Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6C57837CCDAF11EF82C95691762E951A.roa
File: 6C57837CCDAF11EF82C95691762E951A.roa (raw, json)
Hash identifier: 3MdpSyCNjFs7THghf5EDU8enkL/fUWLI+3L5s8SuCJo=
Subject key identifier: DC:93:58:17:88:B8:FA:9C:83:C3:7C:65:C0:BA:17:A4:A3:BD:E1:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010173
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6C57837CCDAF11EF82C95691762E951A.roa
Signing time: Wed 08 Jan 2025 10:57:59 +0000
ROA not before: Wed 08 Jan 2025 10:57:56 +0000
ROA not after: Mon 13 Dec 2027 10:57:56 +0000
asID: 17561
IP address blocks: 156.255.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65907 (0x10173)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:57:56 2025 GMT
Not After : Dec 13 10:57:56 2027 GMT
Subject: CN=677e5a37-0f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:94:36:82:0c:cd:00:e8:1b:95:54:dc:0c:90:
61:00:43:38:0d:fc:05:58:3a:07:ed:92:fe:19:e3:
43:5e:9b:9d:d3:4e:2c:39:3f:e4:cd:a4:42:c7:7f:
64:1a:dc:07:38:56:25:95:18:a4:71:d6:0a:0e:b6:
b4:0e:b4:cd:42:26:5a:99:d3:43:e4:f5:d7:41:ae:
eb:80:d4:71:9d:dd:24:80:10:9e:73:1c:a3:56:e1:
5d:b4:15:90:cd:8d:f0:91:18:68:0c:df:3c:09:a3:
e7:b7:ea:c2:aa:08:f5:52:f0:61:af:b5:1a:2a:77:
d1:a5:63:be:e5:e7:b3:09:cb:96:08:c0:50:b2:4f:
a4:04:2a:ba:88:b2:26:74:e1:ae:27:b1:37:5d:7b:
c6:46:ab:f3:49:b8:9d:86:04:4d:8b:1c:31:ae:e9:
bb:4d:62:76:c6:3f:b0:a5:46:1b:58:5a:00:95:e8:
a9:3e:d6:b2:f8:d3:56:dc:bb:5c:03:8f:74:23:1c:
eb:2e:e6:11:27:d1:c2:92:50:42:a3:79:0d:30:b9:
f0:c7:62:1e:70:79:88:7f:ed:9b:ce:35:c3:2f:6b:
41:a0:30:be:cb:2d:5f:ad:7f:ff:68:e3:32:df:c6:
52:2f:dc:94:b4:3d:72:41:de:cb:41:b4:a2:ef:35:
4c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:93:58:17:88:B8:FA:9C:83:C3:7C:65:C0:BA:17:A4:A3:BD:E1:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6C57837CCDAF11EF82C95691762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.61.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:40:ec:33:b7:ec:51:a5:32:04:63:35:95:1f:d2:81:26:f0:
e4:38:cc:94:d4:58:68:38:ec:1e:b4:a5:5f:9c:03:d5:8c:26:
70:28:83:a2:bd:ab:aa:9e:59:3d:87:81:f3:92:ad:b7:07:82:
56:bb:bc:b1:66:32:38:31:0d:a8:b3:6f:d2:46:bd:de:9c:f5:
26:65:3a:10:a0:93:71:b9:0d:3d:41:62:80:f4:fa:ac:c7:a7:
b0:be:1d:c2:ed:a1:43:d8:da:ab:70:46:5d:a8:d5:85:c3:f9:
f2:c4:ad:47:ed:e8:9d:2b:3b:cc:08:07:d3:6d:11:1d:38:70:
66:e6:59:05:5e:aa:66:4a:ad:73:de:29:6a:ff:64:a8:e0:6d:
6d:58:dc:35:24:ea:3b:3a:5e:9d:bf:5c:bc:03:fa:ce:5a:98:
a4:d0:71:e2:f1:84:98:bd:43:4a:76:69:86:93:28:93:41:3d:
6a:66:8e:02:1a:e9:55:18:ab:2e:e5:87:4d:77:8a:79:46:d9:
bb:50:e8:f6:a8:3b:94:31:f6:cf:cd:ce:87:41:dc:3f:9a:73:
ea:80:bf:b9:33:43:24:ed:a9:ad:a7:bc:2b:2b:47:d2:9b:4c:
22:2f:0f:9a:d8:4c:4b:9e:fe:1d:18:bd:92:13:1e:9e:6d:5a:
2c:50:66:59
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTA1NzU2WhcNMjcxMjEzMTA1NzU2WjAYMRYw
FAYDVQQDEw02NzdlNWEzNy0wZjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuZQ2ggzNAOgblVTcDJBhAEM4DfwFWDoH7ZL+GeNDXpud004sOT/kzaRC
x39kGtwHOFYllRikcdYKDra0DrTNQiZamdND5PXXQa7rgNRxnd0kgBCecxyjVuFd
tBWQzY3wkRhoDN88CaPnt+rCqgj1UvBhr7UaKnfRpWO+5eezCcuWCMBQsk+kBCq6
iLImdOGuJ7E3XXvGRqvzSbidhgRNixwxrum7TWJ2xj+wpUYbWFoAleipPtay+NNW
3LtcA490IxzrLuYRJ9HCklBCo3kNMLnwx2IecHmIf+2bzjXDL2tBoDC+yy1frX//
aOMy38ZSL9yUtD1yQd7LQbSi7zVMhwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNyT
WBeIuPqcg8N8ZcC6F6SjveHrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82QzU3ODM3Q0NEQUYxMUVGODJDOTU2OTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP89MA0GCSqGSIb3DQEBCwUA
A4IBAQCdQOwzt+xRpTIEYzWVH9KBJvDkOMyU1FhoOOwetKVfnAPVjCZwKIOivauq
nlk9h4Hzkq23B4JWu7yxZjI4MQ2os2/SRr3enPUmZToQoJNxuQ09QWKA9Pqsx6ew
vh3C7aFD2NqrcEZdqNWFw/nyxK1H7eidKzvMCAfTbREdOHBm5lkFXqpmSq1z3ilq
/2So4G1tWNw1JOo7Ol6dv1y8A/rOWpik0HHi8YSYvUNKdmmGkyiTQT1qZo4CGulV
GKsu5YdNd4p5Rtm7UOj2qDuUMfbPzc6HQdw/mnPqgL+5M0Mk7amtp7wrK0fSm0wi
Lw+a2ExLnv4dGL2SEx6ebVosUGZZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:50 2025 by rpki-client