Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74A901D6CD3711EFBE01EC84762E951A.roa
File: 74A901D6CD3711EFBE01EC84762E951A.roa (raw, json)
Hash identifier: W7NM6h4rEhZyPBwescZPcT9xT/eq3DTjdv+JK8mvI9g=
Subject key identifier: B7:9D:28:0C:55:CC:0A:38:76:7B:91:BB:AD:4F:4A:7E:78:BA:5E:8E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE25
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74A901D6CD3711EFBE01EC84762E951A.roa
Signing time: Tue 07 Jan 2025 20:39:14 +0000
ROA not before: Tue 07 Jan 2025 20:39:10 +0000
ROA not after: Mon 13 Dec 2027 20:39:10 +0000
asID: 17561
IP address blocks: 156.243.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65061 (0xfe25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:39:10 2025 GMT
Not After : Dec 13 20:39:10 2027 GMT
Subject: CN=677d90f1-5b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:03:aa:d1:f7:cb:15:6e:b5:6c:7b:ab:1f:56:
1c:d5:e9:ed:c7:cc:53:e8:37:ef:2e:7d:c2:4a:c7:
a8:1c:d5:66:57:44:2d:6c:9f:f8:83:d6:47:d8:57:
f4:2e:6f:67:3d:40:ea:3a:e5:40:96:1a:91:5d:e5:
5a:bf:2b:37:3e:21:82:e8:1d:a9:1d:25:b1:0a:ca:
9a:21:d5:b4:49:81:6b:0e:d0:89:90:c9:6e:a2:7c:
72:81:4e:79:3d:9c:59:96:18:5b:a1:8f:3f:2c:da:
d4:9c:ff:6f:5e:16:ba:d3:63:4e:67:63:70:2c:5f:
9e:d9:e5:24:ff:2f:0d:c3:76:bc:e5:63:2f:d4:71:
e6:e9:a2:6c:db:f6:92:ca:65:b6:16:57:b5:7c:b5:
13:b8:26:3f:d0:7a:c6:0d:0b:a9:92:ac:93:b2:f9:
2d:38:fa:6c:7a:fd:73:2f:8b:58:83:5f:87:5f:ce:
8a:05:af:a9:e8:a3:5e:a9:f2:ca:f9:08:44:bb:c3:
68:66:ef:b4:5f:a0:81:16:49:77:a0:70:6f:d1:bd:
b4:3a:a5:52:7e:35:67:aa:5a:97:1c:50:cc:f1:d5:
22:09:fe:9f:b0:b4:e5:15:36:0a:9d:c4:03:5e:ca:
67:a5:f2:bd:94:00:65:d9:43:31:3f:69:28:c2:f2:
6e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:9D:28:0C:55:CC:0A:38:76:7B:91:BB:AD:4F:4A:7E:78:BA:5E:8E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74A901D6CD3711EFBE01EC84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.59.0/24
Signature Algorithm: sha256WithRSAEncryption
62:64:ec:ab:ba:4e:6a:bc:86:26:25:20:a8:f0:dc:62:64:92:
98:78:f1:14:be:3e:99:e8:98:01:c4:c8:26:3a:c9:a6:db:41:
82:fa:aa:d0:00:de:d9:89:1b:14:4b:96:b8:79:80:84:da:68:
67:8f:a1:07:84:14:45:2f:05:80:f9:a1:39:4e:30:6d:78:93:
44:f1:5f:57:42:64:57:25:ec:0d:d8:e3:e6:68:49:7c:c9:6c:
91:07:9b:91:21:4d:9a:86:c5:6e:36:31:60:10:6e:41:a6:e9:
9c:46:e0:4c:42:01:ff:f0:ef:f7:08:d0:9d:b7:85:f6:10:71:
13:f5:94:b5:e6:5b:0e:a4:fa:d7:33:36:5f:75:b2:b3:ad:4c:
3b:70:e8:20:46:b7:cd:ee:60:53:91:24:20:96:f0:10:32:9c:
66:d0:6b:02:e3:37:55:67:d9:32:1d:5a:e4:05:b2:41:78:42:
82:1d:bb:52:78:9d:ad:01:c2:b2:4d:e7:ce:01:1b:8b:6a:62:
02:ac:7a:71:57:eb:19:44:a7:41:53:e7:4d:5e:e2:32:8e:ef:
bb:b5:13:79:70:a5:47:ee:3a:2e:75:7a:86:70:eb:b0:72:9f:
f5:da:98:33:fd:4b:bd:28:33:c1:8e:bb:04:58:d9:da:b0:61:
ca:f6:9a:1e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4lMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjAzOTEwWhcNMjcxMjEzMjAzOTEwWjAYMRYw
FAYDVQQDEw02NzdkOTBmMS01YjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtgOq0ffLFW61bHurH1Yc1entx8xT6DfvLn3CSseoHNVmV0QtbJ/4g9ZH
2Ff0Lm9nPUDqOuVAlhqRXeVavys3PiGC6B2pHSWxCsqaIdW0SYFrDtCJkMluonxy
gU55PZxZlhhboY8/LNrUnP9vXha602NOZ2NwLF+e2eUk/y8Nw3a85WMv1HHm6aJs
2/aSymW2Fle1fLUTuCY/0HrGDQupkqyTsvktOPpsev1zL4tYg1+HX86KBa+p6KNe
qfLK+QhEu8NoZu+0X6CBFkl3oHBv0b20OqVSfjVnqlqXHFDM8dUiCf6fsLTlFTYK
ncQDXspnpfK9lABl2UMxP2kowvJuKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLed
KAxVzAo4dnuRu61PSn54ul6OMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NEE5MDFENkNEMzcxMUVGQkUwMUVDODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPM7MA0GCSqGSIb3DQEBCwUA
A4IBAQBiZOyruk5qvIYmJSCo8NxiZJKYePEUvj6Z6JgBxMgmOsmm20GC+qrQAN7Z
iRsUS5a4eYCE2mhnj6EHhBRFLwWA+aE5TjBteJNE8V9XQmRXJewN2OPmaEl8yWyR
B5uRIU2ahsVuNjFgEG5BpumcRuBMQgH/8O/3CNCdt4X2EHET9ZS15lsOpPrXMzZf
dbKzrUw7cOggRrfN7mBTkSQglvAQMpxm0GsC4zdVZ9kyHVrkBbJBeEKCHbtSeJ2t
AcKyTefOARuLamICrHpxV+sZRKdBU+dNXuIyju+7tRN5cKVH7joudXqGcOuwcp/1
2pgz/Uu9KDPBjrsEWNnasGHK9poe
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:45 2025 by rpki-client