Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/169672E4CDC911EFAF35BCB1762E951A.roa
File: 169672E4CDC911EFAF35BCB1762E951A.roa (raw, json)
Hash identifier: 2RM2/dVLZLYUe8ms1bt5kCMFnOHbpqYr8dsDxTyCMXw=
Subject key identifier: D7:2C:C9:16:85:A5:52:9B:78:01:BF:F7:40:57:02:9F:EA:E1:E5:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101BB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/169672E4CDC911EFAF35BCB1762E951A.roa
Signing time: Wed 08 Jan 2025 14:01:42 +0000
ROA not before: Wed 08 Jan 2025 14:01:38 +0000
ROA not after: Thu 16 Dec 2027 14:01:38 +0000
asID: 17561
IP address blocks: 156.249.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65979 (0x101bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:01:38 2025 GMT
Not After : Dec 16 14:01:38 2027 GMT
Subject: CN=677e8546-6310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2a:4e:13:9d:5a:a2:12:e6:a2:ae:c3:99:8a:
5f:f0:28:86:6a:8d:da:94:03:fd:45:a6:35:67:bf:
ae:99:54:b9:10:db:07:23:b6:45:3c:3b:08:42:68:
2c:24:3b:f8:1d:26:23:4c:6c:27:68:bf:3a:68:6d:
07:ff:c8:76:be:6f:34:64:8e:99:5a:65:33:8f:ba:
9d:8c:ae:0e:5d:8e:87:2c:d8:7f:80:25:55:1f:16:
03:eb:8a:92:d9:0b:80:7b:62:4b:92:8b:ff:7c:68:
f2:84:c3:d5:ea:e7:9a:ea:b6:10:e9:7f:79:9c:cd:
13:2c:3d:2e:e2:a4:15:1d:f7:e2:60:ae:7f:ae:15:
e0:c0:bb:d8:0e:23:89:4e:81:84:45:66:69:2f:36:
f4:e1:0a:ce:b0:27:2f:af:18:c0:e6:5d:5e:41:49:
f1:bf:1b:56:ec:6c:82:85:92:3a:77:21:91:02:df:
98:69:93:25:b0:5c:3c:d5:77:27:2a:a1:7a:78:29:
cb:10:62:35:30:b3:cb:e2:88:23:f6:13:64:09:cb:
41:ec:a6:8f:44:b4:d4:83:27:d6:ae:0a:47:b1:ae:
9d:45:95:4b:74:d2:19:cf:d8:9f:c7:07:c9:52:55:
0f:d3:a9:b6:0e:53:66:d2:d4:59:3d:1e:98:c0:be:
e4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2C:C9:16:85:A5:52:9B:78:01:BF:F7:40:57:02:9F:EA:E1:E5:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/169672E4CDC911EFAF35BCB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.58.0/24
Signature Algorithm: sha256WithRSAEncryption
11:52:4f:81:74:85:e6:87:72:78:fe:18:74:07:9b:08:c7:98:
50:e7:1a:4e:2f:1a:d1:9c:00:e7:3e:cf:62:fc:61:38:a0:8d:
8d:3f:92:d2:4c:47:e3:66:2a:3a:b6:4d:11:45:1c:3e:6c:e8:
6f:6d:63:76:d9:61:9e:3d:49:68:d9:45:ed:ed:b8:52:7d:10:
91:0b:18:06:b3:b9:1f:70:07:2a:28:53:81:b8:7c:bf:a1:ed:
6d:c0:c0:21:82:46:04:88:48:fc:5b:20:aa:03:35:42:ba:dc:
12:3a:4e:73:4e:9f:1b:1d:d4:df:00:1e:02:31:40:ed:aa:ad:
bf:e0:49:71:d5:b3:01:da:02:55:89:1f:5b:d8:cb:83:6c:f0:
3b:bf:bf:f4:eb:a6:f3:88:ce:7c:f8:22:d8:60:c4:2b:c8:fe:
05:cb:36:db:ed:b1:67:ef:ba:c2:2f:f7:7e:42:be:19:4a:a6:
53:a6:92:cf:e5:9e:75:74:48:02:b2:2e:23:b4:99:ca:f7:ff:
ce:c3:d1:3c:ab:6d:43:94:ca:eb:b7:6b:e0:54:b9:c4:3c:9b:
6d:c9:b9:0c:21:fc:71:e7:66:dd:9d:bb:45:60:c9:74:02:7b:
f5:83:51:ac:ec:32:b9:43:1d:c4:68:78:98:0a:31:7d:4a:be:
39:4c:a2:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQG7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQwMTM4WhcNMjcxMjE2MTQwMTM4WjAYMRYw
FAYDVQQDEw02NzdlODU0Ni02MzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ipOE51aohLmoq7DmYpf8CiGao3alAP9RaY1Z7+umVS5ENsHI7ZFPDsI
QmgsJDv4HSYjTGwnaL86aG0H/8h2vm80ZI6ZWmUzj7qdjK4OXY6HLNh/gCVVHxYD
64qS2QuAe2JLkov/fGjyhMPV6uea6rYQ6X95nM0TLD0u4qQVHffiYK5/rhXgwLvY
DiOJToGERWZpLzb04QrOsCcvrxjA5l1eQUnxvxtW7GyChZI6dyGRAt+YaZMlsFw8
1XcnKqF6eCnLEGI1MLPL4ogj9hNkCctB7KaPRLTUgyfWrgpHsa6dRZVLdNIZz9if
xwfJUlUP06m2DlNm0tRZPR6YwL7kDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNcs
yRaFpVKbeAG/90BXAp/q4eVpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNjk2NzJFNENEQzkxMUVGQUYzNUJDQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPk6MA0GCSqGSIb3DQEBCwUA
A4IBAQARUk+BdIXmh3J4/hh0B5sIx5hQ5xpOLxrRnADnPs9i/GE4oI2NP5LSTEfj
Zio6tk0RRRw+bOhvbWN22WGePUlo2UXt7bhSfRCRCxgGs7kfcAcqKFOBuHy/oe1t
wMAhgkYEiEj8WyCqAzVCutwSOk5zTp8bHdTfAB4CMUDtqq2/4Elx1bMB2gJViR9b
2MuDbPA7v7/066bziM58+CLYYMQryP4Fyzbb7bFn77rCL/d+Qr4ZSqZTppLP5Z51
dEgCsi4jtJnK9//Ow9E8q21DlMrrt2vgVLnEPJttybkMIfxx52bdnbtFYMl0Anv1
g1Gs7DK5Qx3EaHiYCjF9Sr45TKJ/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:23 2025 by rpki-client