Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/06A3A8A4CE4411EFA4F0894B762E951A.roa
File: 06A3A8A4CE4411EFA4F0894B762E951A.roa (raw, json)
Hash identifier: bx/6tGTQ6B9x2EQ/dPdnApPMaGdD08HsS1OEK+iyMJ8=
Subject key identifier: 76:6B:05:81:38:BB:A1:B9:14:80:0D:4F:CA:53:13:35:62:4B:B7:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010287
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/06A3A8A4CE4411EFA4F0894B762E951A.roa
Signing time: Thu 09 Jan 2025 04:41:44 +0000
ROA not before: Thu 09 Jan 2025 04:41:40 +0000
ROA not after: Fri 09 Jan 2026 04:41:40 +0000
asID: 17561
IP address blocks: 156.245.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66183 (0x10287)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 04:41:40 2025 GMT
Not After : Jan 9 04:41:40 2026 GMT
Subject: CN=677f5387-a221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:97:1a:20:ae:d5:42:44:ac:1e:91:22:36:34:
4d:76:0f:98:9e:66:3f:07:25:80:9b:39:3c:70:d1:
6e:f0:2d:8f:af:3f:8c:8a:fa:1c:39:d4:5f:94:11:
56:b8:cb:34:0a:0f:29:2e:9e:92:c9:d3:98:e0:8d:
7b:2d:30:0e:d7:5c:8d:bc:45:17:6b:c3:73:6e:19:
df:65:c2:d5:36:52:06:f5:50:3c:d5:00:06:39:8e:
e3:fd:f7:0c:65:80:57:e6:27:b9:47:76:22:1f:84:
13:03:56:72:b8:d2:71:79:35:dd:ca:b4:00:ba:26:
9b:cd:bd:91:50:18:2f:ef:70:0a:87:a4:f8:fd:22:
a6:65:b4:ae:16:41:d0:82:4a:66:f0:58:3f:35:d5:
75:76:3a:88:c2:93:12:ea:9e:ad:02:8d:c9:b0:7c:
31:66:4b:1b:97:ec:da:ba:e7:4a:d7:bb:10:25:89:
00:66:7d:f4:a5:7a:25:6c:0e:ae:66:9b:c0:b9:ef:
f2:b4:b3:41:79:29:9e:72:65:56:1b:fe:66:36:ac:
0f:e9:73:d4:3a:cd:39:02:68:7e:b0:3e:1b:8a:6a:
74:2b:da:f0:cc:9e:ee:52:8f:62:1f:c8:03:df:9a:
3b:53:fc:38:33:ad:c4:96:c5:5d:c3:77:c1:75:d1:
dc:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6B:05:81:38:BB:A1:B9:14:80:0D:4F:CA:53:13:35:62:4B:B7:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/06A3A8A4CE4411EFA4F0894B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.119.0/24
Signature Algorithm: sha256WithRSAEncryption
49:48:8b:f2:f0:d9:77:19:dd:e3:03:dc:df:8e:ee:2c:37:f6:
a6:98:b6:d3:4c:52:f4:c2:7a:64:33:4d:70:ef:28:ef:15:df:
de:2f:ba:b2:ef:40:2d:48:87:51:50:e9:c9:76:e1:a9:27:46:
4f:74:47:2e:08:ac:4b:ff:48:4d:e7:43:e4:ad:3d:3b:e5:49:
3f:a2:04:c2:22:f6:2d:ef:02:95:6d:d4:3d:4f:d5:a8:3c:07:
7e:90:84:8b:65:b3:9c:a8:47:86:d3:d1:3f:e0:2f:39:1b:aa:
38:1e:ad:b9:94:8e:e9:33:0d:a2:96:c7:c3:3d:90:4f:b1:56:
16:30:a6:af:7e:71:d8:9c:08:e3:f9:0d:bf:c7:f7:da:3b:27:
e4:13:fb:fa:dc:c7:ed:dc:d8:bd:1c:7e:15:c9:1f:63:a6:12:
98:61:a7:6a:3c:ba:9d:85:18:0a:67:dc:d5:cb:1d:4a:e7:da:
aa:d5:af:a7:13:49:86:7b:9f:09:34:d8:8b:94:df:43:9d:32:
05:63:d1:70:63:f5:c1:c5:d5:21:fe:e4:d5:df:ee:5f:89:c9:
64:68:24:fa:08:31:f3:3c:93:d1:a3:04:86:3d:6f:bc:6c:0e:
4c:2e:3c:dc:2e:51:9a:0a:93:90:2b:92:09:6f:85:b1:9d:fd:
5c:06:3c:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQKHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDQ0MTQwWhcNMjYwMTA5MDQ0MTQwWjAYMRYw
FAYDVQQDEw02NzdmNTM4Ny1hMjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyJcaIK7VQkSsHpEiNjRNdg+YnmY/ByWAmzk8cNFu8C2Prz+MivocOdRf
lBFWuMs0Cg8pLp6SydOY4I17LTAO11yNvEUXa8NzbhnfZcLVNlIG9VA81QAGOY7j
/fcMZYBX5ie5R3YiH4QTA1ZyuNJxeTXdyrQAuiabzb2RUBgv73AKh6T4/SKmZbSu
FkHQgkpm8Fg/NdV1djqIwpMS6p6tAo3JsHwxZksbl+zauudK17sQJYkAZn30pXol
bA6uZpvAue/ytLNBeSmecmVWG/5mNqwP6XPUOs05Amh+sD4bimp0K9rwzJ7uUo9i
H8gD35o7U/w4M63ElsVdw3fBddHcwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHZr
BYE4u6G5FIANT8pTEzViS7ciMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNkEzQThBNENFNDQxMUVGQTRGMDg5NEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPV3MA0GCSqGSIb3DQEBCwUA
A4IBAQBJSIvy8Nl3Gd3jA9zfju4sN/ammLbTTFL0wnpkM01w7yjvFd/eL7qy70At
SIdRUOnJduGpJ0ZPdEcuCKxL/0hN50PkrT075Uk/ogTCIvYt7wKVbdQ9T9WoPAd+
kISLZbOcqEeG09E/4C85G6o4Hq25lI7pMw2ilsfDPZBPsVYWMKavfnHYnAjj+Q2/
x/faOyfkE/v63Mft3Ni9HH4VyR9jphKYYadqPLqdhRgKZ9zVyx1K59qq1a+nE0mG
e58JNNiLlN9DnTIFY9FwY/XBxdUh/uTV3+5ficlkaCT6CDHzPJPRowSGPW+8bA5M
LjzcLlGaCpOQK5IJb4Wxnf1cBjwJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:29 2025 by rpki-client