Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E7F7B32C94611EFAE9E4075762E951A.roa
File: 0E7F7B32C94611EFAE9E4075762E951A.roa (raw, json)
Hash identifier: STyvZscnqXFLKmdQMjCC7va17eWX4RczzPpycaW3G78=
Subject key identifier: 70:8A:8E:78:D6:A7:3B:34:46:59:36:0B:59:6C:0C:94:A8:82:6E:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F35E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E7F7B32C94611EFAE9E4075762E951A.roa
Signing time: Thu 02 Jan 2025 20:13:40 +0000
ROA not before: Thu 02 Jan 2025 20:13:36 +0000
ROA not after: Mon 13 Dec 2027 20:13:36 +0000
asID: 17561
IP address blocks: 156.225.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62302 (0xf35e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:13:36 2025 GMT
Not After : Dec 13 20:13:36 2027 GMT
Subject: CN=6776f374-68b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a5:34:d4:4f:f2:7f:af:1d:7e:57:e6:c4:95:
07:b6:46:38:88:f5:f6:4f:5a:8e:81:4e:4d:26:b3:
73:d8:ed:3e:64:04:25:30:98:a4:e2:51:e6:54:7f:
f1:91:17:d1:6b:23:47:44:b9:d8:9e:57:52:94:46:
c8:f5:a3:17:74:a3:f7:8a:1b:05:ea:c7:70:0d:29:
e1:61:5f:b3:cc:07:ad:c5:3b:ee:5a:cc:bf:b4:79:
3e:26:e9:c4:ad:6e:7d:41:31:4a:78:88:69:e4:3d:
30:07:f1:bd:3b:33:29:3d:ed:b9:4d:65:fb:29:94:
af:bc:8d:f4:cc:69:4c:40:f2:0b:ef:cc:d9:62:cc:
8b:e2:bb:70:9f:ee:e7:4d:d5:bf:42:06:1e:64:0f:
ea:5d:fd:b1:52:b5:ed:fc:a8:e0:6d:55:02:33:c3:
82:6b:4c:bd:ae:9e:6b:d8:3d:fc:9c:8c:04:25:0d:
17:c3:3e:ac:03:b0:6c:5b:3b:bd:9e:93:80:78:1c:
bd:74:fd:5a:8f:bf:5f:e3:05:d6:48:4b:1e:83:7b:
72:65:73:eb:7e:7f:b3:0d:4e:0a:6f:51:5b:8d:f0:
42:24:f8:0b:6b:9e:ff:db:23:d0:8f:6a:d4:7b:ba:
d7:a2:d0:70:cc:88:6b:01:4c:56:a1:3e:ca:26:95:
02:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8A:8E:78:D6:A7:3B:34:46:59:36:0B:59:6C:0C:94:A8:82:6E:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E7F7B32C94611EFAE9E4075762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.42.0/24
Signature Algorithm: sha256WithRSAEncryption
42:7e:15:f9:a5:88:4a:9e:e6:9e:c5:45:4c:fd:69:04:43:30:
25:55:ac:4d:b6:7b:a1:32:36:e1:f7:9e:78:18:0d:8d:1f:0a:
f5:8e:d0:1c:c5:e4:5c:45:14:1a:70:35:0f:74:79:62:ab:1f:
b7:dc:b6:6b:2a:00:53:18:de:d3:f5:f9:7a:90:22:58:42:9c:
e8:8b:02:a1:4f:19:86:36:98:a7:8f:5b:86:80:3d:ce:2d:89:
d7:17:a9:f1:95:e0:44:39:59:8f:2c:bc:66:87:db:d1:b9:3e:
11:8c:c2:37:c1:74:00:36:74:c8:e8:8f:56:36:75:81:3e:61:
d4:d0:64:9a:a1:e2:85:b7:9e:ee:ed:0d:fe:a8:90:5a:36:9b:
20:39:79:e5:27:3f:80:82:99:fc:74:2c:e2:b8:19:99:ef:d5:
53:92:4f:aa:eb:62:4e:a3:00:72:42:48:3d:06:42:6c:5e:52:
1b:f3:cc:64:1f:01:65:91:77:8f:29:1f:96:52:fd:02:38:f1:
f7:7a:a5:1c:f3:4c:a2:24:b4:0a:c7:fb:04:a6:5a:c6:24:d4:
57:9a:fd:ad:49:b9:e4:53:4b:b8:8e:00:65:06:c7:e5:78:08:
12:6d:2c:0f:86:44:a8:b5:d6:94:71:dc:b5:ca:dc:7e:43:19:
8b:7c:6a:eb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPNeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjAxMzM2WhcNMjcxMjEzMjAxMzM2WjAYMRYw
FAYDVQQDEw02Nzc2ZjM3NC02OGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5qU01E/yf68dflfmxJUHtkY4iPX2T1qOgU5NJrNz2O0+ZAQlMJik4lHm
VH/xkRfRayNHRLnYnldSlEbI9aMXdKP3ihsF6sdwDSnhYV+zzAetxTvuWsy/tHk+
JunErW59QTFKeIhp5D0wB/G9OzMpPe25TWX7KZSvvI30zGlMQPIL78zZYsyL4rtw
n+7nTdW/QgYeZA/qXf2xUrXt/KjgbVUCM8OCa0y9rp5r2D38nIwEJQ0Xwz6sA7Bs
Wzu9npOAeBy9dP1aj79f4wXWSEseg3tyZXPrfn+zDU4Kb1FbjfBCJPgLa57/2yPQ
j2rUe7rXotBwzIhrAUxWoT7KJpUC8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHCK
jnjWpzs0Rlk2C1lsDJSogm68MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRTdGN0IzMkM5NDYxMUVGQUU5RTQwNzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEqMA0GCSqGSIb3DQEBCwUA
A4IBAQBCfhX5pYhKnuaexUVM/WkEQzAlVaxNtnuhMjbh9554GA2NHwr1jtAcxeRc
RRQacDUPdHliqx+33LZrKgBTGN7T9fl6kCJYQpzoiwKhTxmGNpinj1uGgD3OLYnX
F6nxleBEOVmPLLxmh9vRuT4RjMI3wXQANnTI6I9WNnWBPmHU0GSaoeKFt57u7Q3+
qJBaNpsgOXnlJz+Agpn8dCziuBmZ79VTkk+q62JOowByQkg9BkJsXlIb88xkHwFl
kXePKR+WUv0COPH3eqUc80yiJLQKx/sEplrGJNRXmv2tSbnkU0u4jgBlBsfleAgS
bSwPhkSotdaUcdy1ytx+QxmLfGrr
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:35 2025 by rpki-client