Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/463D3334CD1F11EFA8A0D66D762E951A.roa
File: 463D3334CD1F11EFA8A0D66D762E951A.roa (raw, json)
Hash identifier: ttwf6O/T28cnlAlktd3wf7UzC+tROR+Fb9Rdfyq4+64=
Subject key identifier: 5D:7E:4E:D2:7C:45:D0:16:A2:D2:2C:5E:12:C9:8B:7F:C2:C9:50:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD65
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/463D3334CD1F11EFA8A0D66D762E951A.roa
Signing time: Tue 07 Jan 2025 17:46:08 +0000
ROA not before: Tue 07 Jan 2025 17:46:04 +0000
ROA not after: Mon 13 Dec 2027 17:46:04 +0000
asID: 17561
IP address blocks: 156.241.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64869 (0xfd65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:46:04 2025 GMT
Not After : Dec 13 17:46:04 2027 GMT
Subject: CN=677d6860-2341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8a:86:3a:75:6a:a4:f6:28:49:ea:28:2c:e8:
02:4c:61:36:bc:23:1f:6e:09:bd:a4:18:b3:02:49:
c2:b6:89:8e:a1:a4:55:9d:dd:86:94:ae:af:5e:fb:
f1:96:bd:ea:99:37:f6:a5:c0:55:b0:55:3f:73:42:
ff:9d:ee:9f:7a:39:13:ca:fc:a8:3d:10:4f:8d:45:
7d:04:5b:c9:fa:5d:1e:7f:c1:09:f0:35:ef:7e:d2:
57:34:6f:aa:c3:bb:d9:7f:58:19:04:88:ec:00:5c:
5c:2f:b6:27:a3:88:96:77:15:60:79:7e:c4:80:e4:
ca:20:27:d7:c6:2e:f2:f5:e7:4f:f7:09:39:98:71:
ad:0d:44:21:a3:ad:54:af:70:5d:e6:b8:47:46:4d:
86:41:6a:41:d4:35:95:99:0a:eb:42:0c:22:5a:ea:
18:a7:aa:52:77:28:01:10:ce:a2:27:5a:96:75:54:
0d:87:6a:c4:f9:da:e8:c8:17:37:99:36:7a:9a:53:
10:8a:6b:d5:7c:a7:da:06:0a:f6:aa:88:40:70:05:
e4:a6:7c:ce:1b:d3:d1:64:d3:ee:1d:59:f2:ea:ce:
e5:50:99:e4:59:b1:d7:d3:16:51:63:f4:fe:ce:66:
95:04:ae:cb:bf:02:24:36:6d:4a:71:e5:fc:b8:95:
0a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:7E:4E:D2:7C:45:D0:16:A2:D2:2C:5E:12:C9:8B:7F:C2:C9:50:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/463D3334CD1F11EFA8A0D66D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.60.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:0c:64:85:c9:cd:d1:bd:64:17:d1:1b:c8:f1:96:3a:82:67:
f6:d8:a6:7e:10:92:24:0f:e3:ed:b4:8a:47:ef:dc:6f:3b:15:
db:56:30:dc:ea:1f:8f:67:2f:72:c8:45:35:7f:df:0c:47:eb:
51:0a:48:7e:8f:e2:96:b0:6e:3c:82:d8:df:1d:45:e1:ae:99:
ce:b9:b7:ce:72:68:0a:1c:ac:57:6f:2e:74:74:63:d2:75:1b:
d4:2c:63:3a:57:1d:ea:67:9b:f1:8f:d2:92:c3:37:f6:84:fa:
4f:f6:c3:5a:45:1d:50:95:9f:33:11:85:b4:2e:ae:13:77:17:
02:29:b1:6c:22:03:af:17:70:d6:27:3e:76:3b:01:d4:fb:1a:
0e:f8:f0:3a:e9:d7:34:ed:fc:89:8b:5e:7c:a4:37:5a:92:88:
15:ac:2b:12:8b:78:23:07:e0:e1:d2:c5:0d:6a:01:42:8c:65:
b5:17:6b:8e:9f:ef:e2:2e:18:3e:02:e6:ed:ee:5d:51:77:57:
cd:92:96:cc:58:a4:c6:3b:d2:3d:36:82:d2:c6:3d:e3:7f:8f:
94:d9:c4:1c:4b:b9:b2:66:4b:cc:1e:41:6a:67:87:8d:93:3e:
9f:4e:c8:0e:51:41:78:fb:fc:60:00:ae:0d:ae:6d:52:6b:ce:
c8:6e:2f:77
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1lMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTc0NjA0WhcNMjcxMjEzMTc0NjA0WjAYMRYw
FAYDVQQDEw02NzdkNjg2MC0yMzQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA54qGOnVqpPYoSeooLOgCTGE2vCMfbgm9pBizAknCtomOoaRVnd2GlK6v
Xvvxlr3qmTf2pcBVsFU/c0L/ne6fejkTyvyoPRBPjUV9BFvJ+l0ef8EJ8DXvftJX
NG+qw7vZf1gZBIjsAFxcL7Yno4iWdxVgeX7EgOTKICfXxi7y9edP9wk5mHGtDUQh
o61Ur3Bd5rhHRk2GQWpB1DWVmQrrQgwiWuoYp6pSdygBEM6iJ1qWdVQNh2rE+dro
yBc3mTZ6mlMQimvVfKfaBgr2qohAcAXkpnzOG9PRZNPuHVny6s7lUJnkWbHX0xZR
Y/T+zmaVBK7LvwIkNm1KceX8uJUKuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF1+
TtJ8RdAWotIsXhLJi3/CyVCMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NjNEMzMzNENEMUYxMUVGQThBMEQ2NkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPE8MA0GCSqGSIb3DQEBCwUA
A4IBAQCnDGSFyc3RvWQX0RvI8ZY6gmf22KZ+EJIkD+PttIpH79xvOxXbVjDc6h+P
Zy9yyEU1f98MR+tRCkh+j+KWsG48gtjfHUXhrpnOubfOcmgKHKxXby50dGPSdRvU
LGM6Vx3qZ5vxj9KSwzf2hPpP9sNaRR1QlZ8zEYW0Lq4TdxcCKbFsIgOvF3DWJz52
OwHU+xoO+PA66dc07fyJi158pDdakogVrCsSi3gjB+Dh0sUNagFCjGW1F2uOn+/i
Lhg+Aubt7l1Rd1fNkpbMWKTGO9I9NoLSxj3jf4+U2cQcS7myZkvMHkFqZ4eNkz6f
TsgOUUF4+/xgAK4Nrm1Sa87Ibi93
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:06 2025 by rpki-client