Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07EF55FACD1811EFB345D2BE762E951A.roa
File: 07EF55FACD1811EFB345D2BE762E951A.roa (raw, json)
Hash identifier: jW6/Cirn6ojHNvnb8os3qpguuMA3QGeFjlHcJnh0UZI=
Subject key identifier: 6D:C0:6F:21:45:BF:64:CE:B6:EE:4D:35:5B:C2:F0:47:08:67:47:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD2B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07EF55FACD1811EFB345D2BE762E951A.roa
Signing time: Tue 07 Jan 2025 16:54:17 +0000
ROA not before: Tue 07 Jan 2025 16:54:13 +0000
ROA not after: Mon 13 Dec 2027 16:54:13 +0000
asID: 17561
IP address blocks: 156.241.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64811 (0xfd2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:54:13 2025 GMT
Not After : Dec 13 16:54:13 2027 GMT
Subject: CN=677d5c39-c914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ee:b4:7e:29:75:6a:f4:ac:ec:80:37:23:1b:
2c:4c:bc:12:60:42:1d:f5:6c:b6:2e:74:7c:95:8f:
8e:2f:02:4a:a3:e6:4c:92:29:25:56:87:0c:ff:40:
30:c9:eb:c8:a1:75:72:61:55:d3:4d:af:d9:b0:27:
ee:86:d1:3c:e3:18:68:54:c8:5a:52:35:3c:d3:47:
08:c3:c5:7b:1a:74:2e:35:04:bf:9c:58:99:a9:d0:
33:52:4f:bd:84:57:ff:ec:b7:3d:4b:2e:f7:5f:96:
3d:fb:58:9a:49:58:f6:cf:f1:68:7f:3f:e5:36:bd:
e6:52:1f:3a:b6:2b:84:7c:df:08:27:5f:7c:e2:da:
4c:36:4e:17:24:89:1f:96:eb:8f:4b:b5:ce:f7:ce:
9f:e4:96:0c:b4:c6:6f:d6:fc:45:30:b2:5e:f1:a9:
b1:9a:dd:c3:d3:7a:76:83:a2:ed:ed:91:f5:12:a2:
cc:fb:e2:4d:10:ff:15:94:69:50:98:ff:a8:4c:02:
1e:77:6e:af:10:fb:fa:dc:f5:dd:08:16:f6:3e:b1:
5e:58:d9:b9:4a:b3:46:67:1a:3e:c5:5f:01:64:e2:
18:ad:17:42:9c:c3:ee:26:7a:8d:76:5a:d6:0f:89:
33:16:2b:b8:8a:ac:42:a7:c4:c0:f0:1b:33:90:cd:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C0:6F:21:45:BF:64:CE:B6:EE:4D:35:5B:C2:F0:47:08:67:47:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07EF55FACD1811EFB345D2BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.25.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:c6:d0:92:4f:bb:47:b5:1c:be:fe:5f:72:41:67:f3:fa:4e:
e2:6d:28:46:68:40:2e:d7:ce:3b:4d:04:92:ad:a1:d7:86:bd:
69:7e:12:42:cd:1b:09:71:b0:74:87:07:27:16:c5:5f:be:4b:
46:3d:ec:78:97:41:28:e6:d4:8b:42:69:e9:90:e7:86:93:a1:
06:38:de:7b:70:e0:60:38:62:01:48:c1:9c:a4:a4:95:c0:b8:
a5:82:96:27:c3:6e:ef:9e:1e:ff:4b:72:5c:51:b5:ca:2c:ab:
a6:39:b6:9d:e1:12:9a:c6:bd:b1:b1:86:31:68:cd:f9:87:2b:
8c:4b:fe:ef:ae:f1:97:17:ec:86:7d:b7:3f:00:f3:fe:7a:25:
71:61:99:af:25:d6:e9:3a:fe:b6:f6:31:41:44:f8:1f:13:63:
c4:b0:ea:42:04:28:88:1b:fb:fd:01:74:fa:bc:61:9e:7c:c2:
48:25:6c:48:de:ff:42:6f:ea:d1:59:86:5c:c6:36:b6:e0:df:
af:3d:25:18:8e:07:02:41:ef:10:14:42:7c:6a:c1:96:1b:57:
bb:09:f5:c4:f1:2e:2c:c4:73:fd:9e:7d:c7:ee:e1:78:1e:a7:
b0:3a:4b:8e:49:5b:aa:d0:95:3b:e7:e9:9b:ea:30:98:df:10:
7c:7b:b9:33
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTY1NDEzWhcNMjcxMjEzMTY1NDEzWjAYMRYw
FAYDVQQDEw02NzdkNWMzOS1jOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2O60fil1avSs7IA3IxssTLwSYEId9Wy2LnR8lY+OLwJKo+ZMkiklVocM
/0AwyevIoXVyYVXTTa/ZsCfuhtE84xhoVMhaUjU800cIw8V7GnQuNQS/nFiZqdAz
Uk+9hFf/7Lc9Sy73X5Y9+1iaSVj2z/Fofz/lNr3mUh86tiuEfN8IJ1984tpMNk4X
JIkfluuPS7XO986f5JYMtMZv1vxFMLJe8amxmt3D03p2g6Lt7ZH1EqLM++JNEP8V
lGlQmP+oTAIed26vEPv63PXdCBb2PrFeWNm5SrNGZxo+xV8BZOIYrRdCnMPuJnqN
dlrWD4kzFiu4iqxCp8TA8BszkM1NdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG3A
byFFv2TOtu5NNVvC8EcIZ0fhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wN0VGNTVGQUNEMTgxMUVGQjM0NUQyQkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEZMA0GCSqGSIb3DQEBCwUA
A4IBAQCMxtCST7tHtRy+/l9yQWfz+k7ibShGaEAu1847TQSSraHXhr1pfhJCzRsJ
cbB0hwcnFsVfvktGPex4l0Eo5tSLQmnpkOeGk6EGON57cOBgOGIBSMGcpKSVwLil
gpYnw27vnh7/S3JcUbXKLKumObad4RKaxr2xsYYxaM35hyuMS/7vrvGXF+yGfbc/
APP+eiVxYZmvJdbpOv629jFBRPgfE2PEsOpCBCiIG/v9AXT6vGGefMJIJWxI3v9C
b+rRWYZcxja24N+vPSUYjgcCQe8QFEJ8asGWG1e7CfXE8S4sxHP9nn3H7uF4Hqew
OkuOSVuq0JU75+mb6jCY3xB8e7kz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:09 2025 by rpki-client