Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25AE1084D2F611EF81F5AA8B762E951A.roa
File: 25AE1084D2F611EF81F5AA8B762E951A.roa (raw, json)
Hash identifier: NwFfjiDiBF0+atBuuRkl7GKQgqQcBxYBsnZSdZYpqyY=
Subject key identifier: 80:AF:3E:25:41:7D:F6:DB:B4:BC:C4:55:67:AC:08:BC:55:7A:1B:6B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107A3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25AE1084D2F611EF81F5AA8B762E951A.roa
Signing time: Wed 15 Jan 2025 04:06:51 +0000
ROA not before: Wed 15 Jan 2025 04:06:47 +0000
ROA not after: Mon 03 Jan 2028 04:06:47 +0000
asID: 17561
IP address blocks: 156.252.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67491 (0x107a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:06:47 2025 GMT
Not After : Jan 3 04:06:47 2028 GMT
Subject: CN=6787345b-92fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b1:ed:52:12:85:12:66:45:4b:a8:36:2e:23:
d5:00:53:5f:4e:69:45:80:c5:21:5c:da:78:65:99:
70:40:29:77:a7:93:f2:24:d6:1d:86:7d:19:0e:8c:
0d:48:b2:79:4b:6d:f4:86:be:45:40:59:09:14:ab:
ee:60:de:56:fe:54:99:74:46:85:3d:03:ad:ed:59:
2a:6a:64:b5:8e:ea:b4:dc:d4:8c:c9:85:12:8b:af:
d2:c0:fb:e3:97:7a:1c:16:51:4d:3f:b1:d9:fb:91:
87:71:05:be:41:ac:e2:1c:7e:f9:3d:d3:53:d1:c8:
9a:75:47:e5:7f:82:61:33:f7:e5:2a:05:3b:45:f0:
a9:a2:5e:a8:66:88:7c:5d:83:dd:17:a1:b5:da:d0:
58:8d:f1:17:74:bc:ed:7c:22:7f:11:6e:75:f9:b2:
c0:59:ba:5b:85:2f:1e:ff:e1:bf:01:10:85:45:94:
c9:63:cd:df:cd:5c:1f:40:8f:41:a9:ca:12:ed:25:
50:d6:c2:ca:c6:c0:cc:eb:8e:79:ed:c7:fc:1f:ad:
e0:dc:02:b1:8b:d3:8f:08:56:9e:17:37:ca:d3:7f:
30:5e:4d:0e:19:b9:a5:7a:73:d4:70:89:28:f1:bb:
52:17:46:93:4a:44:0b:8a:ee:71:8c:34:d0:3a:d5:
29:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:AF:3E:25:41:7D:F6:DB:B4:BC:C4:55:67:AC:08:BC:55:7A:1B:6B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25AE1084D2F611EF81F5AA8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.16.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:63:e2:26:2b:f1:f0:4d:dd:23:a3:a6:44:c7:08:db:b1:46:
5e:79:a3:46:fc:70:f6:92:cf:36:58:a8:81:fd:0d:fb:1f:c1:
e8:36:31:22:8a:4f:67:ea:f9:52:55:a8:9f:2a:0e:76:ad:38:
86:f8:71:be:e6:49:15:1b:27:4b:75:a0:6b:c4:50:b8:3c:47:
01:4d:ad:89:e1:41:34:47:dc:2f:13:4c:4b:71:f5:64:a9:31:
83:65:21:9e:e7:a2:3e:bd:11:b1:56:1d:f0:85:e9:6a:72:bf:
a1:1f:37:6a:2c:eb:5b:8c:81:c7:42:01:41:e4:af:da:df:23:
53:75:02:b2:01:ee:42:ac:5f:84:fc:ec:9d:0f:f6:5c:95:a0:
4a:de:69:25:b7:b1:63:d3:c6:c2:e6:ce:08:6d:cb:6f:f8:6e:
f7:5c:cb:e1:71:b0:b4:fd:91:2f:35:f5:67:5a:bc:8e:63:87:
a1:57:40:24:ff:ff:2b:45:30:45:96:64:a8:2b:8c:fb:db:b8:
7f:b4:e9:01:08:cc:e4:9c:c1:15:20:78:8b:60:2f:87:1a:2b:
d5:1e:dd:ba:8f:44:d1:28:55:e9:05:f2:51:3c:39:b6:59:40:
8e:ac:39:be:31:1a:46:9a:88:e7:67:6e:45:32:db:3d:41:e0:
49:88:e0:6b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQejMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQwNjQ3WhcNMjgwMTAzMDQwNjQ3WjAYMRYw
FAYDVQQDEw02Nzg3MzQ1Yi05MmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA37HtUhKFEmZFS6g2LiPVAFNfTmlFgMUhXNp4ZZlwQCl3p5PyJNYdhn0Z
DowNSLJ5S230hr5FQFkJFKvuYN5W/lSZdEaFPQOt7VkqamS1juq03NSMyYUSi6/S
wPvjl3ocFlFNP7HZ+5GHcQW+QaziHH75PdNT0ciadUflf4JhM/flKgU7RfCpol6o
Zoh8XYPdF6G12tBYjfEXdLztfCJ/EW51+bLAWbpbhS8e/+G/ARCFRZTJY83fzVwf
QI9BqcoS7SVQ1sLKxsDM64557cf8H63g3AKxi9OPCFaeFzfK038wXk0OGbmlenPU
cIko8btSF0aTSkQLiu5xjDTQOtUp/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFICv
PiVBffbbtLzEVWesCLxVehtrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNUFFMTA4NEQyRjYxMUVGODFGNUFBOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwQMA0GCSqGSIb3DQEBCwUA
A4IBAQBdY+ImK/HwTd0jo6ZExwjbsUZeeaNG/HD2ks82WKiB/Q37H8HoNjEiik9n
6vlSVaifKg52rTiG+HG+5kkVGydLdaBrxFC4PEcBTa2J4UE0R9wvE0xLcfVkqTGD
ZSGe56I+vRGxVh3whelqcr+hHzdqLOtbjIHHQgFB5K/a3yNTdQKyAe5CrF+E/Oyd
D/ZclaBK3mklt7Fj08bC5s4Ibctv+G73XMvhcbC0/ZEvNfVnWryOY4ehV0Ak//8r
RTBFlmSoK4z727h/tOkBCMzknMEVIHiLYC+HGivVHt26j0TRKFXpBfJRPDm2WUCO
rDm+MRpGmojnZ25FMts9QeBJiOBr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:23 2025 by rpki-client