Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69611E88C95611EFB8835B5D762E951A.roa
File: 69611E88C95611EFB8835B5D762E951A.roa (raw, json)
Hash identifier: CCsA18WTDO9ZcSt3HgDUIbyCjQ/rrZwN9Xb3Ioau/0w=
Subject key identifier: C0:05:D7:47:92:A6:3D:2D:7D:3E:63:2C:20:77:0A:4F:CC:D5:B3:27
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3FA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69611E88C95611EFB8835B5D762E951A.roa
Signing time: Thu 02 Jan 2025 22:10:44 +0000
ROA not before: Thu 02 Jan 2025 22:10:41 +0000
ROA not after: Mon 13 Dec 2027 22:10:41 +0000
asID: 17561
IP address blocks: 156.226.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62458 (0xf3fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:10:41 2025 GMT
Not After : Dec 13 22:10:41 2027 GMT
Subject: CN=67770ee4-0d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f5:68:07:b3:55:14:04:13:fc:65:6e:95:b6:
2f:7f:9b:73:b2:3c:50:2e:c1:82:dc:ef:5d:e5:fa:
b3:f2:aa:f5:80:f0:6c:a4:a7:d4:ff:29:c3:10:58:
cb:c4:53:98:32:6f:a8:9b:5e:08:32:99:56:fd:8e:
5b:ef:a4:61:fd:7c:ad:d2:50:5c:fb:a3:d0:42:19:
a7:06:7d:01:08:fe:b5:3a:e8:76:b0:4d:dc:f5:d1:
b5:69:99:1b:a2:5d:8c:b4:a6:9a:10:84:bb:ff:91:
1f:42:a1:f0:71:44:9d:0f:bd:67:4d:3b:6b:69:c6:
dd:45:88:88:d5:e9:39:6d:91:df:7b:f1:3b:28:69:
32:8d:f9:8a:5e:f5:3a:13:5a:89:71:72:ef:2b:3a:
ae:2c:89:6d:f3:1c:92:25:9c:8d:12:5a:ba:75:71:
9a:86:20:7b:88:35:be:96:fb:41:91:c5:2b:85:ad:
35:9f:18:b6:b5:4b:a9:d9:63:cd:cf:59:27:a2:e2:
3a:8d:a2:2b:3a:5e:97:22:79:0b:b7:e1:e3:35:cb:
f3:fd:87:07:f4:6f:dd:6b:d8:d9:ac:8c:75:42:4c:
ad:20:cf:47:d1:94:12:61:bb:bc:22:d8:4e:c6:4c:
fa:0e:07:e7:d6:6c:66:a8:81:b9:ad:0b:f2:ba:d2:
72:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:05:D7:47:92:A6:3D:2D:7D:3E:63:2C:20:77:0A:4F:CC:D5:B3:27
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69611E88C95611EFB8835B5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.149.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:c5:c6:90:52:8c:9a:13:55:15:72:5a:48:35:dc:b2:13:97:
98:4f:c7:2a:82:0b:ce:56:e2:ff:73:88:06:4e:bd:11:fe:61:
00:44:a6:83:43:b2:da:f3:ae:0d:f0:51:33:37:0f:d9:ef:2b:
6e:d2:cb:23:04:ca:51:63:f9:e0:a0:44:f4:9f:d3:21:d0:92:
c1:e2:aa:17:f8:83:3f:ed:54:ea:28:f3:2a:41:12:fe:f1:df:
fd:0c:c7:7e:53:50:61:81:f8:fc:25:94:52:c9:c4:82:ef:be:
48:bb:24:ae:ff:0f:97:37:1b:80:15:ef:4a:3f:b2:64:a5:a0:
b2:b9:57:39:74:49:73:eb:f0:38:74:d3:ea:96:fd:b5:74:91:
96:a1:b8:87:79:64:4e:50:86:78:7f:76:60:42:2d:e2:81:6b:
7d:e3:ee:cc:89:7e:8d:7b:58:d9:52:0e:5c:89:eb:35:6d:8a:
9c:78:1b:7a:8a:b2:8b:3b:5a:3e:29:64:7e:2a:a1:93:97:a5:
7f:9d:d2:f3:82:38:43:55:ba:af:87:74:ab:47:b1:23:a9:87:
d2:ee:86:f8:be:d2:f8:ae:64:a0:76:7b:de:82:80:62:12:58:
e4:b8:86:10:82:8d:4a:ab:6d:75:5d:33:83:8b:fc:4e:eb:62:
a4:93:14:f0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPP6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjIxMDQxWhcNMjcxMjEzMjIxMDQxWjAYMRYw
FAYDVQQDEw02Nzc3MGVlNC0wZDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuvVoB7NVFAQT/GVulbYvf5tzsjxQLsGC3O9d5fqz8qr1gPBspKfU/ynD
EFjLxFOYMm+om14IMplW/Y5b76Rh/Xyt0lBc+6PQQhmnBn0BCP61Ouh2sE3c9dG1
aZkbol2MtKaaEIS7/5EfQqHwcUSdD71nTTtracbdRYiI1ek5bZHfe/E7KGkyjfmK
XvU6E1qJcXLvKzquLIlt8xySJZyNElq6dXGahiB7iDW+lvtBkcUrha01nxi2tUup
2WPNz1knouI6jaIrOl6XInkLt+HjNcvz/YcH9G/da9jZrIx1QkytIM9H0ZQSYbu8
IthOxkz6Dgfn1mxmqIG5rQvyutJygwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMAF
10eSpj0tfT5jLCB3Ck/M1bMnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OTYxMUU4OEM5NTYxMUVGQjg4MzVCNUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKVMA0GCSqGSIb3DQEBCwUA
A4IBAQCmxcaQUoyaE1UVclpINdyyE5eYT8cqggvOVuL/c4gGTr0R/mEARKaDQ7La
864N8FEzNw/Z7ytu0ssjBMpRY/ngoET0n9Mh0JLB4qoX+IM/7VTqKPMqQRL+8d/9
DMd+U1Bhgfj8JZRSycSC775IuySu/w+XNxuAFe9KP7JkpaCyuVc5dElz6/A4dNPq
lv21dJGWobiHeWROUIZ4f3ZgQi3igWt94+7MiX6Ne1jZUg5cies1bYqceBt6irKL
O1o+KWR+KqGTl6V/ndLzgjhDVbqvh3SrR7EjqYfS7ob4vtL4rmSgdnvegoBiEljk
uIYQgo1Kq211XTODi/xO62KkkxTw
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:18 2025 by rpki-client