Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69D88CE6CD3611EFBA2FA77E762E951A.roa
File: 69D88CE6CD3611EFBA2FA77E762E951A.roa (raw, json)
Hash identifier: d4Y9AyXjwbYBxGJ5EqgcupAU45yCcSmdgForKV/QIN8=
Subject key identifier: 57:60:CD:EC:BA:9A:2C:89:7C:36:21:B8:FA:84:6B:B3:68:F1:6C:16
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE1D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69D88CE6CD3611EFBA2FA77E762E951A.roa
Signing time: Tue 07 Jan 2025 20:31:46 +0000
ROA not before: Tue 07 Jan 2025 20:31:42 +0000
ROA not after: Mon 13 Dec 2027 20:31:42 +0000
asID: 17561
IP address blocks: 156.243.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65053 (0xfe1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:31:42 2025 GMT
Not After : Dec 13 20:31:42 2027 GMT
Subject: CN=677d8f32-3cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1d:8f:9d:74:73:df:39:21:28:24:f4:06:34:
6f:4e:5e:34:04:9b:1f:b9:46:c8:09:2e:d4:0b:e8:
59:62:25:60:99:9d:16:12:e4:2c:4e:8f:29:5f:c9:
6c:51:b2:b6:cc:d7:8b:21:96:cd:a5:28:af:72:b2:
6f:7f:33:38:86:73:38:55:90:d4:00:99:c5:c3:8d:
c0:3b:c0:10:d3:80:46:08:62:41:e3:02:11:76:cb:
62:45:f0:2c:e0:fc:f1:0d:62:c3:31:ce:67:bc:dd:
bb:a0:f0:8c:59:d3:f0:f5:ca:b0:9a:47:ac:2e:05:
7a:99:53:b3:e2:90:41:06:ed:1c:f1:89:5b:2b:5b:
bd:c8:4f:66:8a:e9:1f:4b:da:5f:a1:be:7d:bc:15:
16:6e:a2:a5:f2:68:56:eb:04:1b:c8:39:34:26:9f:
1a:64:7c:04:e1:46:89:2b:ac:ab:19:a4:37:cf:f6:
37:1e:5a:85:d6:ea:2c:dc:b8:a1:7c:b5:1f:fa:14:
2b:b0:f2:2f:17:ea:06:38:4d:65:68:eb:5b:4a:0d:
9a:e4:ab:1f:6d:82:c8:47:68:4c:b7:a9:86:08:80:
82:94:2d:a4:79:2e:53:99:c2:42:ad:62:bb:cc:3e:
2f:1a:bc:fe:10:ee:63:e3:c2:cd:b2:1e:92:94:4e:
4b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:60:CD:EC:BA:9A:2C:89:7C:36:21:B8:FA:84:6B:B3:68:F1:6C:16
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/69D88CE6CD3611EFBA2FA77E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.55.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:2f:a4:c6:d7:47:e5:5a:9c:46:a7:bb:7f:d1:06:b1:c8:34:
85:44:67:02:ba:ff:7c:f7:e4:bc:69:a2:4f:9a:ad:fe:94:6e:
d7:aa:4c:43:78:d8:55:69:f5:5d:de:d8:15:6d:e7:2c:07:b3:
a3:4f:b2:6f:0e:d9:0f:8e:98:3b:a1:0c:f8:ab:6c:13:a1:f6:
42:2d:73:db:60:a0:f4:d4:9c:7f:e4:d2:3c:63:1e:78:8a:3e:
9a:55:13:c2:81:4d:70:2a:23:64:85:ea:1d:7d:d8:a5:6f:4f:
b5:ac:b5:31:3a:3f:14:c9:57:7e:06:8e:73:60:25:d3:e6:9f:
5d:84:36:9e:fa:d6:78:9d:26:0c:71:43:39:9d:16:00:f1:76:
5c:ea:ea:a7:4b:d5:31:f5:f5:18:0c:e8:e1:6d:0f:5c:d8:8a:
de:2c:bf:a6:a2:8e:20:10:40:c6:ee:5c:06:84:48:6c:52:6d:
c9:a5:a8:e2:fd:b9:4c:b3:b2:c3:3a:00:f9:cc:f7:4e:3b:bd:
7a:69:ed:88:a5:1b:c5:c4:c5:f5:08:a5:52:6e:fa:f8:0d:e4:
ca:23:4c:4a:b9:22:d6:18:eb:0b:94:c6:be:e2:31:96:66:00:
4f:ba:30:2e:ae:d5:70:32:25:49:07:6d:b3:19:32:13:0d:20:
df:a0:ff:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjAzMTQyWhcNMjcxMjEzMjAzMTQyWjAYMRYw
FAYDVQQDEw02NzdkOGYzMi0zY2Q3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2x2PnXRz3zkhKCT0BjRvTl40BJsfuUbICS7UC+hZYiVgmZ0WEuQsTo8p
X8lsUbK2zNeLIZbNpSivcrJvfzM4hnM4VZDUAJnFw43AO8AQ04BGCGJB4wIRdsti
RfAs4PzxDWLDMc5nvN27oPCMWdPw9cqwmkesLgV6mVOz4pBBBu0c8YlbK1u9yE9m
iukfS9pfob59vBUWbqKl8mhW6wQbyDk0Jp8aZHwE4UaJK6yrGaQ3z/Y3HlqF1uos
3LihfLUf+hQrsPIvF+oGOE1laOtbSg2a5KsfbYLIR2hMt6mGCICClC2keS5TmcJC
rWK7zD4vGrz+EO5j48LNsh6SlE5LwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFdg
zey6miyJfDYhuPqEa7No8WwWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OUQ4OENFNkNEMzYxMUVGQkEyRkE3N0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPM3MA0GCSqGSIb3DQEBCwUA
A4IBAQC0L6TG10flWpxGp7t/0QaxyDSFRGcCuv989+S8aaJPmq3+lG7XqkxDeNhV
afVd3tgVbecsB7OjT7JvDtkPjpg7oQz4q2wTofZCLXPbYKD01Jx/5NI8Yx54ij6a
VRPCgU1wKiNkheodfdilb0+1rLUxOj8UyVd+Bo5zYCXT5p9dhDae+tZ4nSYMcUM5
nRYA8XZc6uqnS9Ux9fUYDOjhbQ9c2IreLL+moo4gEEDG7lwGhEhsUm3Jpaji/blM
s7LDOgD5zPdOO716ae2IpRvFxMX1CKVSbvr4DeTKI0xKuSLWGOsLlMa+4jGWZgBP
ujAurtVwMiVJB22zGTITDSDfoP/E
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:39 2025 by rpki-client