Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7104E388D31311EF8BB2C344762E951A.roa
File: 7104E388D31311EF8BB2C344762E951A.roa (raw, json)
Hash identifier: wmrjv+RFOmNvZywhww80cnB3G7vaaKKOJjBOpZNYQBg=
Subject key identifier: 25:06:00:9E:B4:27:44:64:CF:14:8B:35:0C:F9:FF:4E:D8:47:AE:FC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01085B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7104E388D31311EF8BB2C344762E951A.roa
Signing time: Wed 15 Jan 2025 07:36:33 +0000
ROA not before: Wed 15 Jan 2025 07:36:29 +0000
ROA not after: Mon 03 Jan 2028 07:36:29 +0000
asID: 17561
IP address blocks: 156.254.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67675 (0x1085b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:36:29 2025 GMT
Not After : Jan 3 07:36:29 2028 GMT
Subject: CN=67876580-5dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a7:1a:52:4f:ab:cd:d8:1e:9a:e1:7f:23:e8:
ea:11:29:2c:fe:0e:99:5a:5b:f3:f6:f8:aa:3b:a7:
00:d7:ed:3f:74:29:8c:2c:4f:db:b4:73:98:3a:17:
2d:97:c4:c1:c9:5d:02:a0:4c:4b:ec:02:11:13:0b:
48:4d:4a:e1:1a:ee:bd:1b:01:05:9e:b3:a3:7e:c2:
7a:71:5c:76:57:d7:a4:5d:07:80:bb:27:64:c4:be:
28:e3:1d:53:88:3f:f0:19:d2:ad:70:8e:f1:95:02:
23:a4:e5:58:e2:a5:80:2f:02:c5:8d:d9:f8:9f:fc:
8a:3d:fe:fd:9f:d2:b7:32:f7:50:de:87:01:6c:7a:
3f:e2:12:b4:5f:21:7b:6a:86:11:1c:ac:08:7c:84:
49:81:7f:b4:d7:2e:89:85:29:a6:d9:b4:e6:54:22:
3d:57:96:76:67:52:e2:25:4e:1f:df:55:7e:c6:db:
16:c8:7d:72:18:12:3e:6d:f6:d0:09:28:a1:94:72:
74:c1:17:f7:78:b0:28:d9:ab:ca:86:1e:9a:19:73:
b1:89:76:5e:d5:ea:d6:4e:40:1e:e9:36:06:ff:ac:
5a:fd:80:ed:8c:e2:57:56:61:19:d9:5a:70:26:e5:
46:2e:95:06:1a:fd:9b:52:16:51:8b:17:b4:c7:bb:
f0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:06:00:9E:B4:27:44:64:CF:14:8B:35:0C:F9:FF:4E:D8:47:AE:FC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7104E388D31311EF8BB2C344762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.67.0/24
Signature Algorithm: sha256WithRSAEncryption
97:f3:eb:95:b7:b9:4a:cb:e0:35:eb:f0:82:e5:3c:27:e1:a6:
84:3d:fc:87:c1:4c:29:84:1d:e9:21:bd:e3:32:e5:84:35:79:
cc:0d:4e:03:1c:e7:88:fe:a5:2b:77:d6:cf:af:11:ec:bc:c8:
d2:b2:3c:42:2f:5c:78:49:47:1d:db:7c:e5:86:91:8a:4c:8c:
5c:37:52:7c:bf:28:11:f0:ae:9a:98:60:0f:78:61:cc:70:16:
e9:d1:56:81:c4:2a:3d:3c:6a:90:e7:aa:b0:4a:42:b1:65:f8:
1f:1b:bd:a5:e6:53:35:93:8c:82:17:25:89:52:fe:ee:41:c7:
86:cf:7d:87:61:f4:61:62:57:43:28:8a:90:6a:88:97:dc:35:
6b:62:cf:06:21:f6:b0:d3:69:a4:af:a6:9f:36:33:e8:b0:97:
e3:37:e3:af:92:9f:12:68:3b:89:12:f6:29:2b:3e:3b:ef:e9:
7d:ce:e6:bf:e4:70:f2:a0:4b:30:ab:68:fb:75:a6:d0:50:fc:
06:c5:c1:a2:8b:f4:fd:31:d5:f2:85:88:23:c3:d0:87:3a:bc:
da:73:78:52:3d:f1:6e:aa:c7:07:19:5b:80:dd:ef:85:96:3b:
a7:3e:72:0a:a5:19:17:f3:31:0c:4d:56:be:fe:c8:8b:f4:14:
8e:10:ff:fa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDczNjI5WhcNMjgwMTAzMDczNjI5WjAYMRYw
FAYDVQQDEw02Nzg3NjU4MC01ZGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnqcaUk+rzdgemuF/I+jqESks/g6ZWlvz9viqO6cA1+0/dCmMLE/btHOY
Ohctl8TByV0CoExL7AIREwtITUrhGu69GwEFnrOjfsJ6cVx2V9ekXQeAuydkxL4o
4x1TiD/wGdKtcI7xlQIjpOVY4qWALwLFjdn4n/yKPf79n9K3MvdQ3ocBbHo/4hK0
XyF7aoYRHKwIfIRJgX+01y6JhSmm2bTmVCI9V5Z2Z1LiJU4f31V+xtsWyH1yGBI+
bfbQCSihlHJ0wRf3eLAo2avKhh6aGXOxiXZe1erWTkAe6TYG/6xa/YDtjOJXVmEZ
2VpwJuVGLpUGGv2bUhZRixe0x7vwBwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCUG
AJ60J0RkzxSLNQz5/07YR678MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MTA0RTM4OEQzMTMxMUVGOEJCMkMzNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5DMA0GCSqGSIb3DQEBCwUA
A4IBAQCX8+uVt7lKy+A16/CC5Twn4aaEPfyHwUwphB3pIb3jMuWENXnMDU4DHOeI
/qUrd9bPrxHsvMjSsjxCL1x4SUcd23zlhpGKTIxcN1J8vygR8K6amGAPeGHMcBbp
0VaBxCo9PGqQ56qwSkKxZfgfG72l5lM1k4yCFyWJUv7uQceGz32HYfRhYldDKIqQ
aoiX3DVrYs8GIfaw02mkr6afNjPosJfjN+Ovkp8SaDuJEvYpKz477+l9zua/5HDy
oEswq2j7dabQUPwGxcGii/T9MdXyhYgjw9CHOrzac3hSPfFuqscHGVuA3e+Fljun
PnIKpRkX8zEMTVa+/siL9BSOEP/6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:54 2025 by rpki-client