Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/607C6AECCD2B11EF8E1302BA762E951A.roa
File: 607C6AECCD2B11EF8E1302BA762E951A.roa (raw, json)
Hash identifier: X+Rn+EKFcvQVUT+MaS2C0XMcWeivHrKGiLeHEzJ+UqA=
Subject key identifier: 30:81:61:99:CE:1E:0F:19:33:F3:42:B5:14:4A:FE:4D:38:25:92:07
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDC5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/607C6AECCD2B11EF8E1302BA762E951A.roa
Signing time: Tue 07 Jan 2025 19:12:46 +0000
ROA not before: Tue 07 Jan 2025 19:12:42 +0000
ROA not after: Sat 13 Dec 2025 19:12:42 +0000
asID: 984
IP address blocks: 156.241.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64965 (0xfdc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:12:42 2025 GMT
Not After : Dec 13 19:12:42 2025 GMT
Subject: CN=677d7cae-2f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3c:eb:07:46:f5:c2:5a:69:39:96:06:a1:d5:
be:58:d3:b6:00:7f:d4:99:7e:ab:4d:62:bb:d4:6b:
7e:f1:a1:10:f6:70:13:d5:48:62:1d:65:56:0f:ec:
ed:4e:16:3f:b2:07:6a:cc:af:59:98:3e:1b:82:f8:
63:45:98:4e:23:34:3c:db:73:6a:b8:32:2f:fc:f2:
1c:cf:0b:3e:0a:18:68:98:5e:ab:b9:92:c0:29:31:
29:33:b6:7b:9c:1e:82:8d:14:d2:d7:6c:79:4c:b4:
7f:33:13:6f:db:1b:70:0d:04:84:ac:e1:3b:43:2a:
95:42:4d:d6:b9:05:c3:11:42:24:fa:6f:ac:87:39:
15:12:7b:12:cf:36:7a:7c:a1:7d:83:0d:42:a3:2d:
db:98:32:18:7a:fc:d4:6e:8a:67:8e:f6:ac:c6:b9:
44:6c:1d:a7:9a:5f:b6:e8:c7:bc:c3:7d:d0:86:f9:
4d:8b:ad:50:67:b4:31:b7:25:f8:91:95:7a:0a:78:
3e:a5:2d:39:2f:89:9c:c7:97:fc:28:23:b1:97:4c:
04:f9:40:52:10:d2:2f:c3:a6:3b:52:91:a9:b5:b0:
2e:84:df:c2:ea:10:da:89:9f:98:2c:96:70:17:db:
b5:92:d2:92:c9:21:58:a4:ec:dc:4c:3a:33:e9:30:
cc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:81:61:99:CE:1E:0F:19:33:F3:42:B5:14:4A:FE:4D:38:25:92:07
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/607C6AECCD2B11EF8E1302BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.239.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:01:02:1e:1e:19:1e:07:e3:0e:89:bd:a5:e2:dc:bb:bb:09:
bb:91:a7:4e:f5:26:ab:0f:73:48:9c:8b:cc:02:8b:99:d2:ab:
85:18:84:c9:cd:77:d7:35:c7:c0:37:e2:0c:dc:d6:1e:fe:dc:
8c:11:96:3e:7c:54:1c:5f:61:a4:31:70:43:6a:13:13:f1:07:
33:9e:5c:8c:bf:e6:b3:6c:b6:af:f0:2f:fd:38:3a:8e:cb:f5:
2a:54:db:85:68:0c:f7:95:f4:bd:e3:37:ab:74:2c:0e:b8:19:
c7:e6:2c:95:e0:7e:4c:1c:6c:8c:f7:b2:0f:d0:d7:5c:aa:a7:
3f:7f:6e:6f:65:4d:eb:3d:9f:08:cd:32:70:33:f5:b6:79:51:
71:85:6c:b9:c4:80:1d:db:a6:6d:25:1e:fe:c4:90:91:01:ba:
42:ac:38:59:e5:c5:df:5d:1d:1e:66:6f:02:cc:e9:fc:18:65:
d4:a1:9d:50:e5:32:91:7f:09:aa:57:45:4a:10:2c:3b:74:99:
7d:42:fb:04:62:7a:dc:7b:c6:ef:c0:af:3c:fc:3c:ab:a4:34:
25:34:71:40:47:31:95:0a:44:03:58:37:c6:ea:f6:f0:e8:46:
a5:be:88:5d:05:7d:2e:3b:dd:9e:e2:7d:ed:a3:8b:d3:80:37:
19:99:fa:72
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP3FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTkxMjQyWhcNMjUxMjEzMTkxMjQyWjAYMRYw
FAYDVQQDEw02NzdkN2NhZS0yZjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxzzrB0b1wlppOZYGodW+WNO2AH/UmX6rTWK71Gt+8aEQ9nAT1UhiHWVW
D+ztThY/sgdqzK9ZmD4bgvhjRZhOIzQ823NquDIv/PIczws+ChhomF6ruZLAKTEp
M7Z7nB6CjRTS12x5TLR/MxNv2xtwDQSErOE7QyqVQk3WuQXDEUIk+m+shzkVEnsS
zzZ6fKF9gw1Coy3bmDIYevzUbopnjvasxrlEbB2nml+26Me8w33QhvlNi61QZ7Qx
tyX4kZV6Cng+pS05L4mcx5f8KCOxl0wE+UBSENIvw6Y7UpGptbAuhN/C6hDaiZ+Y
LJZwF9u1ktKSySFYpOzcTDoz6TDMCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDCB
YZnOHg8ZM/NCtRRK/k04JZIHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MDdDNkFFQ0NEMkIxMUVGOEUxMzAyQkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHvMA0GCSqGSIb3DQEBCwUA
A4IBAQBsAQIeHhkeB+MOib2l4ty7uwm7kadO9SarD3NInIvMAouZ0quFGITJzXfX
NcfAN+IM3NYe/tyMEZY+fFQcX2GkMXBDahMT8QcznlyMv+azbLav8C/9ODqOy/Uq
VNuFaAz3lfS94zerdCwOuBnH5iyV4H5MHGyM97IP0Ndcqqc/f25vZU3rPZ8IzTJw
M/W2eVFxhWy5xIAd26ZtJR7+xJCRAbpCrDhZ5cXfXR0eZm8CzOn8GGXUoZ1Q5TKR
fwmqV0VKECw7dJl9QvsEYnrce8bvwK88/DyrpDQlNHFARzGVCkQDWDfG6vbw6Eal
vohdBX0uO92e4n3to4vTgDcZmfpy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:12 2025 by rpki-client