Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0EAFF274CD4911EFBF794975762E951A.roa
File: 0EAFF274CD4911EFBF794975762E951A.roa (raw, json)
Hash identifier: lK5rBMm/yTN2Qn3w/zrRys8TWR/MlsU3VlxnL87Juxc=
Subject key identifier: 00:07:7A:75:9B:B2:2C:3F:FE:4C:1D:86:20:03:4F:B4:1F:D6:3B:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEAF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0EAFF274CD4911EFBF794975762E951A.roa
Signing time: Tue 07 Jan 2025 22:45:13 +0000
ROA not before: Tue 07 Jan 2025 22:45:10 +0000
ROA not after: Mon 13 Dec 2027 22:45:10 +0000
asID: 17561
IP address blocks: 156.246.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65199 (0xfeaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:45:10 2025 GMT
Not After : Dec 13 22:45:10 2027 GMT
Subject: CN=677dae79-6b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d6:19:79:7f:ad:0f:a4:78:e3:15:7b:1b:d7:
fa:45:08:d5:b6:a2:0a:e0:be:e2:45:5f:55:0e:30:
58:c8:b3:68:8b:e6:66:e4:18:63:b5:67:39:59:78:
40:fe:76:19:0e:ed:dd:db:81:ea:7c:d2:f4:81:96:
85:9d:e8:2f:0e:b8:16:09:6b:91:8f:c6:57:e7:7c:
0f:6c:d3:c6:68:64:62:bb:70:d5:9b:1f:bf:77:52:
b8:e3:75:ef:32:eb:67:25:d4:17:69:32:80:ca:53:
77:4a:1a:da:dd:bd:3c:b1:67:0f:fb:d0:ba:77:74:
0e:3d:b4:57:e6:2f:b4:e0:be:e7:f3:e2:41:63:3b:
2e:a0:e5:37:02:12:da:92:5f:0d:93:39:b8:44:86:
46:3b:31:70:27:a5:eb:e4:0d:b4:92:74:32:7d:0f:
da:cb:4e:93:2b:d2:2f:7c:c7:84:e2:ff:25:7f:4a:
f4:31:c6:e9:04:16:c4:57:00:7b:6c:93:f7:c6:80:
4b:e7:a7:0c:78:ea:37:3a:bf:9d:6f:8e:cd:30:b2:
b1:1e:3c:e2:87:98:82:7c:00:1e:b1:b1:00:ea:3f:
80:4b:cf:e9:a4:58:23:ad:27:98:60:ca:e2:d2:d6:
a3:1d:c7:94:ef:0e:7c:83:1f:f7:76:fa:06:9b:23:
e1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:07:7A:75:9B:B2:2C:3F:FE:4C:1D:86:20:03:4F:B4:1F:D6:3B:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0EAFF274CD4911EFBF794975762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.28.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:18:c8:f6:ff:94:2f:d4:b7:a5:ec:ff:0b:1d:bc:c9:0f:38:
21:2f:f4:10:d3:11:84:93:f5:79:18:91:0f:e2:48:c7:d1:33:
35:a1:7d:c0:6f:c1:8e:c7:1e:f9:be:e3:9f:20:4e:b9:9c:3a:
47:85:34:b3:14:e0:f3:c2:4d:9c:16:10:b6:82:f7:43:76:47:
1a:6d:99:88:47:03:c4:77:cf:58:bf:ea:bf:c7:4b:74:43:6c:
44:8f:a6:fb:f7:54:d6:ca:af:9c:4f:19:3d:ce:c5:ab:7b:5c:
f5:d2:a4:84:86:5b:51:30:18:da:51:5f:e7:97:91:2c:f1:71:
9a:aa:0b:82:9e:62:df:fe:a8:21:ed:91:b8:63:a4:64:74:fb:
ce:08:75:91:ee:bc:21:2f:b6:15:1d:9a:c3:56:52:b3:9e:9e:
27:a4:98:91:d1:1d:ae:da:fd:2d:36:1f:2a:57:da:ee:ee:e2:
60:85:84:ee:a8:3d:7e:29:3b:21:1d:bb:91:42:32:25:92:a3:
d8:34:7e:b8:ee:aa:2f:06:ac:6c:4e:ba:b8:cc:92:c1:7e:c0:
d0:51:43:33:61:be:15:52:ae:6b:d9:b1:b7:6b:b7:c2:4b:ea:
d1:51:8a:bd:a5:ae:63:5b:ff:48:0e:11:56:94:7d:fe:e5:60:
b4:ca:fa:51
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjI0NTEwWhcNMjcxMjEzMjI0NTEwWjAYMRYw
FAYDVQQDEw02NzdkYWU3OS02Yjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA39YZeX+tD6R44xV7G9f6RQjVtqIK4L7iRV9VDjBYyLNoi+Zm5BhjtWc5
WXhA/nYZDu3d24HqfNL0gZaFnegvDrgWCWuRj8ZX53wPbNPGaGRiu3DVmx+/d1K4
43XvMutnJdQXaTKAylN3Shra3b08sWcP+9C6d3QOPbRX5i+04L7n8+JBYzsuoOU3
AhLakl8Nkzm4RIZGOzFwJ6Xr5A20knQyfQ/ay06TK9IvfMeE4v8lf0r0McbpBBbE
VwB7bJP3xoBL56cMeOo3Or+db47NMLKxHjzih5iCfAAesbEA6j+AS8/ppFgjrSeY
YMri0tajHceU7w58gx/3dvoGmyPh6wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAAH
enWbsiw//kwdhiADT7Qf1jsQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRUFGRjI3NENENDkxMUVGQkY3OTQ5NzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPYcMA0GCSqGSIb3DQEBCwUA
A4IBAQClGMj2/5Qv1Lel7P8LHbzJDzghL/QQ0xGEk/V5GJEP4kjH0TM1oX3Ab8GO
xx75vuOfIE65nDpHhTSzFODzwk2cFhC2gvdDdkcabZmIRwPEd89Yv+q/x0t0Q2xE
j6b791TWyq+cTxk9zsWre1z10qSEhltRMBjaUV/nl5Es8XGaqguCnmLf/qgh7ZG4
Y6RkdPvOCHWR7rwhL7YVHZrDVlKznp4npJiR0R2u2v0tNh8qV9ru7uJghYTuqD1+
KTshHbuRQjIlkqPYNH647qovBqxsTrq4zJLBfsDQUUMzYb4VUq5r2bG3a7fCS+rR
UYq9pa5jW/9IDhFWlH3+5WC0yvpR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:05 2025 by rpki-client