Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6F61D88ECD8111EFAA13DB6E762E951A.roa
File: 6F61D88ECD8111EFAA13DB6E762E951A.roa (raw, json)
Hash identifier: i/0vc0j71DRx7DErPfnsvz8yOjIHwK4PW47uP/JZWUY=
Subject key identifier: 4D:B7:86:5D:24:37:72:AE:06:70:E7:E6:CD:84:84:EF:CD:34:F6:68
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010007
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6F61D88ECD8111EFAA13DB6E762E951A.roa
Signing time: Wed 08 Jan 2025 05:28:47 +0000
ROA not before: Wed 08 Jan 2025 05:28:44 +0000
ROA not after: Mon 13 Dec 2027 05:28:44 +0000
asID: 17561
IP address blocks: 156.252.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65543 (0x10007)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:28:44 2025 GMT
Not After : Dec 13 05:28:44 2027 GMT
Subject: CN=677e0d0f-4466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:69:1b:cf:88:d7:91:e0:e9:8a:a9:bd:dd:22:
7c:45:10:64:4d:5b:85:6a:56:97:31:61:51:2c:7a:
dd:a0:2b:44:08:2e:11:03:2c:46:cc:84:92:90:ce:
88:de:d0:c6:24:db:c4:94:df:44:5d:91:71:de:10:
5c:71:b1:44:10:58:f3:5b:23:5b:6e:ba:27:ca:05:
77:20:1b:e7:66:01:97:0b:63:ed:c0:ae:3d:ed:da:
09:a3:58:a1:5d:e5:c2:f4:30:17:d2:b4:ad:38:21:
9c:21:92:c1:27:35:1a:c2:55:db:b7:a2:fa:a3:b3:
ea:f6:aa:78:48:f3:29:2b:9a:2d:0c:de:b7:09:b5:
76:c2:8f:97:39:30:67:6d:38:9a:58:02:ca:60:ca:
12:55:60:a1:33:07:a6:88:df:b7:ba:74:0a:79:b1:
e7:69:85:59:27:e5:4f:84:c3:d2:eb:2d:1a:e6:72:
8d:a2:50:99:72:a7:52:52:01:13:e2:e2:7a:bf:84:
d6:0c:c1:57:c1:c5:dc:20:1a:63:42:8a:d3:97:ed:
47:13:1d:3e:6d:e4:26:ba:c6:cb:fb:19:17:a3:e2:
3b:fc:86:a3:11:3a:1b:0b:2e:2b:f3:8d:56:46:5a:
2a:1f:7d:9f:ed:c8:0b:69:28:09:b2:81:28:bb:60:
49:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B7:86:5D:24:37:72:AE:06:70:E7:E6:CD:84:84:EF:CD:34:F6:68
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6F61D88ECD8111EFAA13DB6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.5.0/24
Signature Algorithm: sha256WithRSAEncryption
96:d8:c9:9b:a5:17:d3:66:52:7b:00:5e:e1:3e:d4:58:1f:03:
08:22:eb:6e:48:c4:5e:9d:7c:f3:24:f6:d7:0e:74:f1:84:fd:
e7:8b:e6:24:57:e2:a0:38:0c:cf:2a:e8:c9:c9:eb:56:9a:5b:
61:17:47:b3:a5:5e:f2:ce:c8:74:27:ca:88:b9:d8:59:51:1c:
a9:fa:35:ea:ce:9a:83:62:c0:74:40:5d:26:d7:d1:72:e2:2c:
fa:a7:3a:9a:bd:8d:b3:9f:ea:57:c7:1f:e6:43:c5:bc:23:98:
3e:cd:a0:8d:88:54:5d:5b:83:4a:e8:64:13:84:cd:7d:f6:18:
3d:59:be:60:b7:45:f3:9a:a0:40:fd:7e:c1:33:6a:7a:55:2f:
8a:c4:59:59:49:8e:6d:11:8b:13:87:6d:75:b8:f7:de:56:84:
73:76:b8:30:12:fb:fe:b4:0f:d1:54:17:ca:92:87:d6:bf:37:
91:e7:99:83:db:38:4b:f1:3a:24:3f:e6:f8:44:dc:b7:dc:c3:
5d:3e:7c:18:19:06:d7:c4:b4:cc:30:b9:99:37:8c:67:2e:15:
d7:bf:25:b3:24:7a:4c:8d:aa:df:ab:13:d6:8f:8a:9c:b5:b7:
e0:71:42:11:b8:64:65:25:7b:7e:76:f0:de:46:21:b1:38:44:
78:17:cd:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQAHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDUyODQ0WhcNMjcxMjEzMDUyODQ0WjAYMRYw
FAYDVQQDEw02NzdlMGQwZi00NDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4mkbz4jXkeDpiqm93SJ8RRBkTVuFalaXMWFRLHrdoCtECC4RAyxGzISS
kM6I3tDGJNvElN9EXZFx3hBccbFEEFjzWyNbbronygV3IBvnZgGXC2PtwK497doJ
o1ihXeXC9DAX0rStOCGcIZLBJzUawlXbt6L6o7Pq9qp4SPMpK5otDN63CbV2wo+X
OTBnbTiaWALKYMoSVWChMwemiN+3unQKebHnaYVZJ+VPhMPS6y0a5nKNolCZcqdS
UgET4uJ6v4TWDMFXwcXcIBpjQorTl+1HEx0+beQmusbL+xkXo+I7/IajETobCy4r
841WRloqH32f7cgLaSgJsoEou2BJNwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE23
hl0kN3KuBnDn5s2EhO/NNPZoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RjYxRDg4RUNEODExMUVGQUExM0RCNkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwFMA0GCSqGSIb3DQEBCwUA
A4IBAQCW2MmbpRfTZlJ7AF7hPtRYHwMIIutuSMRenXzzJPbXDnTxhP3ni+YkV+Kg
OAzPKujJyetWmlthF0ezpV7yzsh0J8qIudhZURyp+jXqzpqDYsB0QF0m19Fy4iz6
pzqavY2zn+pXxx/mQ8W8I5g+zaCNiFRdW4NK6GQThM199hg9Wb5gt0XzmqBA/X7B
M2p6VS+KxFlZSY5tEYsTh211uPfeVoRzdrgwEvv+tA/RVBfKkofWvzeR55mD2zhL
8TokP+b4RNy33MNdPnwYGQbXxLTMMLmZN4xnLhXXvyWzJHpMjarfqxPWj4qctbfg
cUIRuGRlJXt+dvDeRiGxOER4F80G
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:24 2025 by rpki-client