Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6343D0ACC94911EFB0AC1A89762E951A.roa
File: 6343D0ACC94911EFB0AC1A89762E951A.roa (raw, json)
Hash identifier: bK3yX9F5VMfa/w1KdMkITLWRfE3yWzXJtg229da+gTk=
Subject key identifier: 87:F7:42:5A:56:0C:C7:A2:89:EE:7F:99:87:8B:AA:CD:BA:E0:EC:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F37E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6343D0ACC94911EFB0AC1A89762E951A.roa
Signing time: Thu 02 Jan 2025 20:37:31 +0000
ROA not before: Thu 02 Jan 2025 20:37:27 +0000
ROA not after: Sat 13 Dec 2025 20:37:27 +0000
asID: 984
IP address blocks: 156.225.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62334 (0xf37e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:37:27 2025 GMT
Not After : Dec 13 20:37:27 2025 GMT
Subject: CN=6776f90b-5451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:89:52:ff:9d:76:b5:ff:65:b3:ef:b4:55:d2:
bf:3f:96:a8:a9:db:75:c8:7e:2a:3e:18:5a:50:0d:
76:ee:c5:6f:29:4e:f9:cc:6a:08:d8:eb:6c:a3:5c:
36:76:e1:ab:df:1b:ed:79:84:f3:b9:d9:df:7e:53:
9f:e4:5c:b8:69:94:ad:c7:3a:8b:a5:5d:2e:7d:3f:
7a:de:9d:2c:b0:20:ed:05:fe:6b:63:85:17:0e:f1:
78:8b:16:d6:ea:2d:f0:3b:aa:d6:56:c0:ed:69:d9:
d7:aa:14:d1:e5:34:a4:86:71:14:24:2c:ab:a1:9f:
af:51:79:d4:b7:ed:a6:89:8f:9e:af:dd:b7:f1:5f:
b0:90:29:ee:e3:01:13:7d:c4:47:0f:b1:74:47:59:
25:75:01:81:67:11:89:96:db:d2:cf:6f:33:0a:b8:
44:e9:e6:37:72:87:7b:15:98:59:20:1c:0b:c9:8f:
1f:9c:06:1c:bf:65:ed:79:08:72:49:92:09:b7:4e:
13:57:b6:49:50:d1:87:27:bd:e9:5e:e6:38:89:9e:
f3:86:f1:d2:75:56:13:3c:0d:67:6d:02:59:52:77:
6c:a9:19:52:8a:b6:b6:8c:0d:97:e5:cc:6e:a2:21:
7e:9c:93:03:29:1c:88:f7:52:86:8e:c2:f9:81:61:
df:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F7:42:5A:56:0C:C7:A2:89:EE:7F:99:87:8B:AA:CD:BA:E0:EC:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6343D0ACC94911EFB0AC1A89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.59.0/24
Signature Algorithm: sha256WithRSAEncryption
57:e7:23:8e:b3:eb:8d:a9:40:25:d0:a8:87:f2:84:8b:01:b2:
2f:6a:cb:14:f8:91:ed:d5:f4:c8:0a:1d:d3:44:c8:35:74:bf:
8b:8c:00:c1:fc:3a:05:2e:de:1c:6e:20:91:3c:55:4b:d8:c9:
ba:70:ca:13:ce:48:f0:f1:b3:12:18:8e:0d:5a:c4:5f:f1:34:
ba:a5:73:6b:0f:4d:8d:c6:b6:27:e8:19:6a:fd:a1:03:f0:fe:
f3:00:6c:d1:90:ef:ff:48:aa:f8:e5:70:c9:cc:73:75:24:5a:
d6:46:52:70:8b:76:5c:26:f5:cc:fe:6c:21:bf:8e:d4:e4:91:
55:33:b6:b9:15:af:63:95:2d:a6:12:a2:30:71:d0:2e:15:c9:
d7:72:b8:ec:52:10:fc:ae:09:4b:f8:e6:4a:4e:82:07:9b:81:
7c:3d:8e:db:87:f2:1e:d3:40:4f:1b:46:6f:69:cd:24:45:85:
4b:f9:ed:a5:76:c1:2f:d6:aa:b0:d7:db:c8:1b:4e:e5:94:94:
61:da:bf:1d:79:dc:7d:62:1a:b4:0e:cf:a6:96:9b:82:2a:35:
06:24:c3:2d:a1:78:85:69:8e:5b:43:e9:d1:83:1e:d8:c5:f1:
e4:e4:5f:29:d4:46:77:17:03:82:e8:5f:fb:51:61:49:04:8b:
a0:0b:dc:56
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPN+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjAzNzI3WhcNMjUxMjEzMjAzNzI3WjAYMRYw
FAYDVQQDEw02Nzc2ZjkwYi01NDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8IlS/512tf9ls++0VdK/P5aoqdt1yH4qPhhaUA127sVvKU75zGoI2Ots
o1w2duGr3xvteYTzudnfflOf5Fy4aZStxzqLpV0ufT963p0ssCDtBf5rY4UXDvF4
ixbW6i3wO6rWVsDtadnXqhTR5TSkhnEUJCyroZ+vUXnUt+2miY+er9238V+wkCnu
4wETfcRHD7F0R1kldQGBZxGJltvSz28zCrhE6eY3cod7FZhZIBwLyY8fnAYcv2Xt
eQhySZIJt04TV7ZJUNGHJ73pXuY4iZ7zhvHSdVYTPA1nbQJZUndsqRlSira2jA2X
5cxuoiF+nJMDKRyI91KGjsL5gWHffwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIf3
QlpWDMeiie5/mYeLqs264Oy8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MzQzRDBBQ0M5NDkxMUVGQjBBQzFBODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOE7MA0GCSqGSIb3DQEBCwUA
A4IBAQBX5yOOs+uNqUAl0KiH8oSLAbIvassU+JHt1fTICh3TRMg1dL+LjADB/DoF
Lt4cbiCRPFVL2Mm6cMoTzkjw8bMSGI4NWsRf8TS6pXNrD02NxrYn6Blq/aED8P7z
AGzRkO//SKr45XDJzHN1JFrWRlJwi3ZcJvXM/mwhv47U5JFVM7a5Fa9jlS2mEqIw
cdAuFcnXcrjsUhD8rglL+OZKToIHm4F8PY7bh/Ie00BPG0Zvac0kRYVL+e2ldsEv
1qqw19vIG07llJRh2r8dedx9Yhq0Ds+mlpuCKjUGJMMtoXiFaY5bQ+nRgx7YxfHk
5F8p1EZ3FwOC6F/7UWFJBIugC9xW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:42 2025 by rpki-client