Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67BD890CCEF811EFAF329FBE762E951A.roa
File: 67BD890CCEF811EFAF329FBE762E951A.roa (raw, json)
Hash identifier: /j9ibLREJdHwEP4lKNzsL4/luNQVdYDpB0xhrvkU9ek=
Subject key identifier: BE:75:93:13:03:32:BD:0E:DE:1E:2A:12:F1:57:04:10:DF:EE:C4:B4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01049D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67BD890CCEF811EFAF329FBE762E951A.roa
Signing time: Fri 10 Jan 2025 02:12:56 +0000
ROA not before: Fri 10 Jan 2025 02:12:52 +0000
ROA not after: Fri 14 Feb 2025 02:12:52 +0000
asID: 202736
IP address blocks: 156.254.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66717 (0x1049d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 02:12:52 2025 GMT
Not After : Feb 14 02:12:52 2025 GMT
Subject: CN=67808228-fd45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f6:71:a2:12:1d:11:7e:29:eb:5f:d1:48:b9:
b3:02:96:ce:90:a9:26:b2:a6:98:60:67:ed:2a:58:
0d:a6:3c:a2:45:d6:76:1e:29:2e:20:1e:07:1d:58:
dc:98:f2:66:ab:9c:5d:07:f1:82:67:5d:9b:4b:47:
b0:b0:4f:e5:69:a4:3a:52:64:d5:3f:63:99:58:ae:
b9:09:cc:71:ec:94:8a:cd:78:3c:fd:0d:8b:cb:05:
1d:ca:cb:33:51:1f:cf:0a:b5:86:bf:2a:12:e7:14:
22:cf:02:87:04:48:32:da:d0:6d:50:ff:6e:9e:2d:
92:03:26:4c:26:72:57:f8:89:b5:f3:72:0c:70:0d:
8a:11:19:d2:2f:52:0c:2c:06:72:01:0c:c1:fe:8d:
4e:3f:e5:69:a6:89:c0:e6:f6:03:fc:ef:07:9d:ba:
ee:4c:2e:f9:d4:8f:a1:b3:4c:af:68:f6:51:35:d3:
35:f3:c3:0f:f4:16:d4:f5:c2:b1:bd:f9:82:43:c5:
1a:83:c0:ab:a3:79:e0:4e:53:b1:3d:a8:7f:69:3f:
f5:b7:a8:d5:90:d3:05:ad:fd:e6:1f:8c:87:46:cd:
65:76:b7:c1:25:85:a1:6e:5a:a0:c9:b7:80:28:61:
16:4c:91:a2:5a:aa:a8:88:70:59:ec:b0:9c:28:0e:
20:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:75:93:13:03:32:BD:0E:DE:1E:2A:12:F1:57:04:10:DF:EE:C4:B4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67BD890CCEF811EFAF329FBE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.116.0/22
Signature Algorithm: sha256WithRSAEncryption
47:2f:d3:b6:10:1d:fd:14:16:e8:cd:32:36:92:ca:31:16:f6:
12:49:f4:42:30:ac:ed:ba:a1:f2:a2:5e:3b:64:8e:a7:96:38:
94:25:72:88:8a:17:49:7a:b7:56:cb:4e:4d:f1:9a:d3:e1:0e:
98:71:18:a0:b2:26:3f:3f:49:c0:6f:9a:aa:04:39:b5:7e:9e:
e7:3a:ef:02:1a:26:fc:29:ad:72:9a:c5:1e:69:19:6a:c1:a2:
18:96:77:ac:4d:e4:57:1d:bd:04:b1:b9:41:bd:05:b4:c6:55:
71:c0:0f:d3:6a:e3:3f:cd:8a:de:79:66:46:93:d9:1e:fb:4d:
81:4f:30:8c:51:0d:83:d9:8f:34:f5:8f:48:81:8b:be:51:39:
61:b0:e3:fa:33:0d:e4:87:aa:40:0d:18:2c:65:e1:ff:8e:f4:
8a:f1:4e:3a:be:10:f5:07:44:0d:b7:36:53:dd:f3:fe:1f:3a:
b9:cf:8a:93:d3:9b:83:d0:aa:e0:53:b2:31:cf:cb:7d:27:81:
d7:9a:e3:b6:97:cf:f2:e3:e4:d4:81:f4:3d:5c:60:9c:12:47:
ed:96:f3:ed:24:a8:b6:4b:b1:5d:e0:5c:06:26:cc:8e:7c:1f:
63:48:74:d6:00:a2:3b:a3:2d:f2:8f:af:c5:85:ec:39:49:8a:
d5:98:73:eb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQSdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDIxMjUyWhcNMjUwMjE0MDIxMjUyWjAYMRYw
FAYDVQQDEw02NzgwODIyOC1mZDQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuPZxohIdEX4p61/RSLmzApbOkKkmsqaYYGftKlgNpjyiRdZ2HikuIB4H
HVjcmPJmq5xdB/GCZ12bS0ewsE/laaQ6UmTVP2OZWK65Ccxx7JSKzXg8/Q2LywUd
ysszUR/PCrWGvyoS5xQizwKHBEgy2tBtUP9uni2SAyZMJnJX+Im183IMcA2KERnS
L1IMLAZyAQzB/o1OP+VpponA5vYD/O8HnbruTC751I+hs0yvaPZRNdM188MP9BbU
9cKxvfmCQ8Uag8Cro3ngTlOxPah/aT/1t6jVkNMFrf3mH4yHRs1ldrfBJYWhblqg
ybeAKGEWTJGiWqqoiHBZ7LCcKA4gjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL51
kxMDMr0O3h4qEvFXBBDf7sS0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0JEODkwQ0NFRjgxMUVGQUYzMjlGQkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP50MA0GCSqGSIb3DQEBCwUA
A4IBAQBHL9O2EB39FBbozTI2ksoxFvYSSfRCMKztuqHyol47ZI6nljiUJXKIihdJ
erdWy05N8ZrT4Q6YcRigsiY/P0nAb5qqBDm1fp7nOu8CGib8Ka1ymsUeaRlqwaIY
lnesTeRXHb0EsblBvQW0xlVxwA/TauM/zYreeWZGk9ke+02BTzCMUQ2D2Y809Y9I
gYu+UTlhsOP6Mw3kh6pADRgsZeH/jvSK8U46vhD1B0QNtzZT3fP+Hzq5z4qT05uD
0KrgU7Ixz8t9J4HXmuO2l8/y4+TUgfQ9XGCcEkftlvPtJKi2S7Fd4FwGJsyOfB9j
SHTWAKI7oy3yj6/Fhew5SYrVmHPr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:40 2025 by rpki-client