Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A0E5B42D24011EFA87D0F85762E951A.roa
File: 5A0E5B42D24011EFA87D0F85762E951A.roa (raw, json)
Hash identifier: jyWJn00n8I4XAp5uK/uZcaKOHIiC5GSAS4OF8n1vRH0=
Subject key identifier: 34:CA:4A:FA:7C:5D:C2:9C:D8:93:92:4E:99:1C:93:54:46:16:D0:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106A6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A0E5B42D24011EFA87D0F85762E951A.roa
Signing time: Tue 14 Jan 2025 06:25:30 +0000
ROA not before: Tue 14 Jan 2025 06:25:27 +0000
ROA not after: Thu 15 May 2025 06:25:27 +0000
asID: 55020
IP address blocks: 156.224.30.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67238 (0x106a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 06:25:27 2025 GMT
Not After : May 15 06:25:27 2025 GMT
Subject: CN=6786035a-0588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:56:c7:ee:e8:46:a9:70:fa:66:85:47:d5:03:
d6:56:c0:2d:be:7d:69:94:f6:bc:69:08:c5:79:90:
8f:c4:fa:c3:83:ae:8b:59:bc:43:5c:16:23:fa:ea:
4c:81:ad:77:99:bc:a3:ce:ac:7f:07:f4:da:46:12:
d4:66:4f:b0:18:44:69:06:2e:d3:d9:88:3c:f3:55:
8d:b1:56:8a:a9:84:e9:41:b9:9a:7f:a8:86:eb:fc:
f5:df:ae:cd:44:87:61:ae:0b:f0:63:8e:ec:62:a1:
70:53:de:f4:28:9e:8e:11:00:34:10:aa:9b:e5:47:
04:7c:06:d3:5b:55:8c:f4:91:6a:c7:37:57:5e:aa:
19:98:12:8b:84:54:76:d2:7b:ab:2b:05:dd:15:12:
c6:80:d0:eb:a8:9e:7d:63:b6:3b:0e:3a:8c:b2:11:
2f:c8:29:c2:96:3c:6d:0d:32:4c:08:aa:40:fc:5f:
f8:04:22:e7:12:d2:5a:c5:9d:45:aa:7c:30:12:3c:
c7:08:46:ae:9f:9b:a1:d9:dc:bc:46:62:39:e8:a4:
e0:8a:76:90:50:2b:f5:16:86:24:ed:4a:95:0e:e3:
6f:36:1a:72:48:f3:0f:85:0a:b5:2a:98:16:86:8a:
b3:c4:6e:29:f3:ae:c1:7d:30:89:43:1f:d7:b3:82:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CA:4A:FA:7C:5D:C2:9C:D8:93:92:4E:99:1C:93:54:46:16:D0:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A0E5B42D24011EFA87D0F85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.30.0/23
Signature Algorithm: sha256WithRSAEncryption
31:ab:34:60:a4:21:ae:0e:29:d3:a2:e2:82:86:21:59:0d:b6:
98:41:05:c0:7d:ec:59:bc:20:3d:d2:38:4b:1c:f3:5f:9d:7b:
95:68:99:da:a5:86:6d:e6:9c:7d:83:a7:dd:64:69:dd:b4:70:
c8:0a:3d:b8:e1:95:4d:c6:38:c7:5d:9c:82:85:71:ae:a3:43:
83:01:e0:13:fb:79:52:92:6b:48:c7:d9:09:af:ef:36:93:ec:
ab:0e:ee:a8:7b:c5:de:e4:e2:97:5f:25:22:5e:11:e1:88:ab:
6b:b3:6e:26:d5:34:18:bb:c8:c3:86:60:e5:71:3a:ab:b5:b6:
38:04:2f:98:7b:f5:8d:c2:12:52:3e:e7:9f:f8:97:93:3f:5e:
09:70:10:6d:01:ab:6a:be:06:c8:16:5f:fe:2f:ee:9b:ae:90:
67:c1:19:77:43:1f:2c:d5:62:3f:14:89:8a:11:43:89:a6:85:
b5:c4:ee:6c:dd:00:3b:1b:3b:80:92:91:bc:9c:38:f7:55:6c:
88:22:e2:50:40:b7:cc:bd:79:c8:f7:19:61:13:a4:fc:21:3c:
71:9f:48:9a:fa:6b:02:20:fb:3b:b9:78:ae:94:9c:3d:a2:ce:
f9:87:4d:6a:22:9d:1f:a4:f0:31:55:62:bb:40:22:12:4f:ff:
1a:31:d2:11
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQamMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDYyNTI3WhcNMjUwNTE1MDYyNTI3WjAYMRYw
FAYDVQQDEw02Nzg2MDM1YS0wNTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsVbH7uhGqXD6ZoVH1QPWVsAtvn1plPa8aQjFeZCPxPrDg66LWbxDXBYj
+upMga13mbyjzqx/B/TaRhLUZk+wGERpBi7T2Yg881WNsVaKqYTpQbmaf6iG6/z1
367NRIdhrgvwY47sYqFwU970KJ6OEQA0EKqb5UcEfAbTW1WM9JFqxzdXXqoZmBKL
hFR20nurKwXdFRLGgNDrqJ59Y7Y7DjqMshEvyCnCljxtDTJMCKpA/F/4BCLnEtJa
xZ1FqnwwEjzHCEaun5uh2dy8RmI56KTginaQUCv1FoYk7UqVDuNvNhpySPMPhQq1
KpgWhoqzxG4p867BfTCJQx/Xs4JsdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDTK
Svp8XcKc2JOSTpkck1RGFtBSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTBFNUI0MkQyNDAxMUVGQTg3RDBGODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOAeMA0GCSqGSIb3DQEBCwUA
A4IBAQAxqzRgpCGuDinTouKChiFZDbaYQQXAfexZvCA90jhLHPNfnXuVaJnapYZt
5px9g6fdZGndtHDICj244ZVNxjjHXZyChXGuo0ODAeAT+3lSkmtIx9kJr+82k+yr
Du6oe8Xe5OKXXyUiXhHhiKtrs24m1TQYu8jDhmDlcTqrtbY4BC+Ye/WNwhJSPuef
+JeTP14JcBBtAatqvgbIFl/+L+6brpBnwRl3Qx8s1WI/FImKEUOJpoW1xO5s3QA7
GzuAkpG8nDj3VWyIIuJQQLfMvXnI9xlhE6T8ITxxn0ia+msCIPs7uXiulJw9os75
h01qIp0fpPAxVWK7QCIST/8aMdIR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:22 2025 by rpki-client