Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64DB92BACE4E11EF83A0CE8C762E951A.roa
File: 64DB92BACE4E11EF83A0CE8C762E951A.roa (raw, json)
Hash identifier: b7CV4VzKlol0Z6/Qe3Vql/CqPuNVHUzp9S1vhTEssEQ=
Subject key identifier: B8:3E:35:BF:CE:72:F1:B3:28:B6:34:30:3A:FC:88:A1:CD:19:70:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102D3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64DB92BACE4E11EF83A0CE8C762E951A.roa
Signing time: Thu 09 Jan 2025 05:55:57 +0000
ROA not before: Thu 09 Jan 2025 05:55:53 +0000
ROA not after: Fri 09 Jan 2026 05:55:53 +0000
asID: 17561
IP address blocks: 156.238.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66259 (0x102d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 05:55:53 2025 GMT
Not After : Jan 9 05:55:53 2026 GMT
Subject: CN=677f64ed-fdd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:10:44:3b:0f:0e:ed:41:1b:92:db:f9:f4:2b:
8e:47:70:17:e4:05:cc:d6:e9:ea:78:43:88:3b:0c:
f1:44:aa:1d:e6:e5:aa:e2:cd:d3:26:b0:29:fe:6d:
80:4f:42:f5:9f:a8:c8:84:0b:1c:35:b4:65:b5:78:
b8:98:94:27:a2:b0:d5:5e:c5:e9:c2:4d:62:3a:bd:
45:94:06:88:e7:ca:e5:eb:02:1e:84:51:bc:9f:08:
62:55:95:89:0d:df:cd:ba:44:49:f9:ce:ee:5e:bc:
fb:a2:4c:2e:f0:c9:65:81:61:fe:2d:e1:49:01:60:
5c:29:9b:0e:9b:9d:5f:3a:e2:6d:bf:a1:73:f9:d7:
4a:51:b4:76:c7:74:5b:d1:63:c6:9d:4a:9a:fd:95:
9c:ed:28:4d:d0:c9:9f:a9:3f:4d:e1:30:f8:ae:8f:
20:7d:e1:78:0c:19:22:b1:50:51:a0:cd:b6:8c:9e:
10:b7:36:0a:fb:f1:13:1b:c6:c1:f8:d5:1b:e5:87:
0d:22:fc:16:bd:d4:b7:79:d7:d5:14:dd:2b:a0:9e:
37:ce:f3:8f:1e:94:9b:4d:5d:90:46:2b:70:40:60:
08:fb:19:68:56:67:b3:32:85:7a:c3:77:9b:1e:00:
6b:e9:37:23:81:25:67:66:ae:e0:a7:c0:44:92:0d:
54:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:3E:35:BF:CE:72:F1:B3:28:B6:34:30:3A:FC:88:A1:CD:19:70:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64DB92BACE4E11EF83A0CE8C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.61.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:4b:93:bb:ee:5b:87:80:c3:91:dd:26:6c:00:7d:69:8c:c9:
4e:3f:1d:ff:db:9e:29:33:00:7c:e8:07:33:9c:1c:49:b2:54:
82:9b:10:b9:80:bb:2f:3e:0a:5b:56:20:47:a2:2b:f1:b5:00:
1f:69:7a:6f:a6:c4:44:2e:d6:75:11:3e:47:fb:68:e8:02:b2:
64:66:b6:62:42:89:34:c6:74:e7:0a:27:c8:4c:d3:41:6d:f3:
18:90:93:44:22:f1:76:fc:a6:27:a7:9d:47:ad:38:9f:b4:96:
49:b8:ba:8b:be:1e:5a:c2:9b:10:ae:d8:7c:cf:8a:36:21:db:
7e:b8:1b:94:c7:00:d0:00:a0:14:7d:c5:ec:6c:8f:6b:a2:24:
b0:b2:41:b4:21:42:a6:eb:cf:e7:e0:00:1e:5f:d8:96:e1:05:
1b:0f:6d:57:7d:ce:b8:1f:c3:be:c0:9a:c5:bd:ca:9c:af:ec:
6a:22:80:27:18:9d:07:52:92:43:e3:bc:79:ed:e9:a2:78:9e:
13:67:62:c6:e3:85:3e:a6:31:03:6d:7a:71:17:84:e8:15:c3:
a1:98:fb:7c:f7:79:b5:b4:33:3b:dd:37:7d:9b:ca:79:20:17:
98:27:c9:e1:6b:41:1c:bb:92:6f:fe:52:9d:a8:bc:64:9b:6d:
b2:d0:d2:d8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQLTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDU1NTUzWhcNMjYwMTA5MDU1NTUzWjAYMRYw
FAYDVQQDEw02NzdmNjRlZC1mZGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoRBEOw8O7UEbktv59CuOR3AX5AXM1unqeEOIOwzxRKod5uWq4s3TJrAp
/m2AT0L1n6jIhAscNbRltXi4mJQnorDVXsXpwk1iOr1FlAaI58rl6wIehFG8nwhi
VZWJDd/NukRJ+c7uXrz7okwu8MllgWH+LeFJAWBcKZsOm51fOuJtv6Fz+ddKUbR2
x3Rb0WPGnUqa/ZWc7ShN0MmfqT9N4TD4ro8gfeF4DBkisVBRoM22jJ4QtzYK+/ET
G8bB+NUb5YcNIvwWvdS3edfVFN0roJ43zvOPHpSbTV2QRitwQGAI+xloVmezMoV6
w3ebHgBr6TcjgSVnZq7gp8BEkg1UuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLg+
Nb/OcvGzKLY0MDr8iKHNGXAbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NERCOTJCQUNFNEUxMUVGODNBMENFOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO49MA0GCSqGSIb3DQEBCwUA
A4IBAQA6S5O77luHgMOR3SZsAH1pjMlOPx3/254pMwB86AcznBxJslSCmxC5gLsv
PgpbViBHoivxtQAfaXpvpsRELtZ1ET5H+2joArJkZrZiQok0xnTnCifITNNBbfMY
kJNEIvF2/KYnp51HrTiftJZJuLqLvh5awpsQrth8z4o2Idt+uBuUxwDQAKAUfcXs
bI9roiSwskG0IUKm68/n4AAeX9iW4QUbD21Xfc64H8O+wJrFvcqcr+xqIoAnGJ0H
UpJD47x57emieJ4TZ2LG44U+pjEDbXpxF4ToFcOhmPt893m1tDM73Td9m8p5IBeY
J8nha0Ecu5Jv/lKdqLxkm22y0NLY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:18 2025 by rpki-client