Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A15A06AD17A11EF9295E39A762E951A.roa
File: 2A15A06AD17A11EF9295E39A762E951A.roa (raw, json)
Hash identifier: ohs94yr9JNAutpSY3Pkv6F8vXk9NiqM0m+34VKaQyJY=
Subject key identifier: BB:FF:70:5C:0B:67:6B:BF:D3:BD:43:98:62:1A:82:30:11:75:4F:66
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01066C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A15A06AD17A11EF9295E39A762E951A.roa
Signing time: Mon 13 Jan 2025 06:46:49 +0000
ROA not before: Mon 13 Jan 2025 06:46:45 +0000
ROA not after: Tue 18 Feb 2025 06:46:45 +0000
asID: 42689
IP address blocks: 156.251.80.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67180 (0x1066c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 06:46:45 2025 GMT
Not After : Feb 18 06:46:45 2025 GMT
Subject: CN=6784b6d9-a6da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ae:cf:60:e1:f4:ba:07:fc:77:c1:05:15:9c:
e0:23:8a:e1:e5:c3:0e:f5:50:4d:d8:22:76:b0:44:
42:b1:2e:5a:24:7a:05:49:26:50:92:86:ce:fa:27:
f8:8f:24:cc:f2:76:8b:b1:10:4a:d3:df:d8:51:84:
d4:76:fa:a2:a2:dd:a4:42:26:99:0b:a3:f8:af:33:
a1:0d:55:86:bf:3d:59:8e:ab:8a:aa:96:5f:aa:50:
17:5b:49:49:81:fb:ea:94:05:ca:78:06:1b:f1:9e:
4f:5a:ac:fd:9f:2d:2c:4e:e7:6f:27:08:1f:4d:56:
20:93:d0:67:62:9f:8d:4d:8e:a6:6c:1d:dc:e8:39:
93:18:cd:97:0f:08:81:6c:61:ec:ab:61:de:f7:a7:
b5:25:c7:ee:55:0f:5b:20:ec:46:47:f6:8e:6a:0d:
b0:d4:a3:92:31:b0:22:32:ba:75:aa:3b:cc:75:5f:
77:09:5c:38:ca:4a:f3:95:49:79:24:79:32:e0:5b:
4d:33:d7:b7:62:4b:f7:58:55:2d:81:9c:15:15:be:
dc:9a:a0:b0:95:b5:06:84:4a:53:38:25:ac:e1:73:
47:35:11:ca:43:2a:7d:88:20:aa:c5:56:6f:a3:2f:
cc:5e:a9:f0:ff:55:d6:37:3a:6a:82:a5:ae:1a:12:
2d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FF:70:5C:0B:67:6B:BF:D3:BD:43:98:62:1A:82:30:11:75:4F:66
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2A15A06AD17A11EF9295E39A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.80.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:d4:c2:a2:fa:84:f9:88:44:dd:e7:ec:2a:d8:3b:6d:af:93:
55:45:ab:af:58:97:9a:a3:85:6a:98:58:f1:a6:85:77:04:4a:
5d:6d:d7:f5:31:36:ba:a7:73:7d:96:30:79:38:4c:5b:35:78:
59:e2:a1:02:b2:fa:7c:3e:53:1e:4a:5f:96:c7:df:20:c3:b6:
3e:f6:a2:b3:92:c7:c9:6c:e7:bf:ad:91:69:2a:6f:f3:ca:c7:
19:56:0d:cc:d3:bf:17:5b:ed:d0:04:ad:d1:1c:ba:28:aa:db:
23:91:0f:41:a0:a7:f4:93:0b:c6:85:eb:21:3c:3e:9b:a1:9b:
2c:b3:78:a3:e1:0e:c8:06:ce:c7:05:46:07:39:dc:c4:ba:61:
9a:3a:e5:43:32:4c:c2:66:0a:fa:00:1d:ef:2f:18:6f:a7:e6:
2f:3b:fe:05:dc:39:7c:12:47:21:00:d0:37:4e:07:09:d3:6c:
34:cd:a1:f8:41:4b:64:3e:24:32:07:aa:78:20:1f:47:e6:31:
79:91:f8:4d:aa:26:6d:20:a7:00:a1:1a:51:82:c8:e4:49:b8:
89:1c:1a:69:49:cf:5b:f1:f0:ec:81:24:df:4f:3e:73:13:98:
fb:bb:10:25:6f:a3:70:7a:c5:09:ae:80:26:05:de:3f:7c:bb:
66:dc:51:c8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQZsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDY0NjQ1WhcNMjUwMjE4MDY0NjQ1WjAYMRYw
FAYDVQQDEw02Nzg0YjZkOS1hNmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnK7PYOH0ugf8d8EFFZzgI4rh5cMO9VBN2CJ2sERCsS5aJHoFSSZQkobO
+if4jyTM8naLsRBK09/YUYTUdvqiot2kQiaZC6P4rzOhDVWGvz1ZjquKqpZfqlAX
W0lJgfvqlAXKeAYb8Z5PWqz9ny0sTudvJwgfTVYgk9BnYp+NTY6mbB3c6DmTGM2X
DwiBbGHsq2He96e1JcfuVQ9bIOxGR/aOag2w1KOSMbAiMrp1qjvMdV93CVw4ykrz
lUl5JHky4FtNM9e3Ykv3WFUtgZwVFb7cmqCwlbUGhEpTOCWs4XNHNRHKQyp9iCCq
xVZvoy/MXqnw/1XWNzpqgqWuGhItmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLv/
cFwLZ2u/071DmGIagjARdU9mMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQTE1QTA2QUQxN0ExMUVGOTI5NUUzOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPtQMA0GCSqGSIb3DQEBCwUA
A4IBAQCa1MKi+oT5iETd5+wq2Dttr5NVRauvWJeao4VqmFjxpoV3BEpdbdf1MTa6
p3N9ljB5OExbNXhZ4qECsvp8PlMeSl+Wx98gw7Y+9qKzksfJbOe/rZFpKm/zyscZ
Vg3M078XW+3QBK3RHLooqtsjkQ9BoKf0kwvGheshPD6boZsss3ij4Q7IBs7HBUYH
OdzEumGaOuVDMkzCZgr6AB3vLxhvp+YvO/4F3Dl8EkchANA3TgcJ02w0zaH4QUtk
PiQyB6p4IB9H5jF5kfhNqiZtIKcAoRpRgsjkSbiJHBppSc9b8fDsgSTfTz5zE5j7
uxAlb6NwesUJroAmBd4/fLtm3FHI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:21 2025 by rpki-client