Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65243DEACD8511EF9844B686762E951A.roa
File: 65243DEACD8511EF9844B686762E951A.roa (raw, json)
Hash identifier: MQHtOxFmxADHiRDpmu8EQ07f2OpaQt+Kg10h5/sLHmA=
Subject key identifier: 86:65:AE:1C:DD:4F:A3:E0:67:22:2A:DB:38:7A:DC:37:6E:26:C9:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010025
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65243DEACD8511EF9844B686762E951A.roa
Signing time: Wed 08 Jan 2025 05:57:08 +0000
ROA not before: Wed 08 Jan 2025 05:57:05 +0000
ROA not after: Mon 13 Dec 2027 05:57:05 +0000
asID: 17561
IP address blocks: 156.252.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65573 (0x10025)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:57:05 2025 GMT
Not After : Dec 13 05:57:05 2027 GMT
Subject: CN=677e13b4-9de1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:62:fb:9d:20:d8:2e:06:9a:79:05:c7:05:b1:
10:c7:f4:81:8c:fe:df:13:8f:44:af:70:d3:50:50:
6e:72:67:f7:27:d8:1e:cb:f6:ef:de:11:c0:f2:b9:
27:0b:47:82:d0:60:f6:4a:93:cb:d1:cc:5e:2f:2f:
0a:e5:25:58:bc:9f:c5:92:92:16:62:ef:3b:67:e9:
0d:96:64:5d:5c:90:bd:60:e8:93:97:bf:2f:57:b1:
20:aa:6e:1e:95:6c:52:34:19:51:80:89:60:07:6f:
77:f5:97:c0:29:7d:10:6f:ea:75:a9:68:5e:aa:66:
2c:d2:17:f7:18:6a:83:e2:d2:d7:58:78:56:8b:43:
ef:d4:c2:ef:53:44:ef:da:e3:0a:12:52:68:3c:e2:
a2:38:56:c6:2a:9e:c9:34:24:27:34:cd:83:79:4d:
11:3c:e2:9c:7f:1e:fe:d8:33:1a:c8:8b:94:da:5e:
f3:a8:77:40:30:81:e5:d0:ce:8c:ee:5c:bd:82:55:
db:9d:1b:0e:77:8d:8f:a0:03:ec:ac:00:fc:ad:ce:
aa:7b:d4:64:37:de:ce:08:38:2a:2f:ac:4c:86:2c:
79:a7:0e:1f:d1:67:c9:56:c4:90:b2:a3:98:c3:cd:
28:a9:63:38:d1:a1:91:bc:04:f0:2d:b7:b0:d5:e0:
3a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:65:AE:1C:DD:4F:A3:E0:67:22:2A:DB:38:7A:DC:37:6E:26:C9:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65243DEACD8511EF9844B686762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.30.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:77:17:3c:16:cd:de:e4:95:5c:58:0b:7b:1e:ef:5d:c2:89:
bf:77:3c:95:bb:14:a2:16:cc:2e:a2:38:57:2a:5e:79:67:3b:
d7:f6:a8:2d:b5:1c:68:7d:6a:60:94:ba:cd:58:5d:dd:e0:bc:
29:49:9d:60:5b:db:f1:e2:be:11:c2:ef:b6:a9:d6:e6:44:df:
74:35:f4:fd:39:e7:63:55:6b:fd:94:d4:d6:d9:68:e4:47:89:
0e:f8:ad:97:53:1f:99:3c:65:07:09:04:0b:4e:32:fe:b2:91:
f5:14:c3:4f:7e:0c:2f:48:97:71:11:ff:5f:d7:bc:d8:09:e7:
20:bb:1b:8e:aa:d7:b1:6d:f2:84:fa:a0:ea:f1:ed:ab:f8:8e:
50:55:4d:b0:a8:b3:41:67:84:e6:e8:e3:03:05:b1:f7:60:8b:
de:6f:14:e3:c8:19:b8:01:a2:6f:3c:4f:d6:7e:6d:5f:33:f4:
2c:b6:c9:76:bf:b8:f3:11:4a:44:d5:8e:17:c2:56:1d:4f:0c:
d1:67:60:f8:e4:a2:24:d9:8e:48:30:3d:07:72:c4:a0:d0:2e:
81:98:2f:b8:3a:2f:21:9a:22:89:92:1f:12:f8:50:48:32:06:
56:b1:d6:e6:06:ee:d7:53:36:1f:78:df:2e:d3:4b:88:74:c8:
3a:b7:1d:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQAlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDU1NzA1WhcNMjcxMjEzMDU1NzA1WjAYMRYw
FAYDVQQDEw02NzdlMTNiNC05ZGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA02L7nSDYLgaaeQXHBbEQx/SBjP7fE49Er3DTUFBucmf3J9gey/bv3hHA
8rknC0eC0GD2SpPL0cxeLy8K5SVYvJ/FkpIWYu87Z+kNlmRdXJC9YOiTl78vV7Eg
qm4elWxSNBlRgIlgB2939ZfAKX0Qb+p1qWheqmYs0hf3GGqD4tLXWHhWi0Pv1MLv
U0Tv2uMKElJoPOKiOFbGKp7JNCQnNM2DeU0RPOKcfx7+2DMayIuU2l7zqHdAMIHl
0M6M7ly9glXbnRsOd42PoAPsrAD8rc6qe9RkN97OCDgqL6xMhix5pw4f0WfJVsSQ
sqOYw80oqWM40aGRvATwLbew1eA6owIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIZl
rhzdT6PgZyIq2zh63DduJslDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NTI0M0RFQUNEODUxMUVGOTg0NEI2ODY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPweMA0GCSqGSIb3DQEBCwUA
A4IBAQAqdxc8Fs3e5JVcWAt7Hu9dwom/dzyVuxSiFswuojhXKl55ZzvX9qgttRxo
fWpglLrNWF3d4LwpSZ1gW9vx4r4Rwu+2qdbmRN90NfT9OedjVWv9lNTW2WjkR4kO
+K2XUx+ZPGUHCQQLTjL+spH1FMNPfgwvSJdxEf9f17zYCecguxuOqtexbfKE+qDq
8e2r+I5QVU2wqLNBZ4Tm6OMDBbH3YIvebxTjyBm4AaJvPE/Wfm1fM/Qstsl2v7jz
EUpE1Y4XwlYdTwzRZ2D45KIk2Y5IMD0HcsSg0C6BmC+4Oi8hmiKJkh8S+FBIMgZW
sdbmBu7XUzYfeN8u00uIdMg6tx32
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:10 2025 by rpki-client