Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/634BDB82CDA711EF8270F85E762E951A.roa
File: 634BDB82CDA711EF8270F85E762E951A.roa (raw, json)
Hash identifier: 6LhE8z3PhCE9+n6GogbbsEeGAPU4teDuFN8fkMy21s0=
Subject key identifier: D6:A7:49:BF:BA:12:E0:EF:7A:FC:89:FE:70:35:7A:A8:B2:77:54:E0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010133
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/634BDB82CDA711EF8270F85E762E951A.roa
Signing time: Wed 08 Jan 2025 10:00:28 +0000
ROA not before: Wed 08 Jan 2025 10:00:24 +0000
ROA not after: Mon 13 Dec 2027 10:00:24 +0000
asID: 17561
IP address blocks: 156.255.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65843 (0x10133)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:00:24 2025 GMT
Not After : Dec 13 10:00:24 2027 GMT
Subject: CN=677e4cbc-2651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cc:2a:11:1d:0e:b1:75:52:f4:83:9a:a5:1d:
04:8b:87:41:54:70:5e:ed:90:7c:45:64:ec:3b:85:
23:3c:ae:3a:c5:d3:81:37:36:fe:b9:fd:f3:fc:6f:
6f:d4:54:f0:25:8a:b6:8a:79:b3:b8:a2:c5:59:a9:
01:6c:ee:41:d6:6e:dc:89:4b:c8:ed:48:0c:22:db:
59:46:c8:af:fb:33:2a:b1:f3:ef:7a:b4:84:e6:19:
0b:4a:e4:45:5a:a1:2c:bd:8b:93:76:4c:df:c6:e2:
fb:36:7d:3f:c1:3d:3c:01:3a:81:c4:88:6c:bb:5f:
5d:76:9b:4d:e4:21:1b:2b:e5:93:b7:5a:d4:0c:38:
be:85:18:8c:3e:59:18:a0:41:fd:4e:c3:27:99:15:
f7:4e:80:eb:f2:f4:be:e0:5b:ac:a0:4b:ab:2c:7e:
35:27:fc:1a:6b:1b:78:f1:ec:69:72:31:13:f0:25:
28:0f:f7:d1:53:43:40:60:68:77:83:7d:b6:e4:6d:
03:58:86:72:46:21:9e:71:2d:a4:47:1d:1e:db:df:
9a:8e:83:46:a2:5f:73:65:41:27:b2:bc:0a:af:88:
4f:ac:4f:d3:71:17:ed:08:05:3f:88:6f:14:09:84:
ad:ce:71:8b:52:56:8a:85:89:4b:83:dd:a2:70:f4:
05:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A7:49:BF:BA:12:E0:EF:7A:FC:89:FE:70:35:7A:A8:B2:77:54:E0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/634BDB82CDA711EF8270F85E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.12.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:c2:04:2e:df:ac:51:f4:85:2c:d6:b0:9e:52:24:27:ae:c9:
7e:73:a1:15:76:03:39:c2:e9:59:ac:96:f3:98:f1:dc:9a:0f:
84:cf:fa:52:ff:b8:d5:4d:d6:bd:b2:43:07:26:6f:39:0c:ae:
4f:d1:b7:89:7d:70:26:12:aa:56:bf:0f:f9:48:29:2d:ed:f0:
52:35:c2:22:87:c0:d2:11:b0:3c:56:e1:ea:fd:f2:4c:ac:9c:
99:af:53:4d:37:bc:e4:97:15:d8:2f:59:ce:71:8a:7b:3a:61:
d7:24:0e:23:e0:70:8c:5f:16:9f:ef:02:5b:4b:9a:c5:e7:82:
f7:a1:f0:8b:7b:1e:29:a8:f2:4e:dd:b3:b8:4c:17:e0:d4:11:
4d:fb:ff:57:d9:da:e7:6e:52:4f:68:d0:8c:88:4a:43:14:64:
c7:d7:8e:24:81:0e:43:c3:52:8d:6f:70:45:90:be:a2:cd:07:
c3:ff:fc:eb:bd:c6:09:37:48:19:6b:b9:f5:e9:57:16:25:a1:
a0:c6:bc:1b:0f:ee:e9:2d:75:ab:7c:51:d0:3b:ca:fa:ec:55:
20:a2:65:cd:7b:f6:9a:fc:03:3a:87:89:31:9a:bd:58:05:9c:
27:fa:fc:e9:bc:c1:cb:e0:5f:41:2f:94:23:9c:da:16:7d:d2:
2a:dd:68:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQEzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTAwMDI0WhcNMjcxMjEzMTAwMDI0WjAYMRYw
FAYDVQQDEw02NzdlNGNiYy0yNjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtswqER0OsXVS9IOapR0Ei4dBVHBe7ZB8RWTsO4UjPK46xdOBNzb+uf3z
/G9v1FTwJYq2inmzuKLFWakBbO5B1m7ciUvI7UgMIttZRsiv+zMqsfPverSE5hkL
SuRFWqEsvYuTdkzfxuL7Nn0/wT08ATqBxIhsu19ddptN5CEbK+WTt1rUDDi+hRiM
PlkYoEH9TsMnmRX3ToDr8vS+4FusoEurLH41J/waaxt48expcjET8CUoD/fRU0NA
YGh3g3225G0DWIZyRiGecS2kRx0e29+ajoNGol9zZUEnsrwKr4hPrE/TcRftCAU/
iG8UCYStznGLUlaKhYlLg92icPQF/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNan
Sb+6EuDvevyJ/nA1eqiyd1TgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MzRCREI4MkNEQTcxMUVGODI3MEY4NUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8MMA0GCSqGSIb3DQEBCwUA
A4IBAQBawgQu36xR9IUs1rCeUiQnrsl+c6EVdgM5wulZrJbzmPHcmg+Ez/pS/7jV
Tda9skMHJm85DK5P0beJfXAmEqpWvw/5SCkt7fBSNcIih8DSEbA8VuHq/fJMrJyZ
r1NNN7zklxXYL1nOcYp7OmHXJA4j4HCMXxaf7wJbS5rF54L3ofCLex4pqPJO3bO4
TBfg1BFN+/9X2drnblJPaNCMiEpDFGTH144kgQ5Dw1KNb3BFkL6izQfD//zrvcYJ
N0gZa7n16VcWJaGgxrwbD+7pLXWrfFHQO8r67FUgomXNe/aa/AM6h4kxmr1YBZwn
+vzpvMHL4F9BL5QjnNoWfdIq3Wja
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:19 2025 by rpki-client