Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67F065CCD2ED11EFB5F28152762E951A.roa
File: 67F065CCD2ED11EFB5F28152762E951A.roa (raw, json)
Hash identifier: JH4QLu5JTcqdXqnZ61ba7aTMWvzJGphfuPNfOtL2X6Q=
Subject key identifier: 4A:67:A5:AB:01:EA:08:F5:C8:D7:9F:EE:F3:D9:8E:1C:51:DD:BA:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010767
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67F065CCD2ED11EFB5F28152762E951A.roa
Signing time: Wed 15 Jan 2025 03:04:16 +0000
ROA not before: Wed 15 Jan 2025 03:04:13 +0000
ROA not after: Sat 03 Jan 2026 03:04:13 +0000
asID: 984
IP address blocks: 156.233.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67431 (0x10767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 03:04:13 2025 GMT
Not After : Jan 3 03:04:13 2026 GMT
Subject: CN=678725b0-c772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:54:26:bd:16:a3:e6:c7:f7:f2:59:08:e2:5d:
c9:6b:8a:0f:a9:3b:7d:e2:ea:16:fa:3b:b7:38:ec:
17:bc:e7:d4:39:76:c6:3f:a7:e1:89:98:a4:f4:2a:
9d:65:90:da:34:be:e6:c6:94:a6:fd:20:e6:02:f8:
88:75:d4:8e:cc:79:97:f7:b9:9b:bc:e8:bc:32:69:
9f:78:c1:7c:48:0a:11:2d:5d:64:e8:e2:a0:bf:60:
b3:16:01:a4:5f:0a:73:9f:7f:38:e3:a5:03:d5:63:
4b:3c:f9:82:de:77:5e:f3:1e:fd:f3:b9:16:25:19:
9b:0e:a8:5e:16:80:02:c9:8d:4f:60:3e:8d:77:b4:
1a:89:97:8e:e2:a3:da:9b:d3:8e:69:10:59:0a:1a:
b5:1f:2a:c6:99:3a:e6:40:9a:3c:12:9a:7d:0c:c1:
81:5c:6a:2c:d8:b2:c2:ac:f1:2e:07:82:68:88:60:
20:02:15:0e:41:d1:79:77:05:6e:19:f8:ef:57:f4:
85:10:f4:11:2f:32:5d:7c:26:a4:27:98:fc:59:6d:
74:6c:b0:0d:ed:7f:74:0f:e3:43:12:a0:fd:ce:bf:
c5:41:10:7c:f4:54:ab:72:6a:f5:2a:0a:64:ee:a5:
7d:4a:02:56:56:29:9a:cb:e1:93:0d:27:a6:fc:23:
c9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:67:A5:AB:01:EA:08:F5:C8:D7:9F:EE:F3:D9:8E:1C:51:DD:BA:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67F065CCD2ED11EFB5F28152762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.100.0/24
Signature Algorithm: sha256WithRSAEncryption
01:0a:09:c1:69:f5:d0:e9:76:e3:7f:d3:d8:a5:39:c1:cd:25:
46:33:0a:3b:38:3c:87:9a:0c:28:fe:85:56:47:cc:e4:a8:80:
0d:1d:e8:17:f3:b4:87:16:9d:1e:c7:88:49:b2:2f:2a:1f:ab:
14:1b:b4:46:43:33:e3:87:f2:31:5c:a3:97:b3:0b:94:d9:62:
37:89:82:f3:3e:af:8a:80:71:da:45:97:19:51:64:86:61:39:
d7:30:c8:af:aa:f7:0b:73:10:7a:0b:af:d4:58:1d:90:0e:f9:
72:f4:9d:34:45:2d:62:74:c5:c6:a7:51:04:27:2c:74:ec:9b:
42:20:0e:45:98:48:5f:98:c0:0a:01:c2:9c:23:8d:9a:c5:53:
df:4d:0e:fe:ec:fc:c4:99:8b:7b:36:6a:d9:37:3c:0f:f8:9f:
f3:db:ca:a5:5a:84:3f:8e:7f:4d:9e:b8:82:10:73:4c:9a:59:
7f:8b:9d:44:e7:d9:0f:c1:c2:15:75:e6:f5:5b:cd:56:ab:49:
cd:6e:b2:ca:dc:b2:a5:93:0b:2d:b6:4a:40:d6:5b:75:d4:33:
c7:27:90:15:15:a4:e7:f2:da:c0:e1:82:2a:57:f4:01:8c:e4:
58:cb:e5:18:41:a2:4a:f0:ea:fb:4b:eb:d0:5a:62:b4:aa:9e:
6a:0e:b7:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQdnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDMwNDEzWhcNMjYwMTAzMDMwNDEzWjAYMRYw
FAYDVQQDEw02Nzg3MjViMC1jNzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxVQmvRaj5sf38lkI4l3Ja4oPqTt94uoW+ju3OOwXvOfUOXbGP6fhiZik
9CqdZZDaNL7mxpSm/SDmAviIddSOzHmX97mbvOi8MmmfeMF8SAoRLV1k6OKgv2Cz
FgGkXwpzn38446UD1WNLPPmC3nde8x7987kWJRmbDqheFoACyY1PYD6Nd7QaiZeO
4qPam9OOaRBZChq1HyrGmTrmQJo8Epp9DMGBXGos2LLCrPEuB4JoiGAgAhUOQdF5
dwVuGfjvV/SFEPQRLzJdfCakJ5j8WW10bLAN7X90D+NDEqD9zr/FQRB89FSrcmr1
Kgpk7qV9SgJWVimay+GTDSem/CPJBwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEpn
pasB6gj1yNef7vPZjhxR3bqBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0YwNjVDQ0QyRUQxMUVGQjVGMjgxNTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlkMA0GCSqGSIb3DQEBCwUA
A4IBAQABCgnBafXQ6Xbjf9PYpTnBzSVGMwo7ODyHmgwo/oVWR8zkqIANHegX87SH
Fp0ex4hJsi8qH6sUG7RGQzPjh/IxXKOXswuU2WI3iYLzPq+KgHHaRZcZUWSGYTnX
MMivqvcLcxB6C6/UWB2QDvly9J00RS1idMXGp1EEJyx07JtCIA5FmEhfmMAKAcKc
I42axVPfTQ7+7PzEmYt7NmrZNzwP+J/z28qlWoQ/jn9NnriCEHNMmll/i51E59kP
wcIVdeb1W81Wq0nNbrLK3LKlkwsttkpA1lt11DPHJ5AVFaTn8trA4YIqV/QBjORY
y+UYQaJK8Or7S+vQWmK0qp5qDrdv
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:36 2025 by rpki-client