Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65EFC262CC1311EFB6B35C49762E951A.roa
File: 65EFC262CC1311EFB6B35C49762E951A.roa (raw, json)
Hash identifier: T5CZ4F2g/cY8hSyjahYCRNNUpz4F0fm8QrpNgtovWPo=
Subject key identifier: EF:66:2B:B3:65:DC:FB:CF:A5:01:48:59:61:6A:3F:19:BA:90:2C:55
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F879
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65EFC262CC1311EFB6B35C49762E951A.roa
Signing time: Mon 06 Jan 2025 09:48:36 +0000
ROA not before: Mon 06 Jan 2025 09:48:32 +0000
ROA not after: Thu 06 Feb 2025 09:48:32 +0000
asID: 200373
IP address blocks: 156.228.174.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 09:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63609 (0xf879)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 09:48:32 2025 GMT
Not After : Feb 6 09:48:32 2025 GMT
Subject: CN=677ba6f4-e45f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1f:e9:cf:26:80:98:f9:15:2d:31:55:75:45:
c3:e2:c8:76:0d:c8:67:7a:bd:50:0b:f1:ee:c8:70:
a4:d8:80:ab:c9:58:5e:93:45:f9:3d:ae:ac:c0:3b:
79:61:d7:77:11:59:4a:02:49:ca:e6:17:77:04:b5:
26:5f:60:55:9f:0c:12:c5:99:65:fe:fd:66:db:a9:
0f:47:43:07:d8:e1:45:65:ff:4b:e7:dd:6e:7d:ed:
3d:55:06:e6:a0:96:4e:b7:55:e4:d0:3e:24:6a:6c:
0c:10:0d:4f:88:10:a8:08:ac:b1:5f:8c:90:6f:02:
72:b3:e6:90:85:30:1a:4f:22:3f:78:19:e8:61:3a:
82:d9:02:71:d6:11:3a:80:21:80:6c:3b:48:05:04:
9d:18:11:a5:e1:9a:47:2d:65:e0:51:a6:bb:3e:82:
37:8e:dc:b9:4a:00:3e:13:1b:93:4e:1d:1c:7f:40:
23:b6:bb:aa:14:68:35:af:9f:fd:9d:91:55:c1:92:
e6:9d:65:2e:b0:a7:5b:e8:8a:54:25:69:67:c3:e6:
ba:43:76:a5:23:19:40:7a:bb:5b:c0:d8:20:74:52:
93:b5:05:72:60:d9:95:8f:83:81:7c:59:9d:5c:aa:
18:07:e3:b5:9f:48:32:11:5e:a2:8b:fc:68:d7:79:
86:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:66:2B:B3:65:DC:FB:CF:A5:01:48:59:61:6A:3F:19:BA:90:2C:55
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65EFC262CC1311EFB6B35C49762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.174.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:31:95:46:15:fa:53:7a:08:75:79:f8:d0:40:2e:21:10:55:
57:b3:ef:1b:01:2a:c3:ed:4c:68:bd:8a:5c:21:f6:78:43:04:
56:d8:21:74:77:c7:d6:da:c6:9a:b4:bf:fe:f2:70:b0:44:92:
a2:52:f5:c4:86:03:92:16:41:32:dc:21:ad:9c:f8:42:50:1c:
31:80:58:c6:ce:57:02:fd:bd:fa:ec:7b:ae:01:7f:ac:83:78:
aa:d0:7b:72:7e:c7:70:80:d5:b5:f3:10:c5:8b:9c:73:13:19:
bb:55:8f:5b:1d:f1:c8:e5:79:e5:75:31:1d:7a:b5:d7:66:8e:
6a:36:a4:ca:4d:70:21:2b:72:65:50:56:04:86:35:cb:18:97:
a0:96:81:47:4f:a7:4b:fd:c6:9d:0d:2b:57:12:5a:ac:92:e7:
15:92:87:c6:1e:85:35:35:40:63:1e:9a:d5:e0:28:e4:5c:20:
2c:62:55:86:e3:35:5e:bb:4e:92:3c:43:98:a3:11:2f:9a:49:
2c:f4:fb:a9:79:de:ff:2b:57:34:2e:3c:86:c0:a5:d3:a4:cf:
d0:85:00:52:25:e4:14:28:6a:83:a8:97:6f:58:ef:67:3c:ac:
75:1b:3e:ad:65:fb:09:c4:77:ca:43:15:55:3a:d2:fa:c8:81:
10:63:1c:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPh5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDk0ODMyWhcNMjUwMjA2MDk0ODMyWjAYMRYw
FAYDVQQDEw02NzdiYTZmNC1lNDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxB/pzyaAmPkVLTFVdUXD4sh2Dchner1QC/HuyHCk2ICryVhek0X5Pa6s
wDt5Ydd3EVlKAknK5hd3BLUmX2BVnwwSxZll/v1m26kPR0MH2OFFZf9L591ufe09
VQbmoJZOt1Xk0D4kamwMEA1PiBCoCKyxX4yQbwJys+aQhTAaTyI/eBnoYTqC2QJx
1hE6gCGAbDtIBQSdGBGl4ZpHLWXgUaa7PoI3jty5SgA+ExuTTh0cf0AjtruqFGg1
r5/9nZFVwZLmnWUusKdb6IpUJWlnw+a6Q3alIxlAertbwNggdFKTtQVyYNmVj4OB
fFmdXKoYB+O1n0gyEV6ii/xo13mGswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO9m
K7Nl3PvPpQFIWWFqPxm6kCxVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NUVGQzI2MkNDMTMxMUVGQjZCMzVDNDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOSuMA0GCSqGSIb3DQEBCwUA
A4IBAQA8MZVGFfpTegh1efjQQC4hEFVXs+8bASrD7UxovYpcIfZ4QwRW2CF0d8fW
2saatL/+8nCwRJKiUvXEhgOSFkEy3CGtnPhCUBwxgFjGzlcC/b367HuuAX+sg3iq
0HtyfsdwgNW18xDFi5xzExm7VY9bHfHI5XnldTEderXXZo5qNqTKTXAhK3JlUFYE
hjXLGJegloFHT6dL/cadDStXElqskucVkofGHoU1NUBjHprV4CjkXCAsYlWG4zVe
u06SPEOYoxEvmkks9Puped7/K1c0LjyGwKXTpM/QhQBSJeQUKGqDqJdvWO9nPKx1
Gz6tZfsJxHfKQxVVOtL6yIEQYxxQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:46 2025 by rpki-client