Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07184EBAD58E11EFA9CA2B59762E951A.roa
File: 07184EBAD58E11EFA9CA2B59762E951A.roa (raw, json)
Hash identifier: c3z/DxKQ3FVCxEmXCcitpLZkFJ6MtbB7C47uYrCH0gI=
Subject key identifier: E8:80:3B:DB:5E:25:AC:B5:B1:25:8E:FA:A2:78:B2:A6:B8:23:2F:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010BA5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07184EBAD58E11EFA9CA2B59762E951A.roa
Signing time: Sat 18 Jan 2025 11:19:05 +0000
ROA not before: Sat 18 Jan 2025 11:19:01 +0000
ROA not after: Thu 22 Jan 2026 11:19:01 +0000
asID: 63199
IP address blocks: 156.255.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68517 (0x10ba5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 18 11:19:01 2025 GMT
Not After : Jan 22 11:19:01 2026 GMT
Subject: CN=678b8e29-4798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d0:38:19:ba:45:62:2d:d4:e4:7a:0a:00:08:
c0:58:49:46:7e:fe:46:fa:6d:83:0d:fb:65:46:4e:
05:d2:cd:3b:78:f1:9b:17:6b:cc:d1:fd:00:ed:1f:
63:a1:b8:c9:c0:03:00:46:9b:cf:4b:33:85:ea:84:
ea:ea:e8:3e:73:ae:66:88:59:7a:8b:92:f4:49:db:
d8:25:96:87:22:f3:b8:58:5b:5f:2b:40:2c:37:c9:
90:f1:a1:ec:f5:9a:a5:c2:eb:69:71:d9:96:13:b3:
4d:92:75:86:52:78:41:0c:18:17:9e:2e:40:9e:63:
13:b9:de:40:b7:5d:5b:c0:84:97:65:b1:d0:30:93:
9a:dd:e1:23:f5:de:5c:c4:eb:3a:f5:48:19:15:09:
b4:f6:9a:2e:6a:0f:43:d7:86:25:15:95:0c:9a:2f:
b7:49:66:11:79:19:91:31:81:3c:7f:58:d7:ae:a4:
a4:4b:a3:69:c3:50:26:d3:a8:27:00:18:46:56:88:
27:5a:b9:da:7d:26:19:02:29:44:1a:fd:08:e7:5a:
39:3e:2c:68:8c:be:f2:41:5a:94:b5:73:c3:7f:72:
93:0f:f0:aa:11:e8:1f:c3:98:c6:c8:95:40:ce:bb:
9c:26:32:83:57:0e:26:bb:f0:a0:30:51:24:b9:d9:
40:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:80:3B:DB:5E:25:AC:B5:B1:25:8E:FA:A2:78:B2:A6:B8:23:2F:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07184EBAD58E11EFA9CA2B59762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.63.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:08:1f:e5:67:53:a4:d4:69:8e:9c:cb:e8:08:de:72:f1:6d:
e2:6f:cd:6e:7c:c4:49:6c:d2:0a:e0:c3:2c:93:37:c8:4b:5e:
05:36:d8:f3:d3:c0:b8:0b:33:68:b2:6b:14:03:b3:a0:94:1d:
d5:fd:e8:66:9d:1b:22:52:92:5c:7d:13:37:f9:ce:02:78:56:
56:76:a6:42:fb:77:08:9c:a6:66:f6:3f:e4:e1:8e:28:e6:b0:
1f:e8:1a:99:73:1f:76:c4:5c:e0:eb:57:f7:bc:65:4a:58:a5:
a2:d4:d8:83:b5:cf:87:58:41:ee:24:8f:07:2f:8b:71:c7:c6:
09:5e:38:c1:20:10:ea:db:a3:0f:1f:be:e6:4d:df:2f:2c:6e:
ec:1b:86:f6:3a:e6:b3:45:17:a7:c6:5e:c9:ee:eb:54:3e:d2:
52:ce:fa:8f:69:ed:d5:0f:17:34:23:42:58:60:2e:0e:29:20:
51:d6:52:eb:dd:0a:81:23:dd:81:ab:7e:1d:73:a6:d4:7d:e5:
eb:58:31:c5:e9:bc:31:42:2d:61:26:dd:e6:51:86:52:d2:27:
98:ee:73:51:aa:ec:f4:56:7c:57:49:a2:42:ab:82:e5:e2:90:
98:13:84:11:bd:71:cb:72:92:d2:c5:51:a2:8b:59:73:6d:8a:
5f:29:5a:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQulMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE4MTExOTAxWhcNMjYwMTIyMTExOTAxWjAYMRYw
FAYDVQQDEw02NzhiOGUyOS00Nzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzdA4GbpFYi3U5HoKAAjAWElGfv5G+m2DDftlRk4F0s07ePGbF2vM0f0A
7R9jobjJwAMARpvPSzOF6oTq6ug+c65miFl6i5L0SdvYJZaHIvO4WFtfK0AsN8mQ
8aHs9ZqlwutpcdmWE7NNknWGUnhBDBgXni5AnmMTud5At11bwISXZbHQMJOa3eEj
9d5cxOs69UgZFQm09pouag9D14YlFZUMmi+3SWYReRmRMYE8f1jXrqSkS6Npw1Am
06gnABhGVognWrnafSYZAilEGv0I51o5PixojL7yQVqUtXPDf3KTD/CqEegfw5jG
yJVAzrucJjKDVw4mu/CgMFEkudlAUwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOiA
O9teJay1sSWO+qJ4sqa4Iy/FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNzE4NEVCQUQ1OEUxMUVGQTlDQTJCNTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8/MA0GCSqGSIb3DQEBCwUA
A4IBAQBMCB/lZ1Ok1GmOnMvoCN5y8W3ib81ufMRJbNIK4MMskzfIS14FNtjz08C4
CzNosmsUA7OglB3V/ehmnRsiUpJcfRM3+c4CeFZWdqZC+3cInKZm9j/k4Y4o5rAf
6BqZcx92xFzg61f3vGVKWKWi1NiDtc+HWEHuJI8HL4txx8YJXjjBIBDq26MPH77m
Td8vLG7sG4b2OuazRRenxl7J7utUPtJSzvqPae3VDxc0I0JYYC4OKSBR1lLr3QqB
I92Bq34dc6bUfeXrWDHF6bwxQi1hJt3mUYZS0ieY7nNRquz0VnxXSaJCq4Ll4pCY
E4QRvXHLcpLSxVGii1lzbYpfKVpQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:42 2025 by rpki-client