Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6B957B9ECD4E11EFAC348896762E951A.roa
File: 6B957B9ECD4E11EFAC348896762E951A.roa (raw, json)
Hash identifier: 2gl1nN6wlMQYS+ntoKW1BIyhVTtes3s55BTw7coCeXk=
Subject key identifier: B6:03:B3:14:3B:71:A7:9D:36:43:75:8D:2E:D8:80:FD:23:8D:66:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FED9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6B957B9ECD4E11EFAC348896762E951A.roa
Signing time: Tue 07 Jan 2025 23:23:37 +0000
ROA not before: Tue 07 Jan 2025 23:23:33 +0000
ROA not after: Mon 13 Dec 2027 23:23:33 +0000
asID: 17561
IP address blocks: 156.247.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65241 (0xfed9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 23:23:33 2025 GMT
Not After : Dec 13 23:23:33 2027 GMT
Subject: CN=677db779-a2ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8a:c5:9d:6c:26:fa:ae:7a:4f:1e:a9:d6:ab:
75:48:c9:ef:5a:52:5e:be:1b:98:5f:29:d9:7f:a4:
b3:84:0a:81:75:a0:6e:5e:ff:57:82:03:09:28:f9:
11:e5:85:ea:03:9b:77:0e:17:01:c6:ba:3f:6a:26:
b0:9e:df:ad:c6:92:51:e3:ee:45:f8:0e:ae:14:73:
bb:65:8e:5a:fb:0d:1a:2c:9d:a4:f3:38:cb:de:2f:
41:4a:fd:9a:ad:16:18:bf:fd:37:9f:7a:ec:e2:78:
3d:12:5e:54:63:73:5d:8d:c9:fa:2e:d3:2e:cb:ce:
aa:ce:8e:7c:a1:09:d2:ec:70:d4:28:ca:a3:5b:72:
24:5a:7a:91:a4:b5:bc:ec:db:48:47:9a:4e:8e:3a:
b2:1f:12:59:9b:65:03:38:cb:b3:c7:7d:9c:f7:0e:
09:79:14:b4:d9:28:c5:cc:55:30:bf:30:18:10:78:
d1:f0:4f:54:27:5c:fe:bd:77:5d:ea:98:f8:8d:96:
ce:dd:8d:1a:c3:2b:2d:51:a4:e3:bc:71:6f:24:18:
81:9e:07:5f:7f:85:1c:d2:26:ba:c8:79:9c:fe:03:
ec:6f:0b:a4:72:96:11:02:b2:4a:e1:8c:96:65:10:
6d:fe:fe:4b:99:9a:ef:36:cd:61:06:cc:f4:c9:e7:
f5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:03:B3:14:3B:71:A7:9D:36:43:75:8D:2E:D8:80:FD:23:8D:66:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6B957B9ECD4E11EFAC348896762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.20.0/24
Signature Algorithm: sha256WithRSAEncryption
35:da:6c:4a:2f:09:db:af:ce:66:db:6a:14:4a:49:00:53:4e:
81:93:bc:85:f9:9c:a7:cc:79:9d:47:c1:4a:95:4b:5d:ce:9c:
d5:3c:c8:c7:99:cd:41:99:ee:a3:18:b8:3b:b8:ee:51:e1:90:
d5:c3:80:b8:6f:3d:17:c1:71:bb:46:10:b8:88:d2:87:8e:37:
9b:c7:01:14:4a:a9:28:0b:18:8f:f9:77:83:11:fa:f2:4b:98:
bd:fd:45:2a:62:93:b1:19:45:0c:3f:4f:1f:8a:aa:74:b9:7a:
e8:8f:b8:01:58:00:b5:e7:e8:5f:aa:7a:de:9f:0c:7a:b2:a4:
b5:30:03:33:0e:04:aa:69:96:8f:b6:52:db:dd:f3:ce:a5:cf:
46:ef:a3:c7:df:c3:65:3e:f6:0a:95:57:f5:00:85:1f:fa:02:
94:73:c6:1d:bd:14:8e:67:0e:ea:88:7e:c0:ed:e3:0b:2f:0d:
df:35:72:c9:ee:11:99:0e:02:6a:db:22:b4:a4:8b:60:88:ef:
aa:6a:f2:5d:2b:8e:dd:03:25:97:7e:a3:33:2a:23:99:3f:6c:
83:2c:7f:63:af:e8:f9:be:1f:31:69:c7:8c:de:86:71:c4:bc:
b1:b9:3d:1c:59:47:f9:1b:25:e8:e1:77:18:52:a9:43:94:32:
b4:e3:ea:64
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP7ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjMyMzMzWhcNMjcxMjEzMjMyMzMzWjAYMRYw
FAYDVQQDEw02NzdkYjc3OS1hMmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq4rFnWwm+q56Tx6p1qt1SMnvWlJevhuYXynZf6SzhAqBdaBuXv9XggMJ
KPkR5YXqA5t3DhcBxro/aiawnt+txpJR4+5F+A6uFHO7ZY5a+w0aLJ2k8zjL3i9B
Sv2arRYYv/03n3rs4ng9El5UY3Ndjcn6LtMuy86qzo58oQnS7HDUKMqjW3IkWnqR
pLW87NtIR5pOjjqyHxJZm2UDOMuzx32c9w4JeRS02SjFzFUwvzAYEHjR8E9UJ1z+
vXdd6pj4jZbO3Y0awystUaTjvHFvJBiBngdff4Uc0ia6yHmc/gPsbwukcpYRArJK
4YyWZRBt/v5LmZrvNs1hBsz0yef1PwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLYD
sxQ7caedNkN1jS7YgP0jjWYqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82Qjk1N0I5RUNENEUxMUVGQUMzNDg4OTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcUMA0GCSqGSIb3DQEBCwUA
A4IBAQA12mxKLwnbr85m22oUSkkAU06Bk7yF+ZynzHmdR8FKlUtdzpzVPMjHmc1B
me6jGLg7uO5R4ZDVw4C4bz0XwXG7RhC4iNKHjjebxwEUSqkoCxiP+XeDEfryS5i9
/UUqYpOxGUUMP08fiqp0uXroj7gBWAC15+hfqnrenwx6sqS1MAMzDgSqaZaPtlLb
3fPOpc9G76PH38NlPvYKlVf1AIUf+gKUc8YdvRSOZw7qiH7A7eMLLw3fNXLJ7hGZ
DgJq2yK0pItgiO+qavJdK47dAyWXfqMzKiOZP2yDLH9jr+j5vh8xaceM3oZxxLyx
uT0cWUf5GyXo4XcYUqlDlDK04+pk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:43 2025 by rpki-client