Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/225003B4CDAD11EFAEAD7681762E951A.roa
File: 225003B4CDAD11EFAEAD7681762E951A.roa (raw, json)
Hash identifier: 2fdvgY8Zr5LKD830vm0CbWpUHiuYgjlTOFFGdcxnIZM=
Subject key identifier: 07:A9:48:C1:D6:20:D0:04:4B:A8:DC:0E:1B:B8:E0:22:39:FB:FC:8D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010161
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/225003B4CDAD11EFAEAD7681762E951A.roa
Signing time: Wed 08 Jan 2025 10:41:36 +0000
ROA not before: Wed 08 Jan 2025 10:41:32 +0000
ROA not after: Mon 13 Dec 2027 10:41:32 +0000
asID: 17561
IP address blocks: 156.255.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65889 (0x10161)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:41:32 2025 GMT
Not After : Dec 13 10:41:32 2027 GMT
Subject: CN=677e5660-11ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a7:d4:33:76:6f:e0:9a:be:76:71:dc:4f:0b:
45:e5:b2:d5:47:c0:68:44:18:71:98:f4:43:aa:e7:
4d:d2:9c:6e:3c:b7:b3:ea:79:17:11:bc:84:45:c0:
f5:98:f5:4f:4f:81:5b:20:51:58:2c:0a:e0:d1:1d:
23:f7:df:6c:97:3a:77:16:04:d1:13:ba:51:cb:2c:
68:d3:78:af:c8:8b:06:a1:92:22:52:9f:3b:57:e2:
8a:2e:e7:fc:f9:29:20:1c:e5:58:2a:1c:d8:61:80:
47:42:a2:d6:ff:12:92:b9:17:72:b5:56:74:54:6f:
e6:94:43:9b:b1:9d:cc:39:0d:b3:89:7d:02:e5:aa:
84:1c:06:cd:2d:1f:19:ef:21:86:50:d1:df:23:70:
a5:04:c1:b0:18:1e:fb:d0:cd:60:ae:fc:e5:c5:15:
68:61:5d:dc:b6:3b:ab:20:82:e7:e2:39:23:39:9b:
5a:1e:16:9b:19:8b:49:5d:64:fd:ab:d7:5c:78:54:
bc:8f:37:2e:61:c7:57:41:d1:47:71:a0:3f:f4:0c:
ab:79:0e:5d:58:e2:bf:f1:fa:43:56:56:f3:c5:58:
47:ee:d8:05:9a:88:04:e9:21:bb:97:78:2d:12:25:
99:4d:ce:f2:98:b9:ba:b9:a0:d5:c9:f1:5c:5f:dd:
52:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:A9:48:C1:D6:20:D0:04:4B:A8:DC:0E:1B:B8:E0:22:39:FB:FC:8D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/225003B4CDAD11EFAEAD7681762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.51.0/24
Signature Algorithm: sha256WithRSAEncryption
32:13:76:4a:25:67:b8:0c:c2:ed:32:15:70:11:cc:ea:cd:d3:
6a:55:a6:40:e2:b7:9f:45:16:dc:c3:35:78:28:32:fa:81:0f:
6b:09:cc:b0:0b:07:af:15:58:61:6c:85:90:d9:c5:e7:7d:7f:
28:11:fd:32:b5:7c:4f:a0:18:59:77:53:bb:f6:d4:d9:ff:e3:
3e:a6:a6:1e:f3:91:2c:42:b3:cc:b6:3d:b3:3b:41:be:50:c4:
62:4e:4c:87:0c:dc:39:e8:f5:fb:5e:1f:1b:e9:fd:58:05:2f:
23:22:60:d0:ae:f4:11:62:4f:26:62:1c:e3:97:53:1f:61:80:
5f:bf:c8:54:3a:e2:76:dd:53:0e:10:ee:b8:aa:08:71:2d:58:
a6:85:c7:0f:b2:4a:b7:3e:60:05:d6:15:f6:bf:27:ba:ff:7a:
a2:d0:e7:cc:53:4c:f6:7c:ec:77:22:e7:37:68:31:79:83:65:
7f:d7:43:5c:b7:f4:79:e4:79:16:f1:1f:d2:65:70:bd:64:48:
d8:f9:01:d2:1c:2e:59:a0:69:a7:2b:b2:52:9b:a0:5f:67:27:
bd:8c:d5:82:e7:f2:bc:19:cc:26:a5:5a:35:6b:a7:da:6a:3a:
25:a7:fd:89:54:6f:d4:92:94:b7:87:83:53:a1:3f:bc:e3:cb:
3b:99:fe:8d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTA0MTMyWhcNMjcxMjEzMTA0MTMyWjAYMRYw
FAYDVQQDEw02NzdlNTY2MC0xMWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl6fUM3Zv4Jq+dnHcTwtF5bLVR8BoRBhxmPRDqudN0pxuPLez6nkXEbyE
RcD1mPVPT4FbIFFYLArg0R0j999slzp3FgTRE7pRyyxo03ivyIsGoZIiUp87V+KK
Luf8+SkgHOVYKhzYYYBHQqLW/xKSuRdytVZ0VG/mlEObsZ3MOQ2ziX0C5aqEHAbN
LR8Z7yGGUNHfI3ClBMGwGB770M1grvzlxRVoYV3ctjurIILn4jkjOZtaHhabGYtJ
XWT9q9dceFS8jzcuYcdXQdFHcaA/9AyreQ5dWOK/8fpDVlbzxVhH7tgFmogE6SG7
l3gtEiWZTc7ymLm6uaDVyfFcX91SZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAep
SMHWINAES6jcDhu44CI5+/yNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjUwMDNCNENEQUQxMUVGQUVBRDc2ODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8zMA0GCSqGSIb3DQEBCwUA
A4IBAQAyE3ZKJWe4DMLtMhVwEczqzdNqVaZA4refRRbcwzV4KDL6gQ9rCcywCwev
FVhhbIWQ2cXnfX8oEf0ytXxPoBhZd1O79tTZ/+M+pqYe85EsQrPMtj2zO0G+UMRi
TkyHDNw56PX7Xh8b6f1YBS8jImDQrvQRYk8mYhzjl1MfYYBfv8hUOuJ23VMOEO64
qghxLVimhccPskq3PmAF1hX2vye6/3qi0OfMU0z2fOx3Iuc3aDF5g2V/10Nct/R5
5HkW8R/SZXC9ZEjY+QHSHC5ZoGmnK7JSm6BfZye9jNWC5/K8GcwmpVo1a6faajol
p/2JVG/UkpS3h4NToT+848s7mf6N
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:40 2025 by rpki-client