Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61A1B7EAD2EB11EF88F80A43762E951A.roa
File: 61A1B7EAD2EB11EF88F80A43762E951A.roa (raw, json)
Hash identifier: f0zM/bFxQxAIbdytItM60/IPtSxliCdVnjLJuWj+atg=
Subject key identifier: C7:9E:F8:CF:81:08:FF:C9:F1:D5:9C:78:A7:EF:63:7A:C5:4F:34:6F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010759
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61A1B7EAD2EB11EF88F80A43762E951A.roa
Signing time: Wed 15 Jan 2025 02:49:47 +0000
ROA not before: Wed 15 Jan 2025 02:49:43 +0000
ROA not after: Sat 03 Jan 2026 02:49:43 +0000
asID: 984
IP address blocks: 156.232.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67417 (0x10759)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 02:49:43 2025 GMT
Not After : Jan 3 02:49:43 2026 GMT
Subject: CN=6787224b-f93e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:79:94:6f:1b:96:4e:00:90:b4:ae:9b:e6:f8:
7a:78:45:cd:80:cd:05:af:c5:86:2e:d7:71:32:64:
10:d3:20:a8:28:dd:3a:11:cc:30:d0:df:2e:9a:dd:
7c:9b:c0:15:d0:df:02:5f:c4:ae:fc:9b:c1:d3:6c:
24:52:b7:9a:6d:93:5f:6c:90:65:c2:95:85:cc:67:
90:de:ce:86:4a:0f:c0:81:5f:84:1b:7d:d2:bb:54:
0f:8f:19:dd:f9:fb:82:50:2e:17:be:10:8e:b6:f6:
56:1f:2e:f8:ed:67:a6:c6:45:bb:e5:a5:fd:51:46:
c4:9f:4d:47:45:80:81:21:49:4f:a4:52:68:54:19:
13:12:f8:af:97:7a:35:e9:0e:ee:8d:c1:62:e2:7a:
e7:9b:c7:11:d8:47:a8:cf:98:8d:91:c7:5f:69:e7:
2c:2c:ea:9b:b9:00:db:0a:53:8e:b6:d2:3b:38:c2:
07:2b:38:82:9e:48:be:d0:16:0b:0b:a4:78:f7:35:
20:c8:73:25:f7:f6:95:77:5a:b8:17:b7:ea:16:13:
f1:b9:15:ac:59:3a:bd:6f:29:ac:37:59:64:27:d9:
70:9c:9f:b5:4d:ab:c4:2c:e3:d5:7e:91:39:d3:ea:
30:77:b6:a0:52:08:89:25:68:43:73:4d:ac:83:47:
db:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9E:F8:CF:81:08:FF:C9:F1:D5:9C:78:A7:EF:63:7A:C5:4F:34:6F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61A1B7EAD2EB11EF88F80A43762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.70.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:3e:87:b3:5d:f4:40:ec:60:4b:2b:e8:0a:e7:ef:61:3d:49:
b2:b2:8e:ec:ca:68:01:4e:30:48:d0:89:3a:53:71:0e:a4:f0:
50:e5:c8:67:ef:a0:15:a3:46:dd:be:91:e8:71:29:3c:aa:c0:
b6:c5:de:9b:7c:20:3f:e9:b1:02:b9:b4:c4:c5:f9:13:ae:a0:
c5:db:4b:80:75:84:ab:2a:df:33:32:f4:2f:fa:b2:55:76:ed:
6e:2c:3d:61:92:50:ee:9d:6b:76:65:c1:e8:6e:9c:94:fa:d3:
33:e2:8d:ea:4e:b8:12:dc:f0:fd:71:c2:f8:b5:e6:a6:65:55:
04:7d:75:11:3d:86:50:00:70:0a:35:9a:48:22:55:dc:24:49:
62:13:4e:1f:48:0e:0f:3d:5c:45:66:01:74:19:d3:40:98:7e:
3f:be:ed:ba:c2:9f:36:f8:fd:48:e4:b1:c6:bf:8b:1b:60:46:
de:73:b2:64:2b:5e:dd:65:8f:a0:00:24:f4:3e:6c:7a:7b:a1:
67:7f:68:4d:90:b3:47:2f:4f:a3:83:23:e0:a2:a3:17:2a:8d:
00:08:6d:5b:e8:6c:cb:b9:67:fe:71:a1:57:ad:0e:3d:f7:2c:
de:2b:9e:5f:3f:5a:06:b7:9f:c1:d5:b0:68:aa:1a:60:17:d9:
5d:70:77:95
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQdZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDI0OTQzWhcNMjYwMTAzMDI0OTQzWjAYMRYw
FAYDVQQDEw02Nzg3MjI0Yi1mOTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwnmUbxuWTgCQtK6b5vh6eEXNgM0Fr8WGLtdxMmQQ0yCoKN06Ecww0N8u
mt18m8AV0N8CX8Su/JvB02wkUreabZNfbJBlwpWFzGeQ3s6GSg/AgV+EG33Su1QP
jxnd+fuCUC4XvhCOtvZWHy747WemxkW75aX9UUbEn01HRYCBIUlPpFJoVBkTEviv
l3o16Q7ujcFi4nrnm8cR2Eeoz5iNkcdfaecsLOqbuQDbClOOttI7OMIHKziCnki+
0BYLC6R49zUgyHMl9/aVd1q4F7fqFhPxuRWsWTq9bymsN1lkJ9lwnJ+1TavELOPV
fpE50+owd7agUgiJJWhDc02sg0fbgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMee
+M+BCP/J8dWceKfvY3rFTzRvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MUExQjdFQUQyRUIxMUVGODhGODBBNDM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhGMA0GCSqGSIb3DQEBCwUA
A4IBAQC4PoezXfRA7GBLK+gK5+9hPUmyso7symgBTjBI0Ik6U3EOpPBQ5chn76AV
o0bdvpHocSk8qsC2xd6bfCA/6bECubTExfkTrqDF20uAdYSrKt8zMvQv+rJVdu1u
LD1hklDunWt2ZcHobpyU+tMz4o3qTrgS3PD9ccL4teamZVUEfXURPYZQAHAKNZpI
IlXcJEliE04fSA4PPVxFZgF0GdNAmH4/vu26wp82+P1I5LHGv4sbYEbec7JkK17d
ZY+gACT0Pmx6e6Fnf2hNkLNHL0+jgyPgoqMXKo0ACG1b6GzLuWf+caFXrQ499yze
K55fP1oGt5/B1bBoqhpgF9ldcHeV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:46 2025 by rpki-client