Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74C2619ECD7311EF92873397762E951A.roa
File: 74C2619ECD7311EF92873397762E951A.roa (raw, json)
Hash identifier: mPT3Z3ksHbrCt+h4O9hYWkFrwmWx1fbtySzKqMcMUuk=
Subject key identifier: FB:F7:AF:A6:0F:2E:A0:DA:11:0D:27:66:E2:96:00:AA:05:CE:DA:5E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF9D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74C2619ECD7311EF92873397762E951A.roa
Signing time: Wed 08 Jan 2025 03:48:44 +0000
ROA not before: Wed 08 Jan 2025 03:48:40 +0000
ROA not after: Mon 13 Dec 2027 03:48:40 +0000
asID: 17561
IP address blocks: 156.248.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65437 (0xff9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 03:48:40 2025 GMT
Not After : Dec 13 03:48:40 2027 GMT
Subject: CN=677df59b-13b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c5:ae:94:0f:b0:08:9a:8d:af:d4:5e:0a:ee:
d4:56:9f:b6:5e:76:26:1d:ca:15:d3:1d:12:e2:25:
e1:d5:d9:2c:ed:c6:bf:f4:83:33:e2:1b:07:9b:7b:
5d:5d:f3:b3:5e:87:a7:89:90:f5:91:a7:cf:53:e9:
33:f5:e2:8a:49:43:2a:a0:e8:c5:c5:5b:d3:78:87:
ad:de:70:13:51:0a:43:e9:82:29:45:f1:f5:b6:f5:
ce:fd:65:65:74:13:83:1f:3b:9b:71:92:00:40:bb:
9c:ea:57:c5:8e:03:08:32:9b:4f:56:32:bd:c2:6d:
67:20:da:95:6c:a1:f5:c2:16:9b:d4:49:77:01:03:
8a:37:5c:45:a9:83:27:fc:f8:28:07:08:9e:b3:84:
41:6c:41:40:08:23:ec:20:80:e2:e5:45:cd:c3:56:
84:6c:b5:e2:66:f3:e0:0b:e3:17:ff:3d:72:1d:35:
6f:0a:ad:7e:84:44:30:c0:a9:b1:b9:93:68:9e:e6:
5c:50:bb:d1:53:5c:2b:95:18:69:28:04:25:ca:dc:
b2:3a:49:2f:7d:24:2f:24:08:b6:13:73:e1:04:a5:
df:19:1c:8d:9d:33:0e:19:1b:d1:4c:1a:c1:41:57:
0d:58:12:90:81:a0:3c:59:ca:a2:4c:f2:4f:0d:eb:
f8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F7:AF:A6:0F:2E:A0:DA:11:0D:27:66:E2:96:00:AA:05:CE:DA:5E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74C2619ECD7311EF92873397762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.80.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:1c:cc:40:1a:fa:6b:52:1f:02:4c:cc:df:95:c0:fd:73:93:
e1:94:2f:36:ef:34:48:58:cc:25:ad:93:ae:6c:a2:a5:3f:0c:
81:3e:f8:b2:6e:48:47:c0:03:52:c2:1e:a8:b4:37:5e:c8:ed:
6a:a2:37:75:8f:af:ae:7f:29:46:e0:8e:ca:ce:6f:ea:b1:14:
73:c0:b5:c2:4d:35:6a:e5:70:fb:1e:f5:ff:00:a1:87:f0:41:
e8:ae:6f:97:51:d3:53:c9:bc:02:af:90:6e:e5:21:de:46:ae:
f6:4c:b3:25:a7:92:86:e0:f7:4c:b9:a9:0f:1c:76:7e:30:62:
b0:b4:d7:f0:01:03:56:9e:3e:e3:81:00:8a:47:53:db:e0:57:
f6:62:92:7e:a9:d3:29:bf:c0:68:4c:07:ad:32:6e:b8:e6:4a:
ca:61:1e:b2:01:8a:1b:55:cd:ea:2b:9b:61:de:24:37:72:7f:
4a:ae:de:70:61:0b:a5:d7:ba:c2:fd:67:32:a4:a0:07:bb:58:
6d:ce:87:79:19:f2:5c:f9:4a:bf:fa:53:45:5f:94:10:bf:d1:
47:43:49:aa:7b:2e:c8:c1:b4:00:31:4a:7e:eb:57:60:79:cd:
1a:ed:2d:85:79:f2:c3:9e:85:5d:cd:61:ce:f8:7d:12:46:a0:
86:53:3d:4c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDM0ODQwWhcNMjcxMjEzMDM0ODQwWjAYMRYw
FAYDVQQDEw02NzdkZjU5Yi0xM2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm8WulA+wCJqNr9ReCu7UVp+2XnYmHcoV0x0S4iXh1dks7ca/9IMz4hsH
m3tdXfOzXoeniZD1kafPU+kz9eKKSUMqoOjFxVvTeIet3nATUQpD6YIpRfH1tvXO
/WVldBODHzubcZIAQLuc6lfFjgMIMptPVjK9wm1nINqVbKH1whab1El3AQOKN1xF
qYMn/PgoBwies4RBbEFACCPsIIDi5UXNw1aEbLXiZvPgC+MX/z1yHTVvCq1+hEQw
wKmxuZNonuZcULvRU1wrlRhpKAQlytyyOkkvfSQvJAi2E3PhBKXfGRyNnTMOGRvR
TBrBQVcNWBKQgaA8WcqiTPJPDev4CwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPv3
r6YPLqDaEQ0nZuKWAKoFztpeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NEMyNjE5RUNENzMxMUVGOTI4NzMzOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhQMA0GCSqGSIb3DQEBCwUA
A4IBAQAsHMxAGvprUh8CTMzflcD9c5PhlC827zRIWMwlrZOubKKlPwyBPviybkhH
wANSwh6otDdeyO1qojd1j6+ufylG4I7Kzm/qsRRzwLXCTTVq5XD7HvX/AKGH8EHo
rm+XUdNTybwCr5Bu5SHeRq72TLMlp5KG4PdMuakPHHZ+MGKwtNfwAQNWnj7jgQCK
R1Pb4Ff2YpJ+qdMpv8BoTAetMm645krKYR6yAYobVc3qK5th3iQ3cn9Krt5wYQul
17rC/WcypKAHu1htzod5GfJc+Uq/+lNFX5QQv9FHQ0mqey7IwbQAMUp+61dgec0a
7S2FefLDnoVdzWHO+H0SRqCGUz1M
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:25 2025 by rpki-client