Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/671E1DBCC94511EF9EE0F470762E951A.roa
File: 671E1DBCC94511EF9EE0F470762E951A.roa (raw, json)
Hash identifier: nFw2puWclYERftx4AktBoSxTWZ8pkt87nxCC6tLfWmY=
Subject key identifier: 79:59:41:EA:49:C4:21:CB:9E:59:71:FF:61:32:47:FC:12:83:4A:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F358
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/671E1DBCC94511EF9EE0F470762E951A.roa
Signing time: Thu 02 Jan 2025 20:08:59 +0000
ROA not before: Thu 02 Jan 2025 20:08:55 +0000
ROA not after: Sat 13 Dec 2025 20:08:55 +0000
asID: 984
IP address blocks: 156.225.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62296 (0xf358)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:08:55 2025 GMT
Not After : Dec 13 20:08:55 2025 GMT
Subject: CN=6776f25b-da65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:42:f2:be:7a:57:72:57:51:03:eb:5c:0d:81:
fb:f4:24:7b:3d:a1:3e:bd:7e:62:e1:b1:54:4a:b5:
ab:94:ac:c5:b3:cf:ba:f3:54:22:ec:7c:a1:68:2d:
74:97:8a:33:41:eb:90:16:20:27:a9:e0:2d:59:67:
0d:e0:d2:c5:8d:f4:de:36:7c:18:de:36:fe:2d:84:
b6:c0:ca:86:c4:65:5a:be:4a:5c:44:c1:63:b9:1f:
dd:22:61:9e:e8:1a:c5:61:ac:45:34:3d:be:e0:c1:
d7:a3:55:2d:b7:50:33:c6:50:6f:05:e2:3a:6f:a9:
61:e5:74:a1:a3:6d:09:fa:10:94:b6:a7:a1:bb:2a:
4d:02:69:e6:19:cb:bd:c8:f2:73:cc:6c:96:ca:fc:
8a:d6:e9:6b:f3:4c:c8:89:32:3e:36:a5:f5:a3:55:
42:54:ae:d3:b7:41:1a:5a:2f:09:f2:ba:35:f3:b2:
e3:ae:75:58:40:06:51:bc:21:44:f7:29:16:32:52:
d4:35:1e:35:b2:99:bd:ab:35:d9:a7:f0:c6:1c:0b:
c9:84:2c:da:93:ce:15:65:62:23:f6:54:c8:50:2c:
d2:60:ef:a1:cb:f0:e0:a0:c0:25:c4:bb:48:e5:6f:
13:28:35:c0:1b:f3:ff:65:9a:2b:ba:ab:6e:ca:9b:
69:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:59:41:EA:49:C4:21:CB:9E:59:71:FF:61:32:47:FC:12:83:4A:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/671E1DBCC94511EF9EE0F470762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.39.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:85:fd:b3:97:e2:85:36:6d:7f:2b:70:88:32:0f:09:2f:35:
f2:35:fd:43:42:f2:98:cd:3c:31:a1:b5:ca:f5:02:22:5b:e9:
a9:fd:c5:51:16:29:13:fb:57:7e:86:12:91:59:63:8b:8d:68:
9f:2f:e4:87:19:4a:5c:26:92:dd:b7:77:d0:3b:cc:ca:d5:65:
cc:2e:d2:4c:05:4a:b2:19:10:7b:a1:84:2b:78:df:3b:dd:ff:
a3:88:53:4c:d5:1b:b3:eb:9f:40:83:49:1a:74:60:42:2b:c9:
73:90:5a:0c:56:b7:eb:9a:c9:b7:76:81:7e:06:dc:36:cf:42:
d7:9d:ed:85:54:72:8a:1f:5e:a9:18:2d:40:dd:0b:2e:aa:6a:
e1:25:c4:b8:a3:3b:4e:89:84:e9:bd:eb:1f:ab:ee:a8:ef:8a:
4d:df:02:cc:94:af:3c:2f:6d:0a:b8:1f:c5:cd:ca:13:11:cb:
6d:4a:fe:03:93:42:26:ef:49:90:38:79:70:e3:79:f6:58:a0:
4c:79:8d:e6:09:c2:a9:ca:58:89:39:c6:b2:a6:2e:30:b8:cd:
1b:7b:5b:07:1e:c7:42:15:37:0d:28:c1:0b:6a:03:9b:55:54:
45:ca:ea:a0:6b:b0:1b:7e:ad:71:db:25:ec:c3:6f:5c:17:22:
00:55:e0:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPNYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjAwODU1WhcNMjUxMjEzMjAwODU1WjAYMRYw
FAYDVQQDEw02Nzc2ZjI1Yi1kYTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4kLyvnpXcldRA+tcDYH79CR7PaE+vX5i4bFUSrWrlKzFs8+681Qi7Hyh
aC10l4ozQeuQFiAnqeAtWWcN4NLFjfTeNnwY3jb+LYS2wMqGxGVavkpcRMFjuR/d
ImGe6BrFYaxFND2+4MHXo1Utt1AzxlBvBeI6b6lh5XSho20J+hCUtqehuypNAmnm
Gcu9yPJzzGyWyvyK1ulr80zIiTI+NqX1o1VCVK7Tt0EaWi8J8ro187LjrnVYQAZR
vCFE9ykWMlLUNR41spm9qzXZp/DGHAvJhCzak84VZWIj9lTIUCzSYO+hy/DgoMAl
xLtI5W8TKDXAG/P/ZZoruqtuyptpcwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHlZ
QepJxCHLnllx/2EyR/wSg0o3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NzFFMURCQ0M5NDUxMUVGOUVFMEY0NzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEnMA0GCSqGSIb3DQEBCwUA
A4IBAQANhf2zl+KFNm1/K3CIMg8JLzXyNf1DQvKYzTwxobXK9QIiW+mp/cVRFikT
+1d+hhKRWWOLjWifL+SHGUpcJpLdt3fQO8zK1WXMLtJMBUqyGRB7oYQreN873f+j
iFNM1Ruz659Ag0kadGBCK8lzkFoMVrfrmsm3doF+Btw2z0LXne2FVHKKH16pGC1A
3QsuqmrhJcS4oztOiYTpvesfq+6o74pN3wLMlK88L20KuB/FzcoTEcttSv4Dk0Im
70mQOHlw43n2WKBMeY3mCcKpyliJOcaypi4wuM0be1sHHsdCFTcNKMELagObVVRF
yuqga7Abfq1x2yXsw29cFyIAVeC4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:43 2025 by rpki-client