Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55D1AAB2C94311EF8F7C0B64762E951A.roa
File: 55D1AAB2C94311EF8F7C0B64762E951A.roa (raw, json)
Hash identifier: L5fb3vWjVpx+aWhIhzB3EtjNIYNIznpTwSPux5v86IE=
Subject key identifier: 58:EC:8A:82:2B:68:83:9D:51:28:27:96:1E:3C:FE:79:FB:06:52:FA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F344
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55D1AAB2C94311EF8F7C0B64762E951A.roa
Signing time: Thu 02 Jan 2025 19:54:11 +0000
ROA not before: Thu 02 Jan 2025 19:54:08 +0000
ROA not after: Sat 13 Dec 2025 19:54:08 +0000
asID: 984
IP address blocks: 156.225.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62276 (0xf344)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 19:54:08 2025 GMT
Not After : Dec 13 19:54:08 2025 GMT
Subject: CN=6776eee3-ad6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:44:7f:ea:0f:1e:ef:a7:a9:37:29:6f:73:2b:
b4:45:57:5b:4e:ee:dd:21:18:0c:3c:c1:cd:10:73:
a9:ba:3f:ce:14:8d:34:8d:43:ea:26:7b:d7:d7:3d:
4f:68:7a:91:ad:6e:9b:3f:ba:bb:23:22:42:6a:62:
7a:67:cf:d8:28:60:51:a4:5f:f8:0b:d4:b8:41:74:
2e:40:aa:cd:ab:f1:c6:e7:6c:1c:2a:32:a2:59:c9:
f0:53:16:ae:f4:df:6d:12:54:7b:3e:08:c2:b9:de:
22:78:e2:b6:ba:b3:0c:23:a5:f4:3f:5d:f0:df:7f:
60:37:27:5b:8c:f2:7d:88:cd:34:46:62:3b:6e:58:
6c:24:68:9a:7c:4f:12:7a:4d:ad:8f:02:0f:83:14:
84:36:16:d5:4f:c6:e6:0c:c0:a3:e3:05:b9:f8:62:
f0:5a:ca:0c:f9:e7:4c:5a:c8:da:ea:b5:40:b4:77:
e4:d3:3a:3a:59:d5:28:79:80:a7:27:7b:46:bf:1a:
f5:e9:c3:b0:f9:b7:c2:e2:a9:d8:0d:fe:07:37:a5:
8a:41:57:d1:34:e8:ff:b1:22:05:06:01:ca:8a:f8:
0b:73:e6:b6:b1:d9:38:ea:ea:6c:0e:3e:4d:3d:d6:
75:c9:35:b0:73:13:9c:9f:c7:04:dc:52:1d:db:5e:
7a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:EC:8A:82:2B:68:83:9D:51:28:27:96:1E:3C:FE:79:FB:06:52:FA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55D1AAB2C94311EF8F7C0B64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.2.0/24
Signature Algorithm: sha256WithRSAEncryption
76:c8:5b:62:7c:7a:86:57:43:33:1a:49:68:7c:79:b1:d2:da:
85:da:67:ec:25:b3:ee:e9:11:99:93:c2:53:33:ca:1a:23:bd:
74:91:6e:3c:b3:59:a4:8e:69:44:51:44:e6:ce:9c:98:43:bb:
ca:79:81:fa:3c:cd:77:bf:e6:5f:82:51:ed:11:00:25:29:3c:
c5:4d:e7:fe:21:2b:eb:69:fd:0d:64:f1:a7:79:58:3b:b5:bb:
14:a1:41:8e:6b:58:90:28:65:02:9d:3c:7d:95:03:d8:98:59:
04:fa:0e:ae:07:be:3c:ef:f0:b5:9c:c8:15:7f:2a:3b:88:db:
f5:c8:1f:38:68:d3:34:13:42:97:88:ce:e8:0f:94:6e:1e:49:
37:50:f1:a5:89:b6:13:e2:ee:59:a5:ac:b4:d3:eb:46:e2:bc:
00:60:bb:a6:52:c4:56:55:3d:09:3c:89:9e:1b:a1:be:d9:22:
b3:ca:24:84:cf:2a:42:9e:57:3f:28:f6:ff:89:1a:af:ca:ca:
7f:24:46:7d:06:a4:34:b8:0b:ce:37:b7:b5:4a:d2:bd:94:0e:
92:a1:a0:27:18:70:18:e0:ac:ff:e4:02:cb:e9:63:b8:e6:6d:
15:25:e8:17:57:02:48:38:c1:e8:54:25:d6:be:2d:80:75:7f:
8f:a5:cd:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPNEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMTk1NDA4WhcNMjUxMjEzMTk1NDA4WjAYMRYw
FAYDVQQDEw02Nzc2ZWVlMy1hZDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApkR/6g8e76epNylvcyu0RVdbTu7dIRgMPMHNEHOpuj/OFI00jUPqJnvX
1z1PaHqRrW6bP7q7IyJCamJ6Z8/YKGBRpF/4C9S4QXQuQKrNq/HG52wcKjKiWcnw
Uxau9N9tElR7PgjCud4ieOK2urMMI6X0P13w339gNydbjPJ9iM00RmI7blhsJGia
fE8Sek2tjwIPgxSENhbVT8bmDMCj4wW5+GLwWsoM+edMWsja6rVAtHfk0zo6WdUo
eYCnJ3tGvxr16cOw+bfC4qnYDf4HN6WKQVfRNOj/sSIFBgHKivgLc+a2sdk46ups
Dj5NPdZ1yTWwcxOcn8cE3FId21561QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFjs
ioIraIOdUSgnlh48/nn7BlL6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NUQxQUFCMkM5NDMxMUVGOEY3QzBCNjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOECMA0GCSqGSIb3DQEBCwUA
A4IBAQB2yFtifHqGV0MzGklofHmx0tqF2mfsJbPu6RGZk8JTM8oaI710kW48s1mk
jmlEUUTmzpyYQ7vKeYH6PM13v+ZfglHtEQAlKTzFTef+ISvraf0NZPGneVg7tbsU
oUGOa1iQKGUCnTx9lQPYmFkE+g6uB7487/C1nMgVfyo7iNv1yB84aNM0E0KXiM7o
D5RuHkk3UPGlibYT4u5Zpay00+tG4rwAYLumUsRWVT0JPImeG6G+2SKzyiSEzypC
nlc/KPb/iRqvysp/JEZ9BqQ0uAvON7e1StK9lA6SoaAnGHAY4Kz/5ALL6WO45m0V
JegXVwJIOMHoVCXWvi2AdX+Ppc2B
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:36 2025 by rpki-client