT0BTbr9Umdy
prZcGGZNyGcPpbbmvcbdJPZ8MzqoDks6UcQ6wU82MU8ZlUQhtJ3UTI1Frb6B0tDN
skZr7hxWEyGJurtBUl2aFQvmaHmwKWqjBgx2ovboy6w/cHa9BDhySOuEvdPWy2ws
KHowlrb0MnCuaf7xK1X+rGatzwrR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:07 2025 by rpki-client