Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75D6E082C97C11EF86820B5E762E951A.roa
File: 75D6E082C97C11EF86820B5E762E951A.roa (raw, json)
Hash identifier: nZMFqSUzhdr5mMf3FXEXO2dnTnPb1HYqDakVa7csy/o=
Subject key identifier: 69:5D:E0:27:C5:57:94:5E:8A:87:9E:71:4B:AF:0F:AC:23:5D:7A:E3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F523
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75D6E082C97C11EF86820B5E762E951A.roa
Signing time: Fri 03 Jan 2025 02:43:06 +0000
ROA not before: Fri 03 Jan 2025 02:43:03 +0000
ROA not after: Mon 13 Dec 2027 02:43:03 +0000
asID: 17561
IP address blocks: 156.227.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62755 (0xf523)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 02:43:03 2025 GMT
Not After : Dec 13 02:43:03 2027 GMT
Subject: CN=67774eba-824a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:90:41:12:c4:13:fc:8e:f7:8a:77:93:94:93:
24:70:21:74:fb:a9:f9:63:ae:75:37:b7:5d:0f:e3:
8d:52:7c:72:4e:f8:d5:4b:5d:24:ab:e8:0d:fa:d2:
43:d5:b1:d7:08:32:69:7f:71:66:30:8d:c0:09:ed:
b6:c8:77:3c:00:b0:61:60:e6:52:2d:7c:6f:b8:4e:
08:d1:6e:ef:a4:c7:c1:1b:2b:0b:6d:32:06:b7:7a:
9c:da:9f:f7:17:fc:25:1c:2f:02:e8:d1:6c:6e:37:
00:9c:ce:42:fd:79:64:90:1c:ec:72:24:b6:3e:4a:
f6:1e:fe:6b:90:4d:3b:d1:ea:5a:08:57:f8:f9:a0:
a5:85:ea:1d:b4:17:19:08:68:2c:90:4f:8a:55:be:
3c:06:75:85:b6:27:b0:ba:2e:b6:2d:e0:75:e3:ae:
d6:8c:eb:f5:c1:84:74:3b:32:d6:91:14:9e:2c:cf:
ff:99:68:8c:15:cf:94:a4:e5:2e:3d:0e:8b:d1:92:
0d:cf:7e:89:64:f0:0f:3a:9f:83:9b:79:55:27:ef:
1e:4f:3d:cf:a5:24:c4:a4:aa:0b:ec:27:06:eb:c5:
b7:57:26:01:9e:ac:17:90:71:fa:d9:c9:ae:0d:4e:
85:32:b8:98:d2:9a:bf:8c:dd:33:04:92:42:db:b8:
af:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:5D:E0:27:C5:57:94:5E:8A:87:9E:71:4B:AF:0F:AC:23:5D:7A:E3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75D6E082C97C11EF86820B5E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.251.0/24
Signature Algorithm: sha256WithRSAEncryption
76:9e:09:9c:ff:70:09:5c:68:fe:1e:c6:4e:83:c2:8e:59:41:
b5:6a:ab:15:75:b3:3b:78:79:87:9e:4b:f3:f4:a0:c4:73:64:
0b:89:89:18:93:47:38:b9:3c:3d:6c:2c:b3:fe:77:d2:db:c5:
a2:f3:c3:ae:d8:15:fc:1a:db:79:eb:47:7a:38:38:76:c3:7a:
6c:f8:bc:02:72:d0:17:72:40:34:68:f9:61:02:b4:65:4c:d0:
12:3e:e6:0b:cf:4b:c2:46:cf:44:42:93:64:92:aa:11:db:47:
88:fd:70:f7:ff:40:58:88:62:98:cb:45:5d:f4:f7:ab:d3:0c:
58:06:aa:61:19:ca:a6:e1:94:f7:81:81:fd:66:4f:13:b2:03:
a8:ca:34:32:45:5e:07:78:19:62:d2:7a:e3:96:82:01:92:09:
72:35:7b:38:53:29:a4:e2:96:69:34:e6:8e:eb:a8:61:14:28:
98:ec:ce:5c:55:d3:06:78:33:a2:a1:f7:b7:e1:51:d7:11:65:
56:3e:5c:ad:f1:da:cb:c9:4a:b1:d9:95:6d:b1:c3:b9:8f:81:
7e:8b:79:0f:f1:f2:a1:f0:13:d3:8d:22:30:b9:2c:da:17:8f:
d6:cb:94:4f:13:ea:3a:5c:9c:44:62:38:b7:d7:c5:68:c5:bf:
ff:08:74:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPUjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDI0MzAzWhcNMjcxMjEzMDI0MzAzWjAYMRYw
FAYDVQQDEw02Nzc3NGViYS04MjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo5BBEsQT/I73ineTlJMkcCF0+6n5Y651N7ddD+ONUnxyTvjVS10kq+gN
+tJD1bHXCDJpf3FmMI3ACe22yHc8ALBhYOZSLXxvuE4I0W7vpMfBGysLbTIGt3qc
2p/3F/wlHC8C6NFsbjcAnM5C/XlkkBzsciS2Pkr2Hv5rkE070epaCFf4+aClheod
tBcZCGgskE+KVb48BnWFtiewui62LeB1467WjOv1wYR0OzLWkRSeLM//mWiMFc+U
pOUuPQ6L0ZINz36JZPAPOp+Dm3lVJ+8eTz3PpSTEpKoL7CcG68W3VyYBnqwXkHH6
2cmuDU6FMriY0pq/jN0zBJJC27ivdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGld
4CfFV5ReioeecUuvD6wjXXrjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NUQ2RTA4MkM5N0MxMUVGODY4MjBCNUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOP7MA0GCSqGSIb3DQEBCwUA
A4IBAQB2ngmc/3AJXGj+HsZOg8KOWUG1aqsVdbM7eHmHnkvz9KDEc2QLiYkYk0c4
uTw9bCyz/nfS28Wi88Ou2BX8Gtt560d6ODh2w3ps+LwCctAXckA0aPlhArRlTNAS
PuYLz0vCRs9EQpNkkqoR20eI/XD3/0BYiGKYy0Vd9Per0wxYBqphGcqm4ZT3gYH9
Zk8TsgOoyjQyRV4HeBli0nrjloIBkglyNXs4Uymk4pZpNOaO66hhFCiY7M5cVdMG
eDOiofe34VHXEWVWPlyt8drLyUqx2ZVtscO5j4F+i3kP8fKh8BPTjSIwuSzaF4/W
y5RPE+o6XJxEYji318Voxb//CHTo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:25 2025 by rpki-client