Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2155A74ACDAB11EF9B6CAF74762E951A.roa
File: 2155A74ACDAB11EF9B6CAF74762E951A.roa (raw, json)
Hash identifier: FZU5KA4SaYdkEqfvTgpN9S2sHngRtkvLF8GneKLtV7Q=
Subject key identifier: 06:5D:DA:9F:85:DE:59:ED:29:27:1D:08:48:80:03:52:AC:BB:66:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010151
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2155A74ACDAB11EF9B6CAF74762E951A.roa
Signing time: Wed 08 Jan 2025 10:27:15 +0000
ROA not before: Wed 08 Jan 2025 10:27:12 +0000
ROA not after: Sat 13 Dec 2025 10:27:12 +0000
asID: 984
IP address blocks: 156.255.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65873 (0x10151)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:27:12 2025 GMT
Not After : Dec 13 10:27:12 2025 GMT
Subject: CN=677e5303-36e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f9:4b:09:a9:15:e4:15:f8:68:76:e6:d5:15:
dd:05:7e:18:f0:da:d8:8f:1a:af:a6:cb:fd:ea:db:
23:eb:1e:f5:84:f6:42:dd:e6:1a:d6:de:0a:54:20:
42:e4:33:e9:73:72:7f:86:48:99:60:de:7a:7a:ec:
d0:f2:b8:dc:01:ba:72:35:2e:33:9e:cf:a5:fe:12:
7d:c3:a3:9f:b0:6a:46:6e:8a:e4:38:28:68:94:4c:
7e:4f:07:ff:f2:ac:83:c2:b6:9d:38:e4:19:ed:c1:
35:3c:71:d3:c9:97:b3:1b:b1:88:7b:fe:c3:d2:c1:
89:cb:b5:5c:e3:b6:20:8c:40:58:82:d0:57:2d:3f:
18:fb:e4:e6:73:15:fa:0f:79:0d:35:ff:f7:1b:f5:
16:3c:e4:78:62:c3:90:1c:41:d3:4f:ee:bd:b3:27:
36:2b:85:d5:37:30:42:0d:a0:fc:a0:a9:fd:c6:f0:
72:6d:c4:82:85:19:fc:13:78:c3:3a:ae:60:ac:f1:
ca:24:f5:f3:85:cb:09:18:8d:3f:10:e8:af:45:17:
60:f8:5f:13:9c:c3:54:2d:ba:01:89:8c:5f:21:8e:
ed:58:85:fe:85:b9:5d:f6:d1:6f:e6:fa:c5:b7:72:
cb:4d:be:f2:31:2f:c6:47:35:db:c5:03:2c:a0:61:
8c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5D:DA:9F:85:DE:59:ED:29:27:1D:08:48:80:03:52:AC:BB:66:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2155A74ACDAB11EF9B6CAF74762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.43.0/24
Signature Algorithm: sha256WithRSAEncryption
61:49:ea:b2:b4:bd:d2:2c:85:0a:fe:cc:0b:15:21:fb:c0:cd:
34:0d:a2:a5:a7:64:80:8c:60:b2:5b:ab:13:28:88:a8:11:ba:
41:3a:ee:11:87:58:e6:bf:fd:71:e6:1c:86:54:a3:1d:94:c4:
5c:14:f2:f7:d7:9f:2f:c8:d8:ba:3e:d2:07:ba:26:33:96:7a:
9d:41:86:75:6d:fc:6f:8e:86:c2:d7:7a:7b:13:ed:a6:f2:16:
ae:43:8a:77:d7:c4:b1:b7:db:25:07:c4:c4:f8:1c:92:af:67:
c7:f8:50:b9:24:51:eb:41:a4:68:ec:d9:80:fe:92:fa:d4:96:
de:4f:90:82:b8:8d:52:f6:83:97:2c:1a:96:22:2b:16:67:4a:
06:a3:dd:45:4b:32:3b:4b:66:33:37:2c:63:18:01:3f:ce:29:
df:27:55:43:eb:7c:dc:ed:32:52:9b:b6:79:ab:0c:5e:54:58:
34:bb:69:80:d6:82:59:f7:01:1e:30:0f:68:00:b9:ef:73:0c:
26:50:47:fa:5c:be:f9:51:a2:78:86:46:ef:7f:c9:2f:46:20:
29:30:63:26:d6:0a:ae:82:13:6a:6d:93:c0:6f:28:85:ce:94:
cb:35:40:25:bf:e8:7c:14:77:0a:a2:dd:bb:42:7a:b7:14:1a:
49:5a:4b:cc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTAyNzEyWhcNMjUxMjEzMTAyNzEyWjAYMRYw
FAYDVQQDEw02NzdlNTMwMy0zNmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5PlLCakV5BX4aHbm1RXdBX4Y8NrYjxqvpsv96tsj6x71hPZC3eYa1t4K
VCBC5DPpc3J/hkiZYN56euzQ8rjcAbpyNS4zns+l/hJ9w6OfsGpGborkOCholEx+
Twf/8qyDwradOOQZ7cE1PHHTyZezG7GIe/7D0sGJy7Vc47YgjEBYgtBXLT8Y++Tm
cxX6D3kNNf/3G/UWPOR4YsOQHEHTT+69syc2K4XVNzBCDaD8oKn9xvBybcSChRn8
E3jDOq5grPHKJPXzhcsJGI0/EOivRRdg+F8TnMNULboBiYxfIY7tWIX+hbld9tFv
5vrFt3LLTb7yMS/GRzXbxQMsoGGMLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAZd
2p+F3lntKScdCEiAA1Ksu2ZkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMTU1QTc0QUNEQUIxMUVGOUI2Q0FGNzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8rMA0GCSqGSIb3DQEBCwUA
A4IBAQBhSeqytL3SLIUK/swLFSH7wM00DaKlp2SAjGCyW6sTKIioEbpBOu4Rh1jm
v/1x5hyGVKMdlMRcFPL3158vyNi6PtIHuiYzlnqdQYZ1bfxvjobC13p7E+2m8hau
Q4p318Sxt9slB8TE+BySr2fH+FC5JFHrQaRo7NmA/pL61JbeT5CCuI1S9oOXLBqW
IisWZ0oGo91FSzI7S2YzNyxjGAE/zinfJ1VD63zc7TJSm7Z5qwxeVFg0u2mA1oJZ
9wEeMA9oALnvcwwmUEf6XL75UaJ4hkbvf8kvRiApMGMm1gqughNqbZPAbyiFzpTL
NUAlv+h8FHcKot27Qnq3FBpJWkvM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:56 2025 by rpki-client