Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C66E9ACCD8111EFABE0F06C762E951A.roa
File: 2C66E9ACCD8111EFABE0F06C762E951A.roa (raw, json)
Hash identifier: L+ZYaTmE9FM1rLPSs/XwPaNnQOjzFey3h21Q/FUA/IM=
Subject key identifier: 6F:4D:6C:7A:A6:A4:FA:57:49:88:A3:F5:3F:53:0E:0D:92:60:8A:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010005
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C66E9ACCD8111EFABE0F06C762E951A.roa
Signing time: Wed 08 Jan 2025 05:26:55 +0000
ROA not before: Wed 08 Jan 2025 05:26:52 +0000
ROA not after: Sat 13 Dec 2025 05:26:52 +0000
asID: 984
IP address blocks: 156.252.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65541 (0x10005)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:26:52 2025 GMT
Not After : Dec 13 05:26:52 2025 GMT
Subject: CN=677e0c9f-82c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a7:88:61:a0:2c:8e:32:20:8a:90:b8:e8:16:
2f:6d:35:0f:4e:ac:06:8c:0c:53:c7:a6:ea:d3:33:
75:e3:f0:77:10:52:30:77:f0:f7:7d:da:96:14:77:
36:6c:a2:16:d1:72:fd:d6:c0:1a:77:42:60:ab:4f:
2d:b3:37:4d:c5:fc:48:fd:02:e9:54:80:5e:f8:40:
e5:b1:38:f3:b9:19:2f:d3:a5:7e:8b:19:c2:19:b7:
e1:19:73:1c:2f:37:8b:7b:f1:ef:5f:ec:12:ec:a7:
9f:ad:a3:62:f9:0f:08:1a:66:23:69:df:71:5b:2b:
fd:19:5e:55:3e:ad:e4:f5:2c:3d:0b:96:f8:0b:f1:
c4:65:f2:f1:41:66:6a:86:92:44:c2:0b:fe:e2:ea:
ec:8f:4a:75:8b:75:c4:ff:e4:4d:f2:b9:67:20:9d:
0b:69:05:c9:32:78:d7:74:e0:fb:25:16:7a:c4:93:
a9:6b:27:0e:c2:81:7b:24:a6:1e:1a:5a:73:69:3e:
9a:06:5f:b8:d3:99:e4:5f:df:4a:66:19:62:93:fd:
49:13:50:51:2b:41:34:3e:cf:fa:49:83:81:f2:ec:
08:e6:9b:d2:d0:d2:43:0d:53:01:89:63:e8:9f:26:
e5:71:97:2c:6d:99:0f:15:d3:d9:fa:7e:65:fb:83:
5f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:4D:6C:7A:A6:A4:FA:57:49:88:A3:F5:3F:53:0E:0D:92:60:8A:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2C66E9ACCD8111EFABE0F06C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.4.0/24
Signature Algorithm: sha256WithRSAEncryption
08:63:25:35:35:74:b9:63:d2:9f:80:bf:48:0e:e0:c9:ea:f7:
63:aa:b4:94:b5:87:67:58:69:e8:75:36:02:5d:ca:cd:09:1a:
3e:78:8c:69:fd:ab:b4:ea:72:24:72:47:16:c0:5a:2e:3e:31:
bc:c5:0b:8c:a7:63:73:5c:bc:6f:ee:19:ca:51:f9:fe:ed:d5:
67:ca:38:1c:d4:66:e1:af:b3:60:4e:12:c2:92:17:e6:80:43:
55:37:ec:d7:4b:15:25:2f:43:56:b1:59:e3:6f:cb:bc:13:50:
45:56:cd:d0:6e:0b:d1:06:bc:8c:ec:1b:51:3e:d5:33:c4:ee:
0c:23:99:49:aa:66:e9:b3:19:a3:e5:d8:0e:c0:16:e5:ab:03:
e1:05:fa:79:f3:da:4c:48:0e:3e:23:90:fd:ba:a1:9e:4a:65:
6a:5b:f6:2c:73:aa:b3:9a:6d:93:66:fc:05:d3:ef:ed:27:f4:
bc:28:32:1a:ca:d6:fa:6b:1b:49:7a:c7:93:4f:f7:24:55:e8:
f4:b9:d7:be:b1:e5:62:a6:1f:08:f9:a6:a5:4a:3d:94:78:c4:
ab:a4:7e:b4:f3:96:05:20:24:c2:ed:1d:0c:78:69:07:d9:b8:
54:aa:e8:0f:3d:35:a3:03:d0:21:52:e7:a2:77:46:64:76:43:
4e:9a:66:29
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQAFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDUyNjUyWhcNMjUxMjEzMDUyNjUyWjAYMRYw
FAYDVQQDEw02NzdlMGM5Zi04MmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0KeIYaAsjjIgipC46BYvbTUPTqwGjAxTx6bq0zN14/B3EFIwd/D3fdqW
FHc2bKIW0XL91sAad0Jgq08tszdNxfxI/QLpVIBe+EDlsTjzuRkv06V+ixnCGbfh
GXMcLzeLe/HvX+wS7KefraNi+Q8IGmYjad9xWyv9GV5VPq3k9Sw9C5b4C/HEZfLx
QWZqhpJEwgv+4ursj0p1i3XE/+RN8rlnIJ0LaQXJMnjXdOD7JRZ6xJOpaycOwoF7
JKYeGlpzaT6aBl+405nkX99KZhlik/1JE1BRK0E0Ps/6SYOB8uwI5pvS0NJDDVMB
iWPonyblcZcsbZkPFdPZ+n5l+4NfLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG9N
bHqmpPpXSYij9T9TDg2SYIogMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQzY2RTlBQ0NEODExMUVGQUJFMEYwNkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwEMA0GCSqGSIb3DQEBCwUA
A4IBAQAIYyU1NXS5Y9KfgL9IDuDJ6vdjqrSUtYdnWGnodTYCXcrNCRo+eIxp/au0
6nIkckcWwFouPjG8xQuMp2NzXLxv7hnKUfn+7dVnyjgc1Gbhr7NgThLCkhfmgENV
N+zXSxUlL0NWsVnjb8u8E1BFVs3QbgvRBryM7BtRPtUzxO4MI5lJqmbpsxmj5dgO
wBblqwPhBfp589pMSA4+I5D9uqGeSmVqW/Ysc6qzmm2TZvwF0+/tJ/S8KDIaytb6
axtJeseTT/ckVej0ude+seViph8I+aalSj2UeMSrpH6085YFICTC7R0MeGkH2bhU
qugPPTWjA9AhUueid0ZkdkNOmmYp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:00 2025 by rpki-client