Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0DCF56DECD0211EF96B3D6B4762E951A.roa
File: 0DCF56DECD0211EF96B3D6B4762E951A.roa (raw, json)
Hash identifier: uiIFw5T4Vj5llweXLX6mO62vevF9k6ZBruASYA+fVFs=
Subject key identifier: 59:C2:EF:C4:1B:A9:D7:42:A2:CE:DD:FF:15:7C:A7:89:4A:B8:36:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC79
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0DCF56DECD0211EF96B3D6B4762E951A.roa
Signing time: Tue 07 Jan 2025 14:16:58 +0000
ROA not before: Tue 07 Jan 2025 14:16:54 +0000
ROA not after: Mon 13 Dec 2027 14:16:54 +0000
asID: 17561
IP address blocks: 156.238.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64633 (0xfc79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:16:54 2025 GMT
Not After : Dec 13 14:16:54 2027 GMT
Subject: CN=677d375a-6f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3a:0b:df:84:28:04:2b:fc:13:d4:8d:58:dc:
68:97:d6:e0:11:a2:c4:f7:a0:da:40:42:6d:91:c8:
e6:71:41:b3:87:9f:23:de:71:c9:e6:95:c0:22:11:
19:9b:25:b2:cf:8d:e6:b3:f3:b4:31:39:2a:0e:0d:
a8:ad:f6:4b:99:58:72:b1:94:12:3d:53:c9:16:9d:
05:db:b3:f7:03:3e:7f:f9:bf:72:75:d0:49:8d:f2:
a6:a8:40:89:44:dd:77:3f:49:6a:4a:51:cf:7a:26:
54:d9:48:90:80:1e:32:0f:9e:90:51:0c:2f:77:57:
b2:d8:fc:c3:9e:fd:63:34:47:1c:44:3b:a6:62:d5:
2b:14:9f:52:88:c1:d8:23:bf:05:9e:d5:ba:59:c4:
a5:21:f7:bf:0b:54:4c:2f:e6:ad:67:17:7b:68:5a:
7e:58:76:e5:06:97:4f:fa:2a:0f:e9:2c:87:e9:b8:
64:dc:71:17:87:7f:75:82:e8:0d:7f:09:42:f0:9f:
45:b4:29:ee:9a:c6:4e:6b:7a:f6:97:99:84:9d:7b:
b0:be:55:29:4d:4b:f2:4a:8e:35:0a:09:74:ca:51:
85:87:ed:31:23:12:86:ce:65:73:c7:36:70:ec:05:
8f:01:b6:af:54:6a:52:85:ba:86:69:04:0c:a9:78:
4e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C2:EF:C4:1B:A9:D7:42:A2:CE:DD:FF:15:7C:A7:89:4A:B8:36:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0DCF56DECD0211EF96B3D6B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.173.0/24
Signature Algorithm: sha256WithRSAEncryption
72:07:04:c9:40:ec:1d:af:1f:2c:48:24:24:03:66:7a:4a:57:
5c:be:ff:b2:31:11:c9:ab:e9:cc:15:f8:b4:1f:72:cb:fa:4b:
1f:20:71:e0:27:34:9d:97:d5:11:d7:de:19:bc:7b:32:8f:81:
2b:9b:76:da:b1:dd:55:c8:fe:32:48:9c:aa:6c:02:73:fe:3f:
b0:67:48:7c:82:36:26:c0:91:b3:5f:40:39:d0:66:83:58:48:
8c:a2:46:e0:a1:dd:6f:9d:93:eb:8f:51:84:1d:3d:62:08:fe:
05:99:e9:fc:cc:e6:37:f5:f9:6d:e1:16:79:9f:26:06:6e:36:
92:40:db:06:8d:fc:5a:86:02:38:93:5a:12:a0:28:3e:89:3f:
bb:17:fc:79:6c:d3:7c:8b:32:34:37:17:db:66:fd:f3:02:04:
1c:2b:2b:74:47:8f:42:d3:e0:be:93:45:24:d9:08:36:e4:18:
9b:c6:bb:05:12:c3:d4:4a:13:9e:e7:e1:99:43:a8:25:94:2f:
3e:c9:08:16:b4:1a:13:bf:c2:f3:11:cc:03:91:93:7d:d8:0f:
4c:12:ca:c6:60:a6:87:33:93:53:7e:f0:f1:bf:ac:c1:87:47:
29:22:50:fd:fb:6d:d8:b5:b5:09:8b:79:86:2f:1b:8e:3f:9e:
41:70:1d:a6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPx5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQxNjU0WhcNMjcxMjEzMTQxNjU0WjAYMRYw
FAYDVQQDEw02NzdkMzc1YS02ZjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArToL34QoBCv8E9SNWNxol9bgEaLE96DaQEJtkcjmcUGzh58j3nHJ5pXA
IhEZmyWyz43ms/O0MTkqDg2orfZLmVhysZQSPVPJFp0F27P3Az5/+b9yddBJjfKm
qECJRN13P0lqSlHPeiZU2UiQgB4yD56QUQwvd1ey2PzDnv1jNEccRDumYtUrFJ9S
iMHYI78FntW6WcSlIfe/C1RML+atZxd7aFp+WHblBpdP+ioP6SyH6bhk3HEXh391
gugNfwlC8J9FtCnumsZOa3r2l5mEnXuwvlUpTUvySo41Cgl0ylGFh+0xIxKGzmVz
xzZw7AWPAbavVGpShbqGaQQMqXhOawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFnC
78QbqddCos7d/xV8p4lKuDbyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRENGNTZERUNEMDIxMUVGOTZCM0Q2QjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO6tMA0GCSqGSIb3DQEBCwUA
A4IBAQByBwTJQOwdrx8sSCQkA2Z6Sldcvv+yMRHJq+nMFfi0H3LL+ksfIHHgJzSd
l9UR194ZvHsyj4Erm3basd1VyP4ySJyqbAJz/j+wZ0h8gjYmwJGzX0A50GaDWEiM
okbgod1vnZPrj1GEHT1iCP4Fmen8zOY39flt4RZ5nyYGbjaSQNsGjfxahgI4k1oS
oCg+iT+7F/x5bNN8izI0NxfbZv3zAgQcKyt0R49C0+C+k0Uk2Qg25BibxrsFEsPU
ShOe5+GZQ6gllC8+yQgWtBoTv8LzEcwDkZN92A9MEsrGYKaHM5NTfvDxv6zBh0cp
IlD9+23YtbUJi3mGLxuOP55BcB2m
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:57 2025 by rpki-client