Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0EC99720D30611EF86DD6170762E951A.roa
File: 0EC99720D30611EF86DD6170762E951A.roa (raw, json)
Hash identifier: 7JS+T9BExTHDyyCboAbuuT5RrsYzT7MTWigcTXH6Qw4=
Subject key identifier: 9C:8B:C8:AC:D0:0A:3C:2F:C6:AD:BF:22:DF:62:63:17:BD:B0:E8:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01080F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0EC99720D30611EF86DD6170762E951A.roa
Signing time: Wed 15 Jan 2025 06:00:44 +0000
ROA not before: Wed 15 Jan 2025 06:00:40 +0000
ROA not after: Mon 03 Jan 2028 06:00:40 +0000
asID: 17561
IP address blocks: 156.254.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67599 (0x1080f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 06:00:40 2025 GMT
Not After : Jan 3 06:00:40 2028 GMT
Subject: CN=67874f0c-c2a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:03:fd:08:c5:e3:24:f0:a5:cd:c2:c2:23:44:
96:f1:11:64:b0:5c:2a:85:a9:d2:02:8e:67:3d:b1:
4d:fc:c7:ae:6e:8b:66:56:9c:19:08:3d:65:4c:04:
db:c1:8c:26:a3:a7:c3:58:61:1a:db:a1:7f:51:6d:
d6:5d:91:a7:f2:14:db:6d:72:fe:be:60:f1:4c:cb:
aa:1b:77:13:68:87:3f:ca:71:e0:95:83:ca:2b:bf:
7f:97:3a:63:cd:f4:65:53:c8:2d:5d:cc:14:f8:b4:
51:2f:27:23:99:1e:8e:74:41:1f:3e:3b:c8:e5:ca:
28:87:12:61:8f:73:08:ee:65:87:04:d0:d4:49:cf:
5f:87:10:59:66:d0:9a:96:e1:b3:d9:7c:1e:c8:c1:
22:36:85:39:a0:43:bd:b5:de:43:a7:0d:a1:d4:62:
c0:ab:ff:99:40:6c:cb:1b:af:8e:b7:44:0a:20:40:
a9:21:e9:a7:0d:f5:41:cd:e8:e7:67:9e:ca:e1:83:
88:61:34:9f:96:b3:41:fe:0f:dd:fd:83:39:be:78:
0d:d5:12:b9:07:ec:19:bd:9e:05:48:de:a4:25:2d:
a5:f2:f8:7b:52:fc:19:99:c2:d8:f2:d7:82:0c:47:
19:03:0c:44:d4:7d:60:36:53:15:90:ad:33:5f:8d:
21:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8B:C8:AC:D0:0A:3C:2F:C6:AD:BF:22:DF:62:63:17:BD:B0:E8:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0EC99720D30611EF86DD6170762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.50.0/24
Signature Algorithm: sha256WithRSAEncryption
70:21:da:dc:f5:61:13:d7:dc:20:ec:92:73:f9:32:30:9c:2d:
b7:b1:b6:50:17:ca:c1:56:8d:0b:72:cf:61:36:59:6c:de:7b:
0a:e4:a3:c6:b2:4b:ac:83:cb:13:02:31:8a:25:41:af:a3:23:
0d:74:c2:3d:cd:21:a3:d2:1e:e4:b0:a9:26:9f:d9:ca:69:d3:
40:07:af:9f:ca:9b:6d:c7:ab:19:c9:5f:86:32:10:a4:ca:1d:
a8:bb:78:1a:3b:7f:e1:c5:4e:6f:80:71:23:d4:81:f8:b2:21:
b5:6c:b1:56:70:2e:c4:0b:eb:a4:11:c4:a8:1e:c7:b5:41:a5:
77:fa:3b:02:51:5c:c6:70:47:2b:47:aa:ae:ff:0d:5b:d1:e2:
8f:28:f9:6d:95:d3:9d:aa:b6:82:e8:1a:bd:40:27:23:99:bd:
db:5b:76:70:e4:f4:17:80:ff:ce:e3:7a:81:e1:cf:e0:e0:ed:
b3:93:bd:95:e1:02:b0:42:23:2f:20:3d:dc:8e:ef:fe:ee:7a:
18:66:ec:e9:9d:81:01:e6:02:3b:47:5a:88:6e:5d:96:b2:e9:
d0:0b:5b:4d:8c:f1:c2:b2:cb:70:dc:63:91:84:b0:b1:f8:48:
d5:2b:7b:84:fe:7d:5d:b4:db:a0:07:84:3b:d5:26:35:4c:1f:
77:6e:af:94
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQgPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDYwMDQwWhcNMjgwMTAzMDYwMDQwWjAYMRYw
FAYDVQQDEw02Nzg3NGYwYy1jMmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtAP9CMXjJPClzcLCI0SW8RFksFwqhanSAo5nPbFN/MeubotmVpwZCD1l
TATbwYwmo6fDWGEa26F/UW3WXZGn8hTbbXL+vmDxTMuqG3cTaIc/ynHglYPKK79/
lzpjzfRlU8gtXcwU+LRRLycjmR6OdEEfPjvI5coohxJhj3MI7mWHBNDUSc9fhxBZ
ZtCaluGz2XweyMEiNoU5oEO9td5Dpw2h1GLAq/+ZQGzLG6+Ot0QKIECpIemnDfVB
zejnZ57K4YOIYTSflrNB/g/d/YM5vngN1RK5B+wZvZ4FSN6kJS2l8vh7UvwZmcLY
8teCDEcZAwxE1H1gNlMVkK0zX40hzwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJyL
yKzQCjwvxq2/It9iYxe9sOjeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRUM5OTcyMEQzMDYxMUVGODZERDYxNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4yMA0GCSqGSIb3DQEBCwUA
A4IBAQBwIdrc9WET19wg7JJz+TIwnC23sbZQF8rBVo0Lcs9hNlls3nsK5KPGskus
g8sTAjGKJUGvoyMNdMI9zSGj0h7ksKkmn9nKadNAB6+fypttx6sZyV+GMhCkyh2o
u3gaO3/hxU5vgHEj1IH4siG1bLFWcC7EC+ukEcSoHse1QaV3+jsCUVzGcEcrR6qu
/w1b0eKPKPltldOdqraC6Bq9QCcjmb3bW3Zw5PQXgP/O43qB4c/g4O2zk72V4QKw
QiMvID3cju/+7noYZuzpnYEB5gI7R1qIbl2WsunQC1tNjPHCsstw3GORhLCx+EjV
K3uE/n1dtNugB4Q71SY1TB93bq+U
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:44 2025 by rpki-client