Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/723C6222CDA411EFA3B2664B762E951A.roa
File: 723C6222CDA411EFA3B2664B762E951A.roa (raw, json)
Hash identifier: 7rArdNgkNvZNDFCh2Hu7RDqZCv2AQun0zIAabScc1xs=
Subject key identifier: E7:84:36:9E:BE:EB:B8:58:1E:35:D3:BD:D2:8F:AF:B3:72:D8:4F:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010111
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/723C6222CDA411EFA3B2664B762E951A.roa
Signing time: Wed 08 Jan 2025 09:39:25 +0000
ROA not before: Wed 08 Jan 2025 09:39:21 +0000
ROA not after: Mon 13 Dec 2027 09:39:21 +0000
asID: 17561
IP address blocks: 156.253.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65809 (0x10111)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:39:21 2025 GMT
Not After : Dec 13 09:39:21 2027 GMT
Subject: CN=677e47cd-d9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3e:b3:97:7f:cb:f0:7a:ba:8e:45:dd:6a:4a:
71:18:f8:41:a1:55:83:42:a1:e4:15:be:02:cc:aa:
dc:88:c4:d8:e4:cf:ef:8a:cd:8e:3d:f7:0d:ed:a7:
5e:f8:93:6b:23:cf:51:cc:fd:b2:d9:1c:83:0b:ab:
3b:14:3f:22:22:16:59:d3:38:51:4e:bf:f6:b7:10:
44:2d:a2:6f:6a:f0:11:04:4a:f3:41:07:a6:e5:0b:
b6:7a:9d:90:65:2b:dc:13:91:64:ca:3d:9a:44:c2:
b3:eb:ca:ba:5c:e9:7c:7b:48:41:a2:68:9c:6f:5b:
1e:52:de:db:aa:d4:6e:24:be:5a:c6:0a:02:2f:83:
dd:71:88:3b:4c:9b:c1:00:34:e7:1b:2c:5e:2b:a4:
0c:5f:39:27:b5:ae:8d:ab:a2:3a:6b:ce:8d:67:bd:
0f:d1:c7:fa:e2:16:64:f0:76:c9:46:1d:48:d5:aa:
af:57:44:60:a3:e1:76:8c:b2:1f:ba:39:b7:11:b5:
69:81:f5:e9:ad:b9:6c:f8:d3:b1:72:d3:fd:ad:a5:
76:8a:5f:f7:0d:9d:a8:0f:96:9b:94:fc:90:88:2b:
33:99:f0:9b:aa:bf:1e:dd:5b:d6:2d:b2:ca:38:5e:
a4:44:3f:2a:b5:2c:0e:ac:b7:68:d5:7a:22:77:ba:
18:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:84:36:9E:BE:EB:B8:58:1E:35:D3:BD:D2:8F:AF:B3:72:D8:4F:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/723C6222CDA411EFA3B2664B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
35:59:8a:08:92:24:11:d7:6d:9a:5a:c3:aa:1c:5b:9c:ad:2d:
61:95:48:c1:1f:51:e3:63:f1:26:50:ef:78:66:7d:43:66:33:
10:b7:1b:eb:e3:c2:01:39:f3:5a:20:85:49:cb:2a:6b:b8:2d:
ac:7b:a9:df:72:3d:e5:91:1b:b1:36:11:61:91:ab:c8:8f:52:
61:f2:f8:23:3f:7c:29:fe:e7:16:94:67:33:6e:86:bf:96:a7:
6d:ab:5a:7c:ba:6d:b2:ab:72:8c:bd:b6:a4:51:7d:db:4c:a5:
17:8c:3d:36:79:e3:77:be:bd:96:38:6d:d5:4e:fb:fd:67:e3:
bf:c8:29:20:d8:45:62:44:b2:03:f2:b6:4d:ff:6b:99:08:77:
ba:fa:2b:c5:e9:65:29:eb:da:9c:73:d1:46:f5:2c:44:0f:ca:
80:5d:c8:12:a2:6a:8b:c2:7b:1d:d5:6a:79:e7:3b:13:53:ad:
5a:42:e8:ab:2a:19:46:44:cd:f7:5b:18:09:56:a2:9d:d4:16:
14:a1:43:1f:1d:9b:00:6a:13:15:2a:08:2d:10:9e:36:a2:52:
23:b1:74:27:67:b9:d0:34:28:61:a6:2f:ec:35:1e:6b:59:1f:
1d:bb:79:ac:e5:57:dd:9e:81:62:90:85:b4:3f:00:bb:b9:5c:
15:79:ad:fb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQERMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkzOTIxWhcNMjcxMjEzMDkzOTIxWjAYMRYw
FAYDVQQDEw02NzdlNDdjZC1kOWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxz6zl3/L8Hq6jkXdakpxGPhBoVWDQqHkFb4CzKrciMTY5M/vis2OPfcN
7ade+JNrI89RzP2y2RyDC6s7FD8iIhZZ0zhRTr/2txBELaJvavARBErzQQem5Qu2
ep2QZSvcE5Fkyj2aRMKz68q6XOl8e0hBomicb1seUt7bqtRuJL5axgoCL4PdcYg7
TJvBADTnGyxeK6QMXzknta6Nq6I6a86NZ70P0cf64hZk8HbJRh1I1aqvV0Rgo+F2
jLIfujm3EbVpgfXprbls+NOxctP9raV2il/3DZ2oD5ablPyQiCszmfCbqr8e3VvW
LbLKOF6kRD8qtSwOrLdo1Xoid7oYUQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOeE
Np6+67hYHjXTvdKPr7Ny2E+BMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MjNDNjIyMkNEQTQxMUVGQTNCMjY2NEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP02MA0GCSqGSIb3DQEBCwUA
A4IBAQA1WYoIkiQR122aWsOqHFucrS1hlUjBH1HjY/EmUO94Zn1DZjMQtxvr48IB
OfNaIIVJyypruC2se6nfcj3lkRuxNhFhkavIj1Jh8vgjP3wp/ucWlGczboa/lqdt
q1p8um2yq3KMvbakUX3bTKUXjD02eeN3vr2WOG3VTvv9Z+O/yCkg2EViRLID8rZN
/2uZCHe6+ivF6WUp69qcc9FG9SxED8qAXcgSomqLwnsd1Wp55zsTU61aQuirKhlG
RM33WxgJVqKd1BYUoUMfHZsAahMVKggtEJ42olIjsXQnZ7nQNChhpi/sNR5rWR8d
u3ms5VfdnoFikIW0PwC7uVwVea37
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:59 2025 by rpki-client