Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/651A0032C97011EF8DDFA682762E951A.roa
File: 651A0032C97011EF8DDFA682762E951A.roa (raw, json)
Hash identifier: l6SjgWvhvOslOInk/v6dSc9FdVtz1q89K24p6ifh5bc=
Subject key identifier: 7F:35:0B:31:58:67:DB:CE:D5:20:0D:1D:87:C1:D2:03:72:CA:59:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4AF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/651A0032C97011EF8DDFA682762E951A.roa
Signing time: Fri 03 Jan 2025 01:16:44 +0000
ROA not before: Fri 03 Jan 2025 01:16:40 +0000
ROA not after: Mon 13 Dec 2027 01:16:40 +0000
asID: 17561
IP address blocks: 156.227.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62639 (0xf4af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:16:40 2025 GMT
Not After : Dec 13 01:16:40 2027 GMT
Subject: CN=67773a7c-8c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:77:40:e3:a3:0d:59:5e:62:42:71:12:da:
6f:b1:92:7e:92:bf:d7:e6:dc:9a:dc:87:d9:df:4b:
e1:bc:63:b9:f9:55:0a:f3:3f:18:09:81:e5:13:9f:
a9:f6:4f:7e:10:29:5f:4e:f1:9c:10:8b:ea:52:de:
d0:e1:31:03:ef:6d:cc:91:4d:3a:3d:b6:9d:95:6d:
ec:3c:7e:84:02:7d:91:b0:c5:b8:a6:67:b4:ab:28:
7c:e6:5c:2c:8b:84:dc:21:39:67:37:eb:85:78:2e:
5d:8c:81:80:b8:4f:2d:06:d4:b8:8c:e1:e1:06:4c:
e7:d7:d9:a0:7e:54:c0:b1:b2:f1:eb:94:63:9a:88:
3b:3b:d3:ea:0f:be:4d:07:b9:04:a0:30:66:56:d6:
58:f0:d8:2e:12:56:7b:e2:b1:74:24:85:79:de:2d:
0c:f2:bf:19:83:ab:6d:2d:8a:39:b9:84:4b:f4:66:
1e:36:f7:73:3f:29:65:de:97:d7:a9:dc:3f:10:b0:
83:b1:8b:7b:20:5b:60:6b:fc:b4:a4:eb:b8:41:58:
a4:71:f5:66:c1:ab:65:0a:2b:3c:39:fe:31:5d:7f:
ba:e5:b0:60:b1:cc:8d:54:02:dc:0a:dc:2a:b2:b1:
7c:9c:01:8d:fb:25:27:37:12:13:3d:f2:cb:22:20:
65:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:35:0B:31:58:67:DB:CE:D5:20:0D:1D:87:C1:D2:03:72:CA:59:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/651A0032C97011EF8DDFA682762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.73.0/24
Signature Algorithm: sha256WithRSAEncryption
60:43:76:2f:c5:03:bb:7e:70:b7:d6:5e:87:de:7b:28:42:46:
47:53:d0:2b:b6:37:d9:d9:f4:37:75:03:4b:81:0a:6f:e8:17:
47:a8:14:cd:68:58:42:d5:6d:cd:1b:10:84:6e:49:a0:e5:f2:
75:56:b3:b7:dd:93:4b:a1:b3:ab:94:1b:b4:6b:ef:39:d6:e4:
d6:b7:b6:77:be:14:fe:98:ed:da:4d:5f:62:87:bb:67:0b:7f:
6b:10:e4:65:9b:43:84:4d:7d:c7:72:8a:c0:4e:8c:ed:de:19:
c7:2d:8b:5d:ec:d9:87:a1:0f:fe:fc:94:fe:71:cf:d5:5b:2f:
10:b2:7a:02:28:7e:9e:b1:e1:93:ab:71:79:76:67:ea:16:5a:
00:3a:7d:3d:41:6b:d8:59:bd:78:84:01:db:e9:0b:7f:2b:f1:
91:d4:4d:fd:b7:f7:f8:10:af:c9:7d:3a:43:be:c1:36:d8:a5:
11:b1:38:d8:e5:02:14:be:62:8a:e9:ab:99:6d:d2:15:a9:d5:
34:6a:98:81:7b:89:9c:91:7f:09:93:17:ac:03:a9:2e:2e:2e:
52:b4:b1:3a:34:50:d5:e4:a0:cf:e8:22:6e:e1:32:47:f1:54:
9a:40:1b:51:31:fa:02:e9:75:36:3f:57:66:04:b6:07:19:be:
aa:d6:a5:20
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPSvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDExNjQwWhcNMjcxMjEzMDExNjQwWjAYMRYw
FAYDVQQDEw02Nzc3M2E3Yy04YzVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu4p3QOOjDVleYkJxEtpvsZJ+kr/X5tya3IfZ30vhvGO5+VUK8z8YCYHl
E5+p9k9+EClfTvGcEIvqUt7Q4TED723MkU06PbadlW3sPH6EAn2RsMW4pme0qyh8
5lwsi4TcITlnN+uFeC5djIGAuE8tBtS4jOHhBkzn19mgflTAsbLx65Rjmog7O9Pq
D75NB7kEoDBmVtZY8NguElZ74rF0JIV53i0M8r8Zg6ttLYo5uYRL9GYeNvdzPyll
3pfXqdw/ELCDsYt7IFtga/y0pOu4QVikcfVmwatlCis8Of4xXX+65bBgscyNVALc
CtwqsrF8nAGN+yUnNxITPfLLIiBlKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH81
CzFYZ9vO1SANHYfB0gNyylk3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NTFBMDAzMkM5NzAxMUVGOERERkE2ODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONJMA0GCSqGSIb3DQEBCwUA
A4IBAQBgQ3YvxQO7fnC31l6H3nsoQkZHU9ArtjfZ2fQ3dQNLgQpv6BdHqBTNaFhC
1W3NGxCEbkmg5fJ1VrO33ZNLobOrlBu0a+851uTWt7Z3vhT+mO3aTV9ih7tnC39r
EORlm0OETX3HcorATozt3hnHLYtd7NmHoQ/+/JT+cc/VWy8QsnoCKH6eseGTq3F5
dmfqFloAOn09QWvYWb14hAHb6Qt/K/GR1E39t/f4EK/JfTpDvsE22KURsTjY5QIU
vmKK6auZbdIVqdU0apiBe4mckX8JkxesA6kuLi5StLE6NFDV5KDP6CJu4TJH8VSa
QBtRMfoC6XU2P1dmBLYHGb6q1qUg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:00 2025 by rpki-client