Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67DB11CACCD211EFA0F36E89762E951A.roa
File: 67DB11CACCD211EFA0F36E89762E951A.roa (raw, json)
Hash identifier: ePwEYtJln51rtVbX7KBBX1KFDjqzIdfnJSG7YngoH8k=
Subject key identifier: 52:1D:9E:5E:39:E9:B0:3D:9E:C4:93:41:11:7C:94:EE:72:D6:E4:95
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FADD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67DB11CACCD211EFA0F36E89762E951A.roa
Signing time: Tue 07 Jan 2025 08:35:53 +0000
ROA not before: Tue 07 Jan 2025 08:35:49 +0000
ROA not after: Sat 13 Dec 2025 08:35:49 +0000
asID: 984
IP address blocks: 156.233.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64221 (0xfadd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:35:49 2025 GMT
Not After : Dec 13 08:35:49 2025 GMT
Subject: CN=677ce769-c0b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:02:27:de:50:7b:80:86:24:c4:cc:05:c5:b9:
13:f9:7f:ad:a7:46:62:41:8b:70:f5:13:0e:36:d2:
04:93:76:a6:57:f4:5b:a5:34:ee:bd:fd:54:b0:eb:
ee:86:41:87:cb:9b:a3:3f:7b:2f:27:ed:2e:bf:49:
a5:25:f4:2b:f5:4b:a8:69:cf:35:16:54:04:ea:d5:
e5:98:55:46:0a:c3:8b:e6:37:48:0c:04:08:86:50:
61:5c:01:fa:e1:b8:19:15:e1:4a:45:d1:de:bf:cb:
1d:de:b0:98:7f:0f:bf:d2:3c:e2:17:1b:c5:37:65:
0c:fe:17:9e:9e:08:1d:8e:ac:7a:1e:9a:f5:bb:dc:
0f:5e:ea:82:0b:a1:01:d7:1e:3e:7d:ab:f0:c2:d0:
8b:a9:f4:b5:a7:a7:ce:08:82:9d:c1:5f:ed:4b:2b:
5f:8f:44:68:cb:34:be:fb:d6:cb:68:3a:96:e8:96:
97:53:54:e2:e7:17:16:1b:e3:e8:db:cc:f3:37:6e:
19:96:2d:37:2a:58:1e:cb:51:e2:ef:e0:0f:f5:55:
0c:e2:3a:a2:42:6a:32:de:63:5e:89:71:25:a4:22:
04:e8:b8:3b:b6:6c:dd:00:40:a5:70:f8:3c:12:7d:
d4:e1:23:64:fe:a1:e7:8e:46:41:e2:e9:14:53:20:
3a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:1D:9E:5E:39:E9:B0:3D:9E:C4:93:41:11:7C:94:EE:72:D6:E4:95
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67DB11CACCD211EFA0F36E89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.158.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:29:53:4f:26:3a:ad:77:12:48:1f:e4:b0:d8:a7:a3:94:32:
3d:7a:b2:ff:88:b2:3d:7e:00:cc:0f:26:38:09:55:3b:83:e0:
b1:de:a1:95:90:1f:27:db:ef:7f:1f:4a:27:13:bd:6b:31:94:
b6:ab:a3:f3:02:4d:05:ef:18:29:e4:31:3c:d3:c2:31:da:bd:
18:cc:2d:3d:b3:93:a8:4e:eb:cb:99:aa:41:ef:d0:bb:f7:38:
18:db:0f:ff:ef:76:d8:31:b6:16:5b:d3:25:3e:7d:9c:63:d3:
82:7a:f6:45:55:0f:bc:dd:54:08:fa:ca:e2:02:21:6f:9e:7d:
14:40:0f:37:0f:0f:b8:4e:dc:fc:29:a6:cd:ce:9d:6a:87:1f:
6a:08:3e:2e:ee:d8:ff:f1:7f:1c:ee:b3:1f:df:a4:34:0f:ab:
a0:e5:03:3c:15:15:c3:8f:59:52:4f:9a:01:07:83:54:fb:df:
56:6b:e0:62:76:95:98:a9:31:3b:01:dd:e2:f1:f4:48:04:10:
62:ed:6d:33:16:29:2f:f2:7f:98:d5:22:b1:52:25:34:9a:ef:
f4:0e:02:03:3a:57:c9:e4:ec:36:b3:48:ea:cc:6c:75:2b:c1:
38:97:e4:7b:25:ca:1c:61:71:e4:5a:94:a4:82:4c:2d:dc:cd:
53:72:3c:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPrdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgzNTQ5WhcNMjUxMjEzMDgzNTQ5WjAYMRYw
FAYDVQQDEw02NzdjZTc2OS1jMGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1gIn3lB7gIYkxMwFxbkT+X+tp0ZiQYtw9RMONtIEk3amV/RbpTTuvf1U
sOvuhkGHy5ujP3svJ+0uv0mlJfQr9Uuoac81FlQE6tXlmFVGCsOL5jdIDAQIhlBh
XAH64bgZFeFKRdHev8sd3rCYfw+/0jziFxvFN2UM/heenggdjqx6Hpr1u9wPXuqC
C6EB1x4+favwwtCLqfS1p6fOCIKdwV/tSytfj0RoyzS++9bLaDqW6JaXU1Ti5xcW
G+Po28zzN24Zli03Klgey1Hi7+AP9VUM4jqiQmoy3mNeiXElpCIE6Lg7tmzdAECl
cPg8En3U4SNk/qHnjkZB4ukUUyA6zQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFId
nl456bA9nsSTQRF8lO5y1uSVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0RCMTFDQUNDRDIxMUVGQTBGMzZFODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmeMA0GCSqGSIb3DQEBCwUA
A4IBAQCfKVNPJjqtdxJIH+Sw2KejlDI9erL/iLI9fgDMDyY4CVU7g+Cx3qGVkB8n
2+9/H0onE71rMZS2q6PzAk0F7xgp5DE808Ix2r0YzC09s5OoTuvLmapB79C79zgY
2w//73bYMbYWW9MlPn2cY9OCevZFVQ+83VQI+sriAiFvnn0UQA83Dw+4Ttz8KabN
zp1qhx9qCD4u7tj/8X8c7rMf36Q0D6ug5QM8FRXDj1lST5oBB4NU+99Wa+BidpWY
qTE7Ad3i8fRIBBBi7W0zFikv8n+Y1SKxUiU0mu/0DgIDOlfJ5Ow2s0jqzGx1K8E4
l+R7JcocYXHkWpSkgkwt3M1TcjzR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:41 2025 by rpki-client