Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A657A0AC96F11EF8143E97A762E951A.roa
File: 5A657A0AC96F11EF8143E97A762E951A.roa (raw, json)
Hash identifier: 2j3UxHvJRnGcJ+usRrG/612mxuVfL8Wt11vRw+B9nKE=
Subject key identifier: 14:2F:D9:7A:C3:75:54:AF:08:ED:D1:EA:DB:50:C3:3F:1F:81:61:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4A5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A657A0AC96F11EF8143E97A762E951A.roa
Signing time: Fri 03 Jan 2025 01:09:17 +0000
ROA not before: Fri 03 Jan 2025 01:09:13 +0000
ROA not after: Mon 13 Dec 2027 01:09:13 +0000
asID: 17561
IP address blocks: 156.227.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62629 (0xf4a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:09:13 2025 GMT
Not After : Dec 13 01:09:13 2027 GMT
Subject: CN=677738bd-5e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:03:f4:20:aa:db:05:98:10:25:5d:ab:1c:85:
7a:9e:0e:c2:fb:15:ea:6b:f0:e3:86:09:08:4f:52:
c5:b7:b8:41:27:af:e4:3b:b2:67:cd:79:db:aa:ae:
fe:79:c3:82:10:3b:63:08:21:ff:67:eb:57:c7:13:
70:2b:0a:47:80:36:5f:72:c3:6f:4f:89:3d:d0:39:
3c:14:7b:6b:59:71:31:bf:45:a1:eb:97:10:69:2f:
6a:cd:b9:6c:39:e7:eb:1c:6a:cc:ea:21:30:c4:04:
d3:3d:13:f0:ee:52:80:ef:83:9c:15:4c:97:4d:79:
04:34:0b:57:52:96:33:2a:a1:26:21:2d:1f:3f:98:
c3:59:75:67:02:0e:97:fe:3f:7e:e5:4d:03:aa:eb:
77:ea:53:6c:1b:5a:9f:ff:18:7c:ec:5e:a2:7b:29:
c1:73:fd:57:d1:3a:d3:ed:13:45:43:71:5c:01:43:
89:8a:3c:90:d9:d9:2c:b2:3b:f7:68:40:7b:8b:ab:
b7:44:ad:04:ec:8e:71:bc:34:2e:44:1d:2b:d7:62:
14:aa:d4:65:a9:af:3b:3c:ec:95:66:a3:49:bd:97:
11:bf:70:95:66:61:9c:1f:b8:35:e8:5e:55:b5:d6:
3c:94:30:9f:43:25:2c:2b:97:ad:9a:1f:5c:17:2a:
92:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2F:D9:7A:C3:75:54:AF:08:ED:D1:EA:DB:50:C3:3F:1F:81:61:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A657A0AC96F11EF8143E97A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.68.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:7b:1f:dc:b5:48:b4:b2:58:90:bd:d3:8f:6e:07:0b:40:0d:
ad:83:e9:ca:3c:7f:0f:b6:bd:14:28:e9:44:2d:ca:e6:d5:ab:
60:ec:95:b5:66:1f:b9:d0:9b:52:f7:b2:e4:0c:df:de:17:91:
1f:5c:41:6e:88:f2:6f:fe:b8:77:f1:80:e9:b4:48:17:1a:c8:
d8:9a:23:54:3c:9f:db:e0:f9:0f:e7:28:cf:c7:eb:3c:d1:de:
b7:f9:b9:1e:c0:6b:02:47:78:a5:00:39:a8:ec:d6:08:d1:91:
5a:82:f3:ce:48:eb:b3:41:4f:fc:20:e8:44:49:45:ab:7b:28:
89:ba:f4:bc:10:5a:6b:29:78:e6:d3:e7:ba:f4:a2:ed:79:69:
bd:e5:e5:38:b0:d9:94:af:0f:67:97:94:f1:96:16:51:8e:7a:
a7:69:6f:3b:0d:f9:68:6e:40:b5:4e:6a:d0:11:a4:9e:04:4c:
85:90:c9:d1:c0:76:f5:2c:93:2b:c1:af:2f:74:c1:4d:81:30:
e9:68:3e:96:fa:48:5b:d7:e9:74:96:ef:36:3b:77:89:d3:7e:
e4:06:f3:e4:0d:1b:50:b2:4a:79:0e:72:ab:94:2f:ff:5b:7b:
d4:03:2f:06:51:3e:7b:ca:77:80:06:2c:15:d4:ff:9f:c7:4f:
d8:43:bc:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPSlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEwOTEzWhcNMjcxMjEzMDEwOTEzWjAYMRYw
FAYDVQQDEw02Nzc3MzhiZC01ZTBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAngP0IKrbBZgQJV2rHIV6ng7C+xXqa/DjhgkIT1LFt7hBJ6/kO7JnzXnb
qq7+ecOCEDtjCCH/Z+tXxxNwKwpHgDZfcsNvT4k90Dk8FHtrWXExv0Wh65cQaS9q
zblsOefrHGrM6iEwxATTPRPw7lKA74OcFUyXTXkENAtXUpYzKqEmIS0fP5jDWXVn
Ag6X/j9+5U0Dqut36lNsG1qf/xh87F6ieynBc/1X0TrT7RNFQ3FcAUOJijyQ2dks
sjv3aEB7i6u3RK0E7I5xvDQuRB0r12IUqtRlqa87POyVZqNJvZcRv3CVZmGcH7g1
6F5VtdY8lDCfQyUsK5etmh9cFyqSIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBQv
2XrDdVSvCO3R6ttQwz8fgWG+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTY1N0EwQUM5NkYxMUVGODE0M0U5N0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONEMA0GCSqGSIb3DQEBCwUA
A4IBAQAdex/ctUi0sliQvdOPbgcLQA2tg+nKPH8Ptr0UKOlELcrm1atg7JW1Zh+5
0JtS97LkDN/eF5EfXEFuiPJv/rh38YDptEgXGsjYmiNUPJ/b4PkP5yjPx+s80d63
+bkewGsCR3ilADmo7NYI0ZFagvPOSOuzQU/8IOhESUWreyiJuvS8EFprKXjm0+e6
9KLteWm95eU4sNmUrw9nl5TxlhZRjnqnaW87DflobkC1TmrQEaSeBEyFkMnRwHb1
LJMrwa8vdMFNgTDpaD6W+khb1+l0lu82O3eJ037kBvPkDRtQskp5DnKrlC//W3vU
Ay8GUT57yneABiwV1P+fx0/YQ7yC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:19 2025 by rpki-client