Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6D0EC742CCC111EF8D39279D762E951A.roa
File: 6D0EC742CCC111EF8D39279D762E951A.roa (raw, json)
Hash identifier: ahxu/Z7V97SggAKt+B8xxhxDFYbVWQh0KZHEabijzc4=
Subject key identifier: A2:5F:EC:55:DE:CF:9F:FC:8E:F9:BC:AD:1A:DB:84:27:41:A3:D0:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA28
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6D0EC742CCC111EF8D39279D762E951A.roa
Signing time: Tue 07 Jan 2025 06:34:20 +0000
ROA not before: Tue 07 Jan 2025 06:34:17 +0000
ROA not after: Sat 13 Dec 2025 06:34:17 +0000
asID: 984
IP address blocks: 156.233.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64040 (0xfa28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 06:34:17 2025 GMT
Not After : Dec 13 06:34:17 2025 GMT
Subject: CN=677ccaec-136b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:51:8c:70:6b:7a:4b:c0:e2:c9:02:e2:62:e5:
3e:44:b3:5d:01:78:52:e0:92:cd:13:a7:90:90:da:
9d:b6:ce:2c:24:d4:ef:01:77:8a:a6:2e:7f:b8:ab:
a7:82:47:9e:fa:25:b5:7e:da:e7:4d:7f:1f:81:2e:
91:bf:53:f6:c3:c9:99:e2:e1:45:81:0a:8c:d7:1f:
65:e1:15:ea:62:f5:9d:c6:44:e7:6c:0e:48:ca:94:
6b:42:d2:8e:5c:cb:2a:91:7b:f9:57:67:0b:27:f7:
a6:5a:0e:48:1a:1f:67:93:14:47:7a:00:70:0d:e4:
9d:c8:b3:83:2e:68:07:e7:f9:e2:e8:79:f3:97:3e:
d0:28:72:56:fb:b0:f1:1d:6d:bd:41:04:96:43:76:
fe:82:50:06:6f:d9:38:a2:a0:06:ba:de:34:d4:4f:
45:cf:9b:4e:9b:ed:6e:a2:e4:f0:58:8b:6f:1e:25:
d6:42:c8:0e:57:83:a1:23:02:c9:18:f3:74:05:92:
6a:44:50:20:e5:08:27:c7:37:93:e0:14:c1:d6:02:
c7:f6:d5:81:1b:f9:b8:cc:5e:91:e2:99:8f:e4:9a:
8f:1d:9b:1e:9d:7a:58:35:06:2a:93:8b:37:09:5a:
51:d5:f2:c4:e5:3b:65:28:ee:f1:e7:b6:4c:0a:10:
6f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:5F:EC:55:DE:CF:9F:FC:8E:F9:BC:AD:1A:DB:84:27:41:A3:D0:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6D0EC742CCC111EF8D39279D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.42.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e6:69:2c:19:ac:1c:a6:51:42:9e:29:a5:81:b4:9f:b3:bf:
56:58:f6:0c:3d:d5:0f:d9:31:3f:f6:ac:d4:b6:23:0c:62:f8:
52:5a:f8:73:e8:43:b5:3d:21:0b:0d:5b:34:31:0f:7d:3b:fa:
b0:56:7f:ff:a2:b0:e3:94:2c:41:3c:2c:b3:2f:53:39:c0:4e:
f6:c6:6e:78:22:4a:90:78:15:fa:8a:2a:1e:9e:a9:9a:35:dd:
d3:59:34:d7:2f:b0:2c:a1:b6:d1:7f:23:7f:1d:50:19:29:98:
5d:4f:f0:02:2f:3d:93:30:3c:33:13:b8:14:ef:f1:35:43:21:
94:68:11:47:88:07:00:fb:d4:65:cb:e7:b1:9e:25:e7:83:8c:
70:da:be:43:e4:02:4d:cf:44:6e:ef:2a:5c:f4:6d:04:26:bb:
01:f4:c4:7c:ca:51:6f:24:e9:c0:e4:96:da:e9:78:5a:a7:1b:
d9:d7:31:0b:4e:e7:fc:51:f6:ef:2f:14:a1:9e:20:82:9b:6f:
fd:c6:bc:73:ce:9c:95:51:d4:aa:b7:a6:33:71:2e:09:62:39:
a4:82:e6:e7:fa:d3:fa:b8:e8:ba:f8:c1:72:1c:c1:35:cd:d5:
e7:08:67:5e:fd:25:28:de:31:c2:77:95:6b:bf:9c:7b:1e:18:
61:db:7f:a7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPooMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDYzNDE3WhcNMjUxMjEzMDYzNDE3WjAYMRYw
FAYDVQQDEw02NzdjY2FlYy0xMzZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnlGMcGt6S8DiyQLiYuU+RLNdAXhS4JLNE6eQkNqdts4sJNTvAXeKpi5/
uKungkee+iW1ftrnTX8fgS6Rv1P2w8mZ4uFFgQqM1x9l4RXqYvWdxkTnbA5IypRr
QtKOXMsqkXv5V2cLJ/emWg5IGh9nkxRHegBwDeSdyLODLmgH5/ni6Hnzlz7QKHJW
+7DxHW29QQSWQ3b+glAGb9k4oqAGut401E9Fz5tOm+1uouTwWItvHiXWQsgOV4Oh
IwLJGPN0BZJqRFAg5QgnxzeT4BTB1gLH9tWBG/m4zF6R4pmP5JqPHZsenXpYNQYq
k4s3CVpR1fLE5TtlKO7x57ZMChBvawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKJf
7FXez5/8jvm8rRrbhCdBo9AwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RDBFQzc0MkNDQzExMUVGOEQzOTI3OUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkqMA0GCSqGSIb3DQEBCwUA
A4IBAQAS5mksGawcplFCnimlgbSfs79WWPYMPdUP2TE/9qzUtiMMYvhSWvhz6EO1
PSELDVs0MQ99O/qwVn//orDjlCxBPCyzL1M5wE72xm54IkqQeBX6iioenqmaNd3T
WTTXL7AsobbRfyN/HVAZKZhdT/ACLz2TMDwzE7gU7/E1QyGUaBFHiAcA+9Rly+ex
niXng4xw2r5D5AJNz0Ru7ypc9G0EJrsB9MR8ylFvJOnA5Jba6XhapxvZ1zELTuf8
UfbvLxShniCCm2/9xrxzzpyVUdSqt6YzcS4JYjmkgubn+tP6uOi6+MFyHME1zdXn
CGde/SUo3jHCd5Vrv5x7Hhhh23+n
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:31 2025 by rpki-client