Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6A29DF06CC9B11EFA9CE54A1762E951A.roa
File: 6A29DF06CC9B11EFA9CE54A1762E951A.roa (raw, json)
Hash identifier: Yg5Hf8dcxMLZ8UpqhsJMXfs13P9om6iIBG6hapRosRU=
Subject key identifier: 66:B2:F6:E3:56:14:D8:1D:23:17:A9:73:93:BA:32:AF:C1:46:A6:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F966
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6A29DF06CC9B11EFA9CE54A1762E951A.roa
Signing time: Tue 07 Jan 2025 02:02:15 +0000
ROA not before: Tue 07 Jan 2025 02:02:11 +0000
ROA not after: Mon 13 Dec 2027 02:02:11 +0000
asID: 17561
IP address blocks: 156.227.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63846 (0xf966)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:02:11 2025 GMT
Not After : Dec 13 02:02:11 2027 GMT
Subject: CN=677c8b26-2167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:67:54:95:6f:dd:61:95:21:44:a8:fd:f6:f5:
9d:35:65:d6:0f:c7:93:74:b7:0c:48:a4:c2:b0:db:
11:0c:67:86:f3:0a:d2:19:05:7d:83:cd:6c:4a:59:
84:27:eb:e2:7e:89:31:76:c8:79:44:be:08:97:fc:
9f:8e:62:c2:3e:8a:71:4b:fa:0d:99:b8:ef:a6:9c:
34:71:fd:b8:c8:a7:a5:e8:55:4d:0e:18:e7:64:11:
18:0b:05:c1:a2:c0:84:d4:46:3c:96:3f:a3:63:8b:
92:af:27:0d:a9:99:8f:7b:4e:0d:ac:49:90:da:66:
99:30:4d:3a:95:c9:04:09:de:76:c5:6c:60:da:38:
a7:13:e1:cb:a9:e5:90:cd:6f:55:20:9b:6f:0c:50:
10:0c:08:f6:c4:15:ce:ae:c6:88:22:36:40:09:54:
cd:a0:3d:97:d2:aa:7c:72:0c:c1:8d:4a:26:79:0e:
cc:ef:44:50:76:6c:03:a0:19:d1:e0:7d:7d:f3:ca:
3c:db:fd:98:96:29:95:32:56:1c:2a:0e:d2:72:94:
a4:ac:66:49:e1:07:f1:01:74:da:16:0b:96:d1:f5:
28:91:43:28:b7:77:85:0b:9a:e3:6e:16:d4:ad:d3:
cb:91:83:f5:4c:bd:7f:b3:98:05:91:b1:b1:67:6d:
95:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B2:F6:E3:56:14:D8:1D:23:17:A9:73:93:BA:32:AF:C1:46:A6:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6A29DF06CC9B11EFA9CE54A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.105.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:c7:a1:8c:15:d2:36:03:fa:6c:b9:95:41:6c:71:ed:02:23:
c3:51:7f:0c:8d:ad:34:7c:2a:ab:79:90:31:44:88:4a:e2:ac:
90:9d:86:65:f9:6a:db:d3:cd:94:fe:91:71:5a:98:f9:f9:ba:
19:9a:43:15:28:dc:ee:2d:5c:13:9f:6e:3c:8c:5d:de:62:b4:
37:b4:71:8e:66:da:ba:08:d9:61:a3:34:cc:9d:f5:25:36:19:
73:eb:c7:06:a8:f2:26:21:cd:30:54:3c:c4:52:a8:d1:57:47:
cf:34:b0:99:43:1c:37:cf:06:83:9f:f0:1b:32:d5:8b:79:b8:
12:fa:4b:58:42:12:ff:76:9e:79:c9:40:c5:f5:f8:71:e0:df:
6e:b6:5b:33:5a:1c:cc:8e:a4:2a:88:aa:54:b9:74:cc:89:39:
3c:36:ca:96:b3:4f:3c:4c:e5:00:22:2c:8d:52:24:bd:0d:c0:
f0:c4:a5:bc:11:ea:ed:5c:28:0c:5a:e5:97:b1:5b:fe:b9:53:
93:9b:ea:91:bd:29:cb:1f:aa:04:21:22:1d:d4:6d:f1:58:71:
b1:0c:68:9a:e7:84:4e:df:4f:31:2a:fe:4e:be:96:35:06:72:
32:03:41:f6:e9:92:13:ff:c7:da:cc:8c:e8:8a:d8:ca:f6:5e:
d1:16:6b:26
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPlmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDIwMjExWhcNMjcxMjEzMDIwMjExWjAYMRYw
FAYDVQQDEw02NzdjOGIyNi0yMTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx2dUlW/dYZUhRKj99vWdNWXWD8eTdLcMSKTCsNsRDGeG8wrSGQV9g81s
SlmEJ+vifokxdsh5RL4Il/yfjmLCPopxS/oNmbjvppw0cf24yKel6FVNDhjnZBEY
CwXBosCE1EY8lj+jY4uSrycNqZmPe04NrEmQ2maZME06lckECd52xWxg2jinE+HL
qeWQzW9VIJtvDFAQDAj2xBXOrsaIIjZACVTNoD2X0qp8cgzBjUomeQ7M70RQdmwD
oBnR4H1988o82/2YlimVMlYcKg7ScpSkrGZJ4QfxAXTaFguW0fUokUMot3eFC5rj
bhbUrdPLkYP1TL1/s5gFkbGxZ22VEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGay
9uNWFNgdIxepc5O6Mq/BRqZnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82QTI5REYwNkNDOUIxMUVGQTlDRTU0QTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONpMA0GCSqGSIb3DQEBCwUA
A4IBAQAKx6GMFdI2A/psuZVBbHHtAiPDUX8Mja00fCqreZAxRIhK4qyQnYZl+Wrb
082U/pFxWpj5+boZmkMVKNzuLVwTn248jF3eYrQ3tHGOZtq6CNlhozTMnfUlNhlz
68cGqPImIc0wVDzEUqjRV0fPNLCZQxw3zwaDn/AbMtWLebgS+ktYQhL/dp55yUDF
9fhx4N9utlszWhzMjqQqiKpUuXTMiTk8NsqWs088TOUAIiyNUiS9DcDwxKW8Eert
XCgMWuWXsVv+uVOTm+qRvSnLH6oEISId1G3xWHGxDGia54RO308xKv5OvpY1BnIy
A0H26ZIT/8fazIzoitjK9l7RFmsm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:00 2025 by rpki-client