Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6F2E5430CDB011EFAC27D797762E951A.roa
File: 6F2E5430CDB011EFAC27D797762E951A.roa (raw, json)
Hash identifier: tybZtEHrLN93FKiZf4B93SZb46cuoyO2fKsG5FLQE64=
Subject key identifier: 32:9C:27:E9:ED:B8:F5:C1:B9:B1:C2:F4:D1:7A:46:92:A4:C5:64:6A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01017B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6F2E5430CDB011EFAC27D797762E951A.roa
Signing time: Wed 08 Jan 2025 11:05:13 +0000
ROA not before: Wed 08 Jan 2025 11:05:10 +0000
ROA not after: Mon 13 Dec 2027 11:05:10 +0000
asID: 17561
IP address blocks: 156.255.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65915 (0x1017b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 11:05:10 2025 GMT
Not After : Dec 13 11:05:10 2027 GMT
Subject: CN=677e5be9-1c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cf:a0:6a:58:6e:e5:8a:b2:b5:70:04:cf:2f:
c5:6d:3b:5c:19:bf:1a:0e:2c:ea:3d:ae:7b:1f:75:
40:95:84:20:cc:df:8f:21:48:5d:d1:fb:a7:81:bf:
78:d5:61:3c:ed:77:2f:4a:63:c9:6d:23:0b:ce:1a:
33:91:d0:89:e2:52:d3:90:ff:12:23:79:cf:98:cf:
05:83:e1:31:a6:96:89:d7:5e:48:f2:51:ce:20:00:
70:2f:63:7c:7e:f0:a0:c8:21:ef:4e:7b:43:15:3b:
d9:84:3b:90:b2:38:46:45:f9:23:c8:99:35:f7:33:
24:6c:16:49:b0:55:65:11:f6:dd:a3:42:31:24:8b:
27:3b:5a:eb:99:27:bb:0c:8f:b4:d7:4d:cb:92:81:
fd:56:d2:cc:04:c3:c0:6e:e3:a2:a4:c0:b5:bb:a5:
3c:7f:16:8a:ff:fd:a3:59:7c:59:0d:2d:77:3c:18:
3a:a1:6e:14:f1:fb:fe:86:cc:86:bb:f4:f7:7d:f7:
00:bd:3c:4b:8c:6f:3f:2d:38:40:74:ad:dc:79:00:
d8:05:61:dd:a2:f3:9b:c8:cb:fb:ed:df:77:8a:88:
e0:5a:2b:f7:40:72:d1:5c:05:20:80:18:df:6d:23:
5f:0a:16:f9:5d:d9:b1:e8:02:74:ee:41:fc:21:34:
f6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:9C:27:E9:ED:B8:F5:C1:B9:B1:C2:F4:D1:7A:46:92:A4:C5:64:6A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6F2E5430CDB011EFAC27D797762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.73.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:80:94:87:a5:11:39:85:3c:60:98:8a:27:d9:11:01:4c:32:
fe:cf:45:57:71:7f:56:29:4c:75:fe:3c:e2:64:fd:1d:9e:44:
47:96:ff:cc:39:66:c4:a2:83:f5:3d:22:3f:e6:ac:54:1c:ad:
57:db:52:59:cd:a3:56:0a:19:6e:66:a5:4c:3f:07:e2:f5:ff:
2b:b1:51:48:ea:e8:86:a9:5d:3d:3e:9b:2a:9e:0a:78:af:87:
f5:28:f4:35:68:f9:70:20:62:f7:4d:5d:37:1b:4b:15:64:5f:
34:de:44:6f:8a:53:f6:8c:13:45:a4:ae:30:9c:e1:fa:9a:2d:
47:9c:77:55:5a:00:2c:1d:2c:26:bc:5a:9b:e6:d7:05:d8:55:
8c:d1:0c:54:f7:01:21:99:e4:74:ae:c6:f0:9b:5a:9b:00:16:
14:26:55:07:1d:da:9f:ae:03:24:7f:eb:43:56:4f:79:58:c3:
56:92:68:a2:87:d9:bb:fa:5c:65:3a:6b:35:9c:81:f2:9d:ab:
68:70:7a:47:a5:69:ee:36:d5:6d:07:d2:ea:d6:b7:c0:de:27:
bd:10:ad:67:2a:c1:0a:3f:bd:01:79:94:28:03:09:54:1e:b3:
60:cd:79:99:97:f7:0e:61:a4:e5:33:d5:e6:75:c5:c3:0b:68:
8c:df:7b:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQF7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTEwNTEwWhcNMjcxMjEzMTEwNTEwWjAYMRYw
FAYDVQQDEw02NzdlNWJlOS0xYzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAts+galhu5YqytXAEzy/FbTtcGb8aDizqPa57H3VAlYQgzN+PIUhd0fun
gb941WE87XcvSmPJbSMLzhozkdCJ4lLTkP8SI3nPmM8Fg+ExppaJ115I8lHOIABw
L2N8fvCgyCHvTntDFTvZhDuQsjhGRfkjyJk19zMkbBZJsFVlEfbdo0IxJIsnO1rr
mSe7DI+0103LkoH9VtLMBMPAbuOipMC1u6U8fxaK//2jWXxZDS13PBg6oW4U8fv+
hsyGu/T3ffcAvTxLjG8/LThAdK3ceQDYBWHdovObyMv77d93iojgWiv3QHLRXAUg
gBjfbSNfChb5Xdmx6AJ07kH8ITT2awIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDKc
J+ntuPXBubHC9NF6RpKkxWRqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RjJFNTQzMENEQjAxMUVGQUMyN0Q3OTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP9JMA0GCSqGSIb3DQEBCwUA
A4IBAQArgJSHpRE5hTxgmIon2REBTDL+z0VXcX9WKUx1/jziZP0dnkRHlv/MOWbE
ooP1PSI/5qxUHK1X21JZzaNWChluZqVMPwfi9f8rsVFI6uiGqV09Ppsqngp4r4f1
KPQ1aPlwIGL3TV03G0sVZF803kRvilP2jBNFpK4wnOH6mi1HnHdVWgAsHSwmvFqb
5tcF2FWM0QxU9wEhmeR0rsbwm1qbABYUJlUHHdqfrgMkf+tDVk95WMNWkmiih9m7
+lxlOms1nIHynatocHpHpWnuNtVtB9Lq1rfA3ie9EK1nKsEKP70BeZQoAwlUHrNg
zXmZl/cOYaTlM9XmdcXDC2iM33s5
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:03 2025 by rpki-client