Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/074EEF78D2E211EFBBD9277D762E951A.roa
File: 074EEF78D2E211EFBBD9277D762E951A.roa (raw, json)
Hash identifier: UT51NvgL+Jq1ahLjsiebng+qu+zxXByaCgyXP6jbn4A=
Subject key identifier: CA:C4:F6:75:ED:E0:5B:16:53:35:F4:43:B3:97:4F:50:EE:F7:AF:46
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01073D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/074EEF78D2E211EFBBD9277D762E951A.roa
Signing time: Wed 15 Jan 2025 01:42:50 +0000
ROA not before: Wed 15 Jan 2025 01:42:46 +0000
ROA not after: Thu 16 Dec 2027 01:42:46 +0000
asID: 17561
IP address blocks: 156.249.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67389 (0x1073d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 01:42:46 2025 GMT
Not After : Dec 16 01:42:46 2027 GMT
Subject: CN=6787129a-fcf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c1:65:8f:3f:74:9f:10:59:fa:a2:da:52:e2:
88:d8:5c:54:9a:88:bb:db:26:fd:f1:d7:4c:a6:65:
d4:03:00:a2:e1:c3:a0:07:af:cf:24:96:ef:81:84:
7c:2b:07:65:9a:79:0c:f4:25:51:45:26:d1:a9:fd:
50:d3:5e:27:4a:fc:9f:f7:b1:a2:3f:b8:69:d0:86:
5e:12:d2:5d:db:55:88:06:08:d3:0a:0f:ab:5c:b3:
a3:1c:76:99:c5:7e:d0:81:c7:21:b2:8a:4d:eb:61:
66:6e:34:11:b7:4b:d9:4c:27:9f:aa:e1:5a:da:ea:
34:e1:6a:db:21:7b:f7:7a:93:bf:c5:e8:8b:7f:dd:
05:fc:9e:25:de:3c:49:9d:7a:d6:97:0c:a5:63:3e:
92:ad:6a:20:e6:b0:08:af:4f:e5:53:68:83:d9:ea:
fa:cf:ad:61:9c:c0:73:d5:1f:28:47:2d:4b:06:96:
de:f7:c5:1a:1f:b6:b8:67:64:88:c3:fd:ef:e0:02:
46:78:0e:ae:e8:6f:6d:1b:ac:95:c1:d1:89:3d:94:
e4:d7:16:17:72:e9:b6:d9:ef:34:5f:e1:82:20:a7:
20:c2:31:03:2c:cb:e9:88:e2:d7:9c:c9:13:1f:a6:
8a:b8:1b:50:f9:48:c0:08:4f:ef:3d:2a:1b:a0:50:
0d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C4:F6:75:ED:E0:5B:16:53:35:F4:43:B3:97:4F:50:EE:F7:AF:46
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/074EEF78D2E211EFBBD9277D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.54.0/24
Signature Algorithm: sha256WithRSAEncryption
25:96:9c:ec:bc:e3:01:87:8d:ec:a7:d9:c5:43:54:1d:da:28:
df:60:3f:a2:68:95:2a:eb:9e:c7:f0:c7:5f:bc:a3:0c:9d:a1:
1c:35:d2:a0:c5:b2:8f:dd:91:d7:67:c4:10:9d:1b:6e:4a:cc:
71:72:3b:3a:6a:af:f8:f6:4d:61:6a:82:20:57:dd:84:1a:96:
a0:5b:60:aa:96:fd:d0:03:d7:de:24:40:57:ce:b2:c3:48:7b:
86:76:f2:53:5f:ae:a0:cc:af:5a:9a:b3:57:44:72:99:68:b5:
5f:a2:b9:e4:d2:03:c2:a5:ae:70:44:53:f8:34:e7:32:6d:ae:
66:83:8d:d4:a5:30:d6:d6:28:70:d2:43:1e:90:ef:8b:b6:d8:
4d:59:a2:2d:ea:b5:5e:6d:e4:cd:c3:0d:8d:cd:26:e6:96:cf:
03:b9:b9:1a:79:04:41:02:76:fd:1e:5f:c6:89:96:84:0b:88:
c2:8b:3e:e6:ff:25:7f:92:2b:69:9e:99:9f:94:39:c2:8b:15:
93:a6:28:64:a6:0e:66:06:80:0e:cd:c0:12:ed:7e:cb:99:d6:
cf:66:a1:71:1a:c4:1c:15:67:56:cb:e6:51:a3:62:63:a5:36:
9b:fc:ec:22:b9:8b:28:9a:f5:59:fa:31:80:59:57:3f:d1:be:
5c:44:b9:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQc9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDE0MjQ2WhcNMjcxMjE2MDE0MjQ2WjAYMRYw
FAYDVQQDEw02Nzg3MTI5YS1mY2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt8Fljz90nxBZ+qLaUuKI2FxUmoi72yb98ddMpmXUAwCi4cOgB6/PJJbv
gYR8KwdlmnkM9CVRRSbRqf1Q014nSvyf97GiP7hp0IZeEtJd21WIBgjTCg+rXLOj
HHaZxX7QgcchsopN62FmbjQRt0vZTCefquFa2uo04WrbIXv3epO/xeiLf90F/J4l
3jxJnXrWlwylYz6SrWog5rAIr0/lU2iD2er6z61hnMBz1R8oRy1LBpbe98UaH7a4
Z2SIw/3v4AJGeA6u6G9tG6yVwdGJPZTk1xYXcum22e80X+GCIKcgwjEDLMvpiOLX
nMkTH6aKuBtQ+UjACE/vPSoboFANvwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMrE
9nXt4FsWUzX0Q7OXT1Du969GMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNzRFRUY3OEQyRTIxMUVGQkJEOTI3N0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPk2MA0GCSqGSIb3DQEBCwUA
A4IBAQAllpzsvOMBh43sp9nFQ1Qd2ijfYD+iaJUq657H8MdfvKMMnaEcNdKgxbKP
3ZHXZ8QQnRtuSsxxcjs6aq/49k1haoIgV92EGpagW2Cqlv3QA9feJEBXzrLDSHuG
dvJTX66gzK9amrNXRHKZaLVfornk0gPCpa5wRFP4NOcyba5mg43UpTDW1ihw0kMe
kO+LtthNWaIt6rVebeTNww2NzSbmls8DubkaeQRBAnb9Hl/GiZaEC4jCiz7m/yV/
kitpnpmflDnCixWTpihkpg5mBoAOzcAS7X7LmdbPZqFxGsQcFWdWy+ZRo2JjpTab
/OwiuYsomvVZ+jGAWVc/0b5cRLnU
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:35 2025 by rpki-client