Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07E65CE8C98F11EFB63A455A762E951A.roa
File: 07E65CE8C98F11EFB63A455A762E951A.roa (raw, json)
Hash identifier: WPzwurrllg5uHzQigsOvM0xC8fwEuoCBvIX2dKunszo=
Subject key identifier: CC:6A:2F:50:C2:2D:39:52:0F:0F:67:4C:78:B1:40:6C:B5:3F:B7:50
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5D1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07E65CE8C98F11EFB63A455A762E951A.roa
Signing time: Fri 03 Jan 2025 04:56:02 +0000
ROA not before: Fri 03 Jan 2025 04:55:59 +0000
ROA not after: Sat 13 Dec 2025 04:55:59 +0000
asID: 984
IP address blocks: 156.233.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62929 (0xf5d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:55:59 2025 GMT
Not After : Dec 13 04:55:59 2025 GMT
Subject: CN=67776de2-5150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e1:56:1c:52:77:14:e8:2b:69:8e:ef:7b:ad:
cb:0f:00:06:e8:f0:29:93:22:fa:17:1e:05:b7:7d:
d0:1d:54:f5:34:47:e7:fe:3a:58:32:1a:da:ab:05:
e4:04:c1:52:be:52:6e:e2:4f:2b:c5:aa:12:ac:1d:
9d:90:a5:a9:c0:15:3c:66:10:e2:4f:35:a9:2e:b8:
94:17:2d:02:99:dd:9c:f6:07:da:bb:fe:2f:27:53:
dc:13:92:9e:a3:e5:33:97:d4:b3:93:9f:45:c7:f0:
a8:83:a5:cf:0f:53:60:bf:70:ce:80:78:f9:7c:ec:
4a:b6:03:57:88:fd:d6:67:f8:12:6e:41:1f:52:10:
2d:7c:92:53:7f:dd:ae:8b:b6:3b:ab:b9:71:a1:a5:
81:54:59:b8:41:e4:d2:3b:7e:4a:64:aa:e3:1b:d5:
d0:f0:b1:1c:15:af:6a:8c:d2:45:db:47:2f:9f:30:
02:0d:a9:f9:ec:b5:86:77:60:79:70:76:7b:cb:21:
88:3d:bb:d1:09:59:44:1c:bb:d3:44:72:ab:c0:c6:
98:59:8a:38:65:3d:7f:04:bd:ea:bc:ba:cb:8a:d6:
42:79:34:f7:f9:7d:2b:e3:fb:21:23:02:36:d2:45:
55:40:ee:f9:75:e3:01:0a:4d:e2:7c:e4:a1:1a:85:
08:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:6A:2F:50:C2:2D:39:52:0F:0F:67:4C:78:B1:40:6C:B5:3F:B7:50
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07E65CE8C98F11EFB63A455A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.61.0/24
Signature Algorithm: sha256WithRSAEncryption
30:b7:94:aa:8b:7b:07:ea:4a:2b:35:f7:13:a0:1a:6a:81:fa:
df:91:e4:19:00:fe:74:95:a9:d2:1e:a4:9a:24:71:3a:ec:b0:
4c:0a:86:7d:36:df:35:65:b3:e2:e8:c8:bf:76:97:26:1d:dc:
2b:4e:e7:13:2e:32:75:7e:ef:fe:bc:c2:ce:42:b3:f9:1c:af:
f2:10:84:58:87:82:15:a7:1b:4e:4f:cd:2b:02:17:87:77:c8:
11:11:b3:8e:8e:4c:80:5d:3b:82:5b:cf:92:fd:b9:3e:43:9b:
e4:a4:f2:3a:9e:4e:9c:51:20:62:96:80:0b:31:51:48:22:ad:
cd:61:eb:a2:6d:e0:42:c8:16:fe:bc:03:94:42:60:ef:3c:30:
44:17:6b:5e:a8:fc:65:b5:fa:8a:49:45:05:3b:30:7c:29:99:
85:aa:ec:a2:ed:55:09:bc:fb:90:80:33:cd:bc:22:3a:bd:15:
24:b0:dd:73:e3:05:56:52:00:a7:f5:0c:a9:ef:b6:30:4c:83:
72:e9:d4:ba:e6:6c:65:2a:05:a4:aa:96:dd:12:58:37:49:5c:
f9:3f:bc:c7:ad:0c:a6:15:1b:90:47:b1:c2:56:f3:47:fc:97:
e5:25:da:2f:56:1e:a1:ab:9c:29:04:4f:e6:dd:a1:15:d3:a6:
de:15:9e:bd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPXRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQ1NTU5WhcNMjUxMjEzMDQ1NTU5WjAYMRYw
FAYDVQQDEw02Nzc3NmRlMi01MTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0OFWHFJ3FOgraY7ve63LDwAG6PApkyL6Fx4Ft33QHVT1NEfn/jpYMhra
qwXkBMFSvlJu4k8rxaoSrB2dkKWpwBU8ZhDiTzWpLriUFy0Cmd2c9gfau/4vJ1Pc
E5Keo+Uzl9Szk59Fx/Cog6XPD1Ngv3DOgHj5fOxKtgNXiP3WZ/gSbkEfUhAtfJJT
f92ui7Y7q7lxoaWBVFm4QeTSO35KZKrjG9XQ8LEcFa9qjNJF20cvnzACDan57LWG
d2B5cHZ7yyGIPbvRCVlEHLvTRHKrwMaYWYo4ZT1/BL3qvLrLitZCeTT3+X0r4/sh
IwI20kVVQO75deMBCk3ifOShGoUIsQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMxq
L1DCLTlSDw9nTHixQGy1P7dQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wN0U2NUNFOEM5OEYxMUVGQjYzQTQ1NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk9MA0GCSqGSIb3DQEBCwUA
A4IBAQAwt5Sqi3sH6korNfcToBpqgfrfkeQZAP50lanSHqSaJHE67LBMCoZ9Nt81
ZbPi6Mi/dpcmHdwrTucTLjJ1fu/+vMLOQrP5HK/yEIRYh4IVpxtOT80rAheHd8gR
EbOOjkyAXTuCW8+S/bk+Q5vkpPI6nk6cUSBiloALMVFIIq3NYeuibeBCyBb+vAOU
QmDvPDBEF2teqPxltfqKSUUFOzB8KZmFquyi7VUJvPuQgDPNvCI6vRUksN1z4wVW
UgCn9Qyp77YwTINy6dS65mxlKgWkqpbdElg3SVz5P7zHrQymFRuQR7HCVvNH/Jfl
JdovVh6hq5wpBE/m3aEV06beFZ69
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:33 2025 by rpki-client