Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0ABC37E6D2FC11EF8E631DB0762E951A.roa
File: 0ABC37E6D2FC11EF8E631DB0762E951A.roa (raw, json)
Hash identifier: /D0Pfuxqs0y24QclDw/DTh4B5J+6ayfk2r0EKeAJKQI=
Subject key identifier: A3:F8:D3:F6:43:CB:FD:7A:9B:BA:FA:36:34:0C:10:9E:9D:64:94:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107CB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0ABC37E6D2FC11EF8E631DB0762E951A.roa
Signing time: Wed 15 Jan 2025 04:49:03 +0000
ROA not before: Wed 15 Jan 2025 04:48:59 +0000
ROA not after: Mon 03 Jan 2028 04:48:59 +0000
asID: 17561
IP address blocks: 156.254.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67531 (0x107cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:48:59 2025 GMT
Not After : Jan 3 04:48:59 2028 GMT
Subject: CN=67873e3e-1738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9f:80:5f:b4:33:8c:47:3f:0a:03:02:72:4f:
c1:bc:04:da:98:0c:85:b9:39:b6:5c:e4:8c:d5:24:
2d:6e:2c:a6:c0:51:f2:25:fc:0b:d3:a0:95:ae:55:
fe:70:00:98:ce:7d:5d:53:89:4d:f5:f0:9d:c7:35:
c1:93:7e:a3:f6:05:a6:82:f8:ef:d7:95:a0:26:66:
0a:58:ad:c5:30:7b:f3:e8:d7:71:ab:58:bb:f3:8e:
22:44:0c:a3:1e:0b:fe:9b:0d:31:18:e8:dd:86:a3:
69:1b:6b:dc:72:e2:29:14:90:cd:9f:87:a7:32:c7:
5b:76:b0:38:43:66:6f:e6:f1:54:fd:8c:9a:c0:10:
42:30:ea:3c:a0:12:8f:f5:c3:35:23:97:d2:76:8e:
5b:3c:f3:99:fe:55:67:f7:04:32:0b:46:80:5f:cf:
97:74:31:e7:a9:f2:44:ac:13:bf:13:87:85:a8:48:
cf:b8:ed:cb:f9:59:1d:df:a2:78:37:b0:2a:1f:18:
c2:ff:d0:7c:cc:76:6e:3d:e5:5b:8e:6f:05:61:41:
ff:d5:0c:3b:8f:59:d3:19:67:db:c2:51:50:3d:7d:
2a:70:81:9a:c8:4b:fb:48:57:a4:5a:84:52:e5:ac:
45:7f:83:dc:43:43:24:84:b9:d7:ec:bf:3f:6a:e8:
83:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F8:D3:F6:43:CB:FD:7A:9B:BA:FA:36:34:0C:10:9E:9D:64:94:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0ABC37E6D2FC11EF8E631DB0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.16.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:76:81:e1:c0:2f:16:82:bc:f6:a6:4f:6d:ad:8e:ac:61:e8:
5d:da:65:cb:b6:68:2d:ed:10:c3:cb:df:24:46:5e:a0:1c:25:
cc:87:3c:10:18:7a:cb:7e:64:40:f3:6e:06:fe:17:ba:78:6b:
5e:eb:51:44:8e:a2:e0:c9:c9:e0:c1:4f:c0:74:c5:bc:a9:df:
06:fd:3a:63:b9:24:a2:7d:7f:f7:ab:6a:1e:ad:8d:97:92:8f:
ee:97:70:0c:df:97:46:31:58:ba:9d:d4:32:6e:af:9b:bf:48:
12:75:21:77:73:68:fd:52:84:34:54:73:c0:5b:9f:5d:bd:00:
94:3d:44:0e:36:4e:99:af:c5:10:7c:76:46:d5:be:9e:11:63:
0e:2c:08:87:c5:9b:b4:4b:88:bd:2d:41:e1:71:a0:bc:17:0d:
05:44:53:c5:46:b1:87:bc:9d:f8:5c:b5:b2:39:fb:22:8f:5a:
fc:b0:1e:fa:66:80:be:2b:e8:97:1b:58:bf:2f:f9:09:7b:7c:
a4:ab:84:1b:b1:27:91:78:a9:57:74:f1:f4:5a:b9:0c:6c:24:
93:e0:0f:ef:d0:a4:47:53:90:1a:a9:eb:37:85:c3:44:c9:49:
c4:77:f4:70:37:ce:45:95:09:88:cf:91:48:72:43:3f:47:ef:
5f:c9:7d:6d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQfLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQ0ODU5WhcNMjgwMTAzMDQ0ODU5WjAYMRYw
FAYDVQQDEw02Nzg3M2UzZS0xNzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4Z+AX7QzjEc/CgMCck/BvATamAyFuTm2XOSM1SQtbiymwFHyJfwL06CV
rlX+cACYzn1dU4lN9fCdxzXBk36j9gWmgvjv15WgJmYKWK3FMHvz6Ndxq1i7844i
RAyjHgv+mw0xGOjdhqNpG2vccuIpFJDNn4enMsdbdrA4Q2Zv5vFU/YyawBBCMOo8
oBKP9cM1I5fSdo5bPPOZ/lVn9wQyC0aAX8+XdDHnqfJErBO/E4eFqEjPuO3L+Vkd
36J4N7AqHxjC/9B8zHZuPeVbjm8FYUH/1Qw7j1nTGWfbwlFQPX0qcIGayEv7SFek
WoRS5axFf4PcQ0MkhLnX7L8/auiDzwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKP4
0/ZDy/16m7r6NjQMEJ6dZJTvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQUJDMzdFNkQyRkMxMUVGOEU2MzFEQjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4QMA0GCSqGSIb3DQEBCwUA
A4IBAQBbdoHhwC8Wgrz2pk9trY6sYehd2mXLtmgt7RDDy98kRl6gHCXMhzwQGHrL
fmRA824G/he6eGte61FEjqLgycngwU/AdMW8qd8G/TpjuSSifX/3q2oerY2Xko/u
l3AM35dGMVi6ndQybq+bv0gSdSF3c2j9UoQ0VHPAW59dvQCUPUQONk6Zr8UQfHZG
1b6eEWMOLAiHxZu0S4i9LUHhcaC8Fw0FRFPFRrGHvJ34XLWyOfsij1r8sB76ZoC+
K+iXG1i/L/kJe3ykq4QbsSeReKlXdPH0WrkMbCST4A/v0KRHU5Aaqes3hcNEyUnE
d/RwN85FlQmIz5FIckM/R+9fyX1t
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:29 2025 by rpki-client