Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F66B270CDB011EF83D5B095762E951A.roa
File: 2F66B270CDB011EF83D5B095762E951A.roa (raw, json)
Hash identifier: 37UCA3B2NdowyhxtEAWdVNbFB7z6ap9tK2lwhpwIROM=
Subject key identifier: E0:B7:C9:A5:8B:24:21:40:7C:77:F3:52:EB:CE:B5:DC:1F:E2:35:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010179
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F66B270CDB011EF83D5B095762E951A.roa
Signing time: Wed 08 Jan 2025 11:03:26 +0000
ROA not before: Wed 08 Jan 2025 11:03:23 +0000
ROA not after: Sat 13 Dec 2025 11:03:23 +0000
asID: 984
IP address blocks: 156.255.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65913 (0x10179)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 11:03:23 2025 GMT
Not After : Dec 13 11:03:23 2025 GMT
Subject: CN=677e5b7e-e10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6e:f4:fe:7f:f7:1f:32:e1:f7:83:53:05:00:
00:d6:e7:73:eb:cd:9c:87:a1:37:3a:99:da:fa:52:
12:4e:c4:ea:37:00:13:d8:d8:7e:28:8e:14:0a:a9:
2e:ac:4b:36:f6:1b:3d:c0:c5:d0:52:0b:91:dd:7e:
6e:12:e9:0b:af:9f:c1:5e:8a:c3:e4:92:81:0d:b6:
b4:a8:ef:98:e3:32:2e:71:2a:f1:12:e7:1f:dc:5d:
6d:59:a5:ef:f4:8d:87:fa:97:70:9e:fd:d8:13:9c:
d2:99:ea:62:66:dc:48:c5:3d:ba:cb:33:d1:72:f5:
d4:5f:06:1b:17:ef:8f:d8:da:f6:a2:ef:fa:b6:04:
94:44:1b:3b:e0:ff:73:f0:cc:5e:bb:a1:6f:da:aa:
26:8d:ad:65:e9:79:9e:85:48:c4:cf:53:f7:55:d9:
34:62:31:4d:29:10:be:dc:3b:b3:1b:1e:3f:63:1b:
84:ce:c5:b5:a4:1d:f4:f7:b0:3e:fe:9a:47:c4:27:
93:b9:22:33:81:9f:e3:ef:7a:6f:3b:8b:dd:16:94:
4a:5c:e9:da:1f:e1:bb:75:c1:12:e8:f7:78:f5:29:
0f:9c:47:91:e2:93:8b:7d:56:78:69:48:13:bd:48:
1d:24:ba:4a:51:99:7e:ce:05:54:31:ee:07:38:95:
8e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B7:C9:A5:8B:24:21:40:7C:77:F3:52:EB:CE:B5:DC:1F:E2:35:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F66B270CDB011EF83D5B095762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.72.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:4d:3c:2b:d6:da:c0:55:f0:0f:dd:8b:1d:b2:dc:a6:70:e8:
5e:b2:a6:01:ad:97:4d:09:67:9d:39:4e:69:65:59:31:e8:8b:
32:3a:21:76:ed:5c:71:6c:7b:54:23:7a:04:e0:37:f1:39:07:
90:1c:39:ae:45:51:5e:e3:a4:c8:ee:78:b5:90:b5:f3:b7:a7:
27:26:03:21:fb:67:21:2f:2c:e4:90:ec:f3:eb:df:c3:c3:ac:
53:3a:4f:76:52:de:f9:5c:4a:3d:04:cd:9f:7e:32:1a:ee:00:
69:a1:1a:83:48:2f:c9:43:1b:46:c9:8c:3b:2c:38:22:a3:50:
f2:e3:f0:01:7e:dd:00:7e:a5:20:85:eb:4d:55:1a:b2:1c:7e:
71:ae:2e:52:9d:83:e8:04:bd:20:7d:e0:cc:1a:d5:b0:96:fd:
44:99:b6:0c:b1:eb:82:ec:ff:11:af:dc:c3:8a:37:2d:49:5f:
50:d5:19:76:61:55:7b:6d:6f:5f:15:7d:cb:da:62:88:7e:2f:
55:fc:e2:00:a5:4f:d8:f6:b5:0d:a4:de:06:a7:cb:dd:46:44:
7c:e0:d2:11:06:4c:be:46:da:ae:3b:5b:06:27:ad:74:83:0b:
cf:65:48:4c:dc:b7:70:7e:13:dd:fa:c0:40:30:fa:fd:9c:98:
43:1a:08:fe
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQF5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTEwMzIzWhcNMjUxMjEzMTEwMzIzWjAYMRYw
FAYDVQQDEw02NzdlNWI3ZS1lMTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtW70/n/3HzLh94NTBQAA1udz682ch6E3Opna+lISTsTqNwAT2Nh+KI4U
CqkurEs29hs9wMXQUguR3X5uEukLr5/BXorD5JKBDba0qO+Y4zIucSrxEucf3F1t
WaXv9I2H+pdwnv3YE5zSmepiZtxIxT26yzPRcvXUXwYbF++P2Nr2ou/6tgSURBs7
4P9z8Mxeu6Fv2qomja1l6XmehUjEz1P3Vdk0YjFNKRC+3DuzGx4/YxuEzsW1pB30
97A+/ppHxCeTuSIzgZ/j73pvO4vdFpRKXOnaH+G7dcES6Pd49SkPnEeR4pOLfVZ4
aUgTvUgdJLpKUZl+zgVUMe4HOJWOKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOC3
yaWLJCFAfHfzUuvOtdwf4jX/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRjY2QjI3MENEQjAxMUVGODNENUIwOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP9IMA0GCSqGSIb3DQEBCwUA
A4IBAQC8TTwr1trAVfAP3YsdstymcOhesqYBrZdNCWedOU5pZVkx6IsyOiF27Vxx
bHtUI3oE4DfxOQeQHDmuRVFe46TI7ni1kLXzt6cnJgMh+2chLyzkkOzz69/Dw6xT
Ok92Ut75XEo9BM2ffjIa7gBpoRqDSC/JQxtGyYw7LDgio1Dy4/ABft0AfqUghetN
VRqyHH5xri5SnYPoBL0gfeDMGtWwlv1EmbYMseuC7P8Rr9zDijctSV9Q1Rl2YVV7
bW9fFX3L2mKIfi9V/OIApU/Y9rUNpN4Gp8vdRkR84NIRBky+RtquO1sGJ610gwvP
ZUhM3LdwfhPd+sBAMPr9nJhDGgj+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:14 2025 by rpki-client