Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75F395FACE3C11EF8FB36E9C762E951A.roa
File: 75F395FACE3C11EF8FB36E9C762E951A.roa (raw, json)
Hash identifier: VYhDdXAWK+hoQQyKJcsScmR6x7GRLOpHj0W3HPkXO04=
Subject key identifier: 7D:1D:81:5B:F8:39:CC:72:76:36:47:E9:A4:21:78:48:97:85:5A:EC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01024F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75F395FACE3C11EF8FB36E9C762E951A.roa
Signing time: Thu 09 Jan 2025 03:47:35 +0000
ROA not before: Thu 09 Jan 2025 03:47:31 +0000
ROA not after: Fri 09 Jan 2026 03:47:31 +0000
asID: 17561
IP address blocks: 156.247.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66127 (0x1024f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 03:47:31 2025 GMT
Not After : Jan 9 03:47:31 2026 GMT
Subject: CN=677f46d6-1d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a5:b7:99:a8:ba:ad:bc:e7:ff:9b:82:b6:a7:
20:d8:86:d0:ba:05:e9:60:3f:f4:96:7c:5f:58:0a:
94:4a:d6:e7:ff:1b:36:6d:15:ad:1a:76:7d:dc:cb:
23:1f:90:1c:c5:0d:0f:0e:b0:78:a6:89:23:6f:1c:
b7:10:9f:0d:9f:63:88:d6:5c:ca:9d:ab:66:52:b2:
63:99:fe:0d:75:85:b0:62:2b:1c:3e:a7:6c:46:e6:
c8:ff:b0:14:d7:ed:59:a5:31:6f:f6:0c:99:58:d2:
c2:d5:54:1e:5b:8e:33:c9:c5:0a:e1:90:b8:31:f1:
65:87:ef:58:6f:2e:a8:97:c5:4f:c9:dc:fc:ac:be:
a0:6c:0e:18:31:8b:fc:61:c2:1c:44:ea:ed:8b:73:
9c:af:cc:72:eb:13:fa:08:17:24:b9:c3:93:4b:d5:
a8:fb:1c:91:aa:fe:c2:40:03:51:57:bf:91:4b:02:
b2:93:b2:ed:72:eb:e1:26:8a:59:3b:ca:f7:19:17:
09:c3:3b:e9:31:3f:6f:ff:79:26:9e:5b:b4:0a:ca:
76:27:2f:6b:67:7e:e0:47:d2:64:1e:de:ca:5a:70:
7e:18:ad:c5:bc:19:75:0e:71:fe:e6:66:ec:35:8c:
12:f8:d3:75:26:58:4e:cf:df:ad:4e:41:43:22:e0:
91:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1D:81:5B:F8:39:CC:72:76:36:47:E9:A4:21:78:48:97:85:5A:EC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75F395FACE3C11EF8FB36E9C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.59.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:d8:e6:cb:46:d0:68:d9:51:0f:b0:7e:93:e2:72:cf:89:bd:
19:34:7c:67:52:2f:36:3f:da:31:b9:9f:7a:e3:fb:25:af:d4:
90:5a:dc:bc:d5:bd:8f:48:d8:53:a9:b0:8a:13:dd:f7:00:97:
af:8b:18:94:c8:bb:51:16:4c:eb:71:70:80:59:2d:68:44:53:
f8:d0:35:a1:e8:4f:99:c6:82:71:59:42:87:84:4f:12:47:8e:
1c:4d:f2:d7:7c:75:f2:d6:eb:40:e2:94:fb:a2:1e:b6:49:56:
26:8e:de:34:89:19:70:27:97:7f:4f:dc:f2:24:da:7a:a5:ac:
ab:70:3b:8e:1a:d3:3d:a9:8a:55:d0:c1:a7:cf:de:86:53:04:
eb:79:fd:e4:46:a1:69:ae:74:2e:17:b1:b9:f7:6e:6a:4c:f2:
1f:7c:18:9b:63:c1:f9:66:e0:cc:02:1a:97:d8:10:ec:7d:86:
ef:a9:8e:6c:3c:46:eb:11:4b:3c:53:14:9d:dc:6e:56:7d:e9:
95:d7:80:79:10:9d:42:e4:8c:9a:5f:5d:40:2c:95:ac:60:83:
ef:5f:86:e7:fd:ee:0b:33:40:1a:4a:aa:e9:85:cb:e5:e3:bb:
e3:bc:5e:40:30:3f:c7:78:36:a4:4b:c3:5a:4c:d6:b4:fc:b9:
e6:eb:22:f7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQJPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDM0NzMxWhcNMjYwMTA5MDM0NzMxWjAYMRYw
FAYDVQQDEw02NzdmNDZkNi0xZDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmKW3mai6rbzn/5uCtqcg2IbQugXpYD/0lnxfWAqUStbn/xs2bRWtGnZ9
3MsjH5AcxQ0PDrB4pokjbxy3EJ8Nn2OI1lzKnatmUrJjmf4NdYWwYiscPqdsRubI
/7AU1+1ZpTFv9gyZWNLC1VQeW44zycUK4ZC4MfFlh+9Yby6ol8VPydz8rL6gbA4Y
MYv8YcIcROrti3Ocr8xy6xP6CBckucOTS9Wo+xyRqv7CQANRV7+RSwKyk7Ltcuvh
JopZO8r3GRcJwzvpMT9v/3kmnlu0Csp2Jy9rZ37gR9JkHt7KWnB+GK3FvBl1DnH+
5mbsNYwS+NN1JlhOz9+tTkFDIuCRIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH0d
gVv4OcxydjZH6aQheEiXhVrsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NUYzOTVGQUNFM0MxMUVGOEZCMzZFOUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPc7MA0GCSqGSIb3DQEBCwUA
A4IBAQB82ObLRtBo2VEPsH6T4nLPib0ZNHxnUi82P9oxuZ964/slr9SQWty81b2P
SNhTqbCKE933AJevixiUyLtRFkzrcXCAWS1oRFP40DWh6E+ZxoJxWUKHhE8SR44c
TfLXfHXy1utA4pT7oh62SVYmjt40iRlwJ5d/T9zyJNp6payrcDuOGtM9qYpV0MGn
z96GUwTref3kRqFprnQuF7G5925qTPIffBibY8H5ZuDMAhqX2BDsfYbvqY5sPEbr
EUs8UxSd3G5WfemV14B5EJ1C5IyaX11ALJWsYIPvX4bn/e4LM0AaSqrphcvl47vj
vF5AMD/HeDakS8NaTNa0/Lnm6yL3
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:58 2025 by rpki-client