Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69CEFFBACCCC11EFBC385464762E951A.roa
File: 69CEFFBACCCC11EFBC385464762E951A.roa (raw, json)
Hash identifier: J8gwV8BfZ/HfPEkbrCq/QKhOXLidu5FczRJPEA31unQ=
Subject key identifier: 87:62:E2:71:05:9B:3C:69:49:E4:3D:1E:72:C2:DA:C9:EE:25:D4:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA88
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69CEFFBACCCC11EFBC385464762E951A.roa
Signing time: Tue 07 Jan 2025 07:52:59 +0000
ROA not before: Tue 07 Jan 2025 07:52:56 +0000
ROA not after: Mon 13 Dec 2027 07:52:56 +0000
asID: 17561
IP address blocks: 156.233.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64136 (0xfa88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 07:52:56 2025 GMT
Not After : Dec 13 07:52:56 2027 GMT
Subject: CN=677cdd5b-8179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:07:76:54:ab:36:ea:d3:ac:4c:02:b1:01:a8:
fc:1b:4d:86:28:c3:46:2a:82:a9:73:78:3c:21:cc:
38:76:2c:14:95:af:3c:a3:33:8a:c6:ba:66:81:c8:
d0:7e:5e:b2:24:e9:0d:1c:f6:36:49:20:c2:03:57:
0f:e1:c8:2b:6c:95:3a:a1:3f:24:21:4c:36:8a:1e:
7a:61:3e:47:7d:5c:ca:07:08:62:eb:e4:99:a7:af:
01:97:f4:20:b8:60:4f:58:11:e1:22:01:32:5b:cc:
91:3f:ef:78:a5:a6:0d:a4:e9:ca:9e:a9:93:cf:f1:
b7:a2:c7:04:ea:c8:47:b4:b5:39:7f:42:81:81:34:
84:52:79:79:78:71:0b:ca:89:19:c1:c6:9b:53:29:
b5:f9:83:6b:a7:aa:0f:bc:0d:f0:c7:4d:0e:22:78:
1d:34:c7:b0:97:85:59:f8:2c:34:d3:c6:e8:02:4d:
19:5c:fe:03:8d:aa:78:6e:0f:c0:e0:ef:e9:aa:00:
07:f2:b3:90:ad:a3:88:ff:42:d6:8d:a0:be:71:5e:
90:83:87:37:99:b5:dd:63:cc:df:67:b6:80:58:92:
28:70:78:04:fb:50:5e:2f:e2:1e:96:68:ef:88:8a:
7f:97:51:80:4e:3e:a8:21:b3:f1:a8:07:37:13:67:
70:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:62:E2:71:05:9B:3C:69:49:E4:3D:1E:72:C2:DA:C9:EE:25:D4:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69CEFFBACCCC11EFBC385464762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.129.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:6f:05:bc:dd:70:1e:52:c9:58:aa:d9:5e:d9:9b:f9:0d:db:
9b:70:cf:db:42:b5:d8:ae:a8:ef:c3:ba:3a:d0:62:2a:88:89:
67:b5:db:88:8f:9a:eb:c3:16:36:3e:01:75:ab:5a:b1:0f:e0:
95:de:73:fa:18:af:40:56:4a:75:cf:b1:6d:70:82:8b:a1:09:
c3:f4:be:42:9d:c2:ba:2a:4e:85:43:e5:79:c6:bc:d0:87:6b:
a3:5f:1e:8e:22:78:34:ca:11:b5:95:22:49:98:f3:e1:3e:ca:
a7:1b:f5:79:a6:ef:83:53:66:85:9a:66:3c:43:ba:e2:5e:f4:
a9:08:46:c3:59:96:f8:cb:d7:3a:bc:79:09:ea:89:69:d7:7c:
1c:da:d4:f6:97:4d:99:a6:a3:b7:3e:75:30:13:b0:b4:d2:72:
a6:cc:b3:57:f8:e2:bb:f9:1d:59:f2:5b:2b:eb:a4:f9:b2:4b:
bd:d3:ad:88:81:98:b5:8f:4c:c4:fa:d6:27:8c:f6:6b:4a:99:
e8:96:03:93:9d:57:77:3f:fe:96:49:33:b8:7b:96:61:4b:dd:
92:ae:8a:06:18:a1:37:c4:dc:ed:f5:7b:b8:f7:65:ff:04:19:
e8:7f:59:65:7f:07:d5:d8:91:cd:8d:1f:53:dd:7d:ae:54:3d:
aa:2b:57:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPqIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDc1MjU2WhcNMjcxMjEzMDc1MjU2WjAYMRYw
FAYDVQQDEw02NzdjZGQ1Yi04MTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3wd2VKs26tOsTAKxAaj8G02GKMNGKoKpc3g8Icw4diwUla88ozOKxrpm
gcjQfl6yJOkNHPY2SSDCA1cP4cgrbJU6oT8kIUw2ih56YT5HfVzKBwhi6+SZp68B
l/QguGBPWBHhIgEyW8yRP+94paYNpOnKnqmTz/G3oscE6shHtLU5f0KBgTSEUnl5
eHELyokZwcabUym1+YNrp6oPvA3wx00OIngdNMewl4VZ+Cw008boAk0ZXP4Djap4
bg/A4O/pqgAH8rOQraOI/0LWjaC+cV6Qg4c3mbXdY8zfZ7aAWJIocHgE+1BeL+Ie
lmjviIp/l1GATj6oIbPxqAc3E2dwmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIdi
4nEFmzxpSeQ9HnLC2snuJdSXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OUNFRkZCQUNDQ0MxMUVGQkMzODU0NjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmBMA0GCSqGSIb3DQEBCwUA
A4IBAQCdbwW83XAeUslYqtle2Zv5DdubcM/bQrXYrqjvw7o60GIqiIlntduIj5rr
wxY2PgF1q1qxD+CV3nP6GK9AVkp1z7FtcIKLoQnD9L5CncK6Kk6FQ+V5xrzQh2uj
Xx6OIng0yhG1lSJJmPPhPsqnG/V5pu+DU2aFmmY8Q7riXvSpCEbDWZb4y9c6vHkJ
6olp13wc2tT2l02ZpqO3PnUwE7C00nKmzLNX+OK7+R1Z8lsr66T5sku9062IgZi1
j0zE+tYnjPZrSpnolgOTnVd3P/6WSTO4e5ZhS92SrooGGKE3xNzt9Xu492X/BBno
f1llfwfV2JHNjR9T3X2uVD2qK1e6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:15 2025 by rpki-client