Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1298CD78CDA011EFA6F25AAF762E951A.roa
File: 1298CD78CDA011EFA6F25AAF762E951A.roa (raw, json)
Hash identifier: iDB3lS4k0+WxDmEAyMNqOa9rWXSwvoEF8vdDhEyOGV4=
Subject key identifier: F7:05:BD:9F:3C:9D:6B:0B:D2:C8:CB:F0:F1:52:E3:E0:73:44:90:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100CB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1298CD78CDA011EFA6F25AAF762E951A.roa
Signing time: Wed 08 Jan 2025 09:08:06 +0000
ROA not before: Wed 08 Jan 2025 09:08:03 +0000
ROA not after: Mon 13 Dec 2027 09:08:03 +0000
asID: 17561
IP address blocks: 156.253.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65739 (0x100cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:08:03 2025 GMT
Not After : Dec 13 09:08:03 2027 GMT
Subject: CN=677e4076-1361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a9:06:b4:95:c2:bd:5a:8d:b8:5a:ee:76:02:
ad:9d:3b:6e:ca:20:43:a4:7f:30:55:37:b8:0a:45:
c3:39:32:d2:cb:91:19:5e:8c:6a:69:a3:54:66:a4:
8d:9b:0a:c5:c2:b8:c0:00:36:39:f2:8e:e2:42:9e:
7c:ec:47:89:01:49:44:b8:e1:ab:cd:ef:86:0a:9a:
62:3c:e0:86:13:6c:e9:01:e9:58:83:98:6d:8a:ed:
cb:f9:61:bc:35:b5:c2:8d:ec:97:24:53:0a:1f:aa:
e1:30:da:a7:9f:dd:10:77:84:7a:3f:f7:bb:c8:43:
42:e9:62:13:96:58:f7:7f:23:d0:37:3e:0b:1f:02:
3b:d1:7a:4a:c4:d8:9d:0e:58:11:9b:08:fd:d6:07:
33:ef:0c:ee:b7:9a:06:4a:29:88:5d:25:6e:35:ed:
4d:64:fb:9b:d6:9a:6d:b3:46:da:eb:1c:8b:fc:6b:
3a:91:98:16:8c:6e:ce:e3:76:b8:84:01:d8:5b:46:
90:5d:f4:49:1c:10:6b:2c:56:f3:4b:5f:57:43:b6:
2b:fd:b8:68:5b:17:fb:32:2f:3e:60:50:0b:5d:18:
25:14:e1:d7:f9:f0:92:60:5b:40:f9:3c:8e:cd:37:
61:85:21:bb:ff:e3:61:8c:39:98:8c:59:c2:c3:89:
dc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:05:BD:9F:3C:9D:6B:0B:D2:C8:CB:F0:F1:52:E3:E0:73:44:90:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1298CD78CDA011EFA6F25AAF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.35.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:b3:ee:6c:a1:0f:2a:12:4b:77:b2:34:2b:b4:ea:80:6b:5b:
28:83:6f:30:e6:14:84:36:7c:9c:d1:79:b5:57:73:99:d9:a1:
c7:39:9c:11:6e:18:0b:0e:bb:3c:d7:78:bb:98:a7:57:f6:c2:
ad:d4:24:30:0e:10:3b:a1:62:25:ef:d9:e4:12:f2:84:02:40:
fd:f3:58:f3:f3:c8:bc:dc:fd:9e:5a:6f:a2:ce:ab:56:98:ea:
67:66:56:0c:76:fc:f8:44:03:6b:5d:d1:1e:3c:c3:c1:ac:8c:
35:6c:aa:26:53:95:dc:e4:7f:1c:0a:b9:b5:95:be:25:6e:f3:
e0:95:e0:06:65:df:06:23:ba:3d:7f:38:7c:9d:52:fa:63:fc:
7e:dd:40:8f:19:59:22:80:b1:02:29:dd:86:da:f7:79:37:da:
60:8a:69:87:ca:b9:9f:2a:26:d4:83:06:00:2d:6e:c2:8e:6f:
0d:e5:52:6a:5e:22:77:27:f6:ae:bd:ac:74:c3:23:06:7b:12:
27:57:58:80:78:a9:9c:14:5f:be:b3:33:8c:c3:a9:17:cb:1e:
f2:48:e8:22:7d:58:a1:15:1d:0e:78:ed:b9:7f:e3:54:db:33:
75:e3:e7:e5:c2:b2:5c:36:3d:7c:a6:0f:54:f5:25:3c:6e:c5:
3e:d8:08:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQDLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkwODAzWhcNMjcxMjEzMDkwODAzWjAYMRYw
FAYDVQQDEw02NzdlNDA3Ni0xMzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA06kGtJXCvVqNuFrudgKtnTtuyiBDpH8wVTe4CkXDOTLSy5EZXoxqaaNU
ZqSNmwrFwrjAADY58o7iQp587EeJAUlEuOGrze+GCppiPOCGE2zpAelYg5htiu3L
+WG8NbXCjeyXJFMKH6rhMNqnn90Qd4R6P/e7yENC6WITllj3fyPQNz4LHwI70XpK
xNidDlgRmwj91gcz7wzut5oGSimIXSVuNe1NZPub1ppts0ba6xyL/Gs6kZgWjG7O
43a4hAHYW0aQXfRJHBBrLFbzS19XQ7Yr/bhoWxf7Mi8+YFALXRglFOHX+fCSYFtA
+TyOzTdhhSG7/+NhjDmYjFnCw4ncgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPcF
vZ88nWsL0sjL8PFS4+BzRJCQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMjk4Q0Q3OENEQTAxMUVGQTZGMjVBQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP0jMA0GCSqGSIb3DQEBCwUA
A4IBAQBus+5soQ8qEkt3sjQrtOqAa1sog28w5hSENnyc0Xm1V3OZ2aHHOZwRbhgL
Drs813i7mKdX9sKt1CQwDhA7oWIl79nkEvKEAkD981jz88i83P2eWm+izqtWmOpn
ZlYMdvz4RANrXdEePMPBrIw1bKomU5Xc5H8cCrm1lb4lbvPgleAGZd8GI7o9fzh8
nVL6Y/x+3UCPGVkigLECKd2G2vd5N9pgimmHyrmfKibUgwYALW7Cjm8N5VJqXiJ3
J/auvax0wyMGexInV1iAeKmcFF++szOMw6kXyx7ySOgifVihFR0OeO25f+NU2zN1
4+flwrJcNj18pg9U9SU8bsU+2Ajk
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:06 2025 by rpki-client