Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75F6EFBACD9811EFAB4DB97E762E951A.roa
File: 75F6EFBACD9811EFAB4DB97E762E951A.roa (raw, json)
Hash identifier: pPwuCwbeUOg3Ww7yopFnE5EITgqJSbbegqt3T6H6Ns4=
Subject key identifier: D1:3A:39:AD:40:22:03:4D:8D:EE:0A:74:6D:90:95:A5:E5:0D:D5:00
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01006F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75F6EFBACD9811EFAB4DB97E762E951A.roa
Signing time: Wed 08 Jan 2025 08:13:37 +0000
ROA not before: Wed 08 Jan 2025 08:13:33 +0000
ROA not after: Tue 16 Dec 2025 08:13:33 +0000
asID: 984
IP address blocks: 156.249.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65647 (0x1006f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:13:33 2025 GMT
Not After : Dec 16 08:13:33 2025 GMT
Subject: CN=677e33b1-e50f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f8:44:b2:b9:bf:15:df:14:9b:68:44:ee:c2:
45:da:e3:b6:81:4f:ea:94:f0:5b:05:d2:6d:60:40:
4c:b5:05:5a:fe:b7:17:4b:18:86:19:eb:11:0e:7d:
38:b5:1a:ba:05:0c:37:80:6f:df:c1:5a:05:c7:86:
58:44:ab:67:3c:b5:87:5f:e4:cb:a1:0a:55:06:83:
7b:5a:20:dd:56:d1:c9:8c:2d:80:73:73:65:93:90:
24:8b:0c:cd:e2:a7:7a:7e:5b:73:08:30:40:85:40:
5e:18:4e:09:ed:d1:8a:da:87:c6:56:03:8e:4f:44:
3a:ba:c5:c6:e1:08:4c:51:23:e8:4f:fc:a3:3b:50:
af:03:37:7e:b3:48:35:c1:53:69:71:5f:1b:15:aa:
bb:bb:5f:96:ba:d5:51:9c:3d:71:c7:32:00:3c:01:
b9:0d:3a:b0:71:e0:cf:82:a1:ac:46:28:76:bf:da:
24:21:fd:39:67:c4:76:c8:11:89:5c:33:da:99:5f:
ab:68:75:b3:78:16:15:04:27:8b:8d:93:2b:75:41:
af:55:a9:7a:7c:07:00:fc:4e:6f:cd:e3:da:72:a3:
a1:83:63:c6:cf:5a:5e:fb:72:3b:36:82:bc:9c:e2:
48:ce:70:05:02:03:2e:7e:0f:34:c2:24:c3:55:ad:
c1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3A:39:AD:40:22:03:4D:8D:EE:0A:74:6D:90:95:A5:E5:0D:D5:00
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75F6EFBACD9811EFAB4DB97E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.73.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:d0:cd:2f:00:34:ce:cb:5e:32:bf:f3:05:81:30:21:b6:44:
21:7a:8e:34:88:27:d1:78:81:a0:f2:6c:db:21:53:42:e1:53:
d9:aa:ee:5e:bf:f9:19:c0:22:a8:6f:09:5e:37:df:6a:74:8e:
c4:ec:93:1e:1f:d2:ad:9d:09:74:98:44:f4:1a:ea:46:a1:03:
db:58:c7:19:b2:82:49:16:c9:ce:5a:2b:6b:f8:a2:d2:cd:25:
bd:18:2b:8b:f0:69:e3:34:8f:10:fb:e3:99:ae:94:28:1d:bc:
4c:4f:73:be:bd:5a:18:a7:61:e3:62:06:30:73:db:9b:5e:24:
ea:43:d7:e9:15:7d:65:6b:8d:df:8e:de:a8:f9:ed:3d:13:ca:
50:01:c5:bb:88:5b:13:4c:ef:fc:c4:cc:ef:c7:40:26:60:8c:
5a:e9:21:e5:2b:cc:3a:97:bf:48:2d:50:7c:08:78:37:8c:98:
54:ca:e4:91:af:83:31:82:44:b2:fd:6d:0d:62:b2:3f:cf:6c:
7c:7a:b8:a4:c0:32:77:3e:08:5a:b9:15:ae:a6:72:89:11:b4:
5a:30:5f:e8:3e:97:16:b4:5d:2e:17:8f:b0:26:50:ad:9c:77:
31:c7:be:05:52:9b:f0:cf:12:e3:20:cc:bb:86:dc:f2:8f:5e:
73:bc:c2:3d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQBvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDgxMzMzWhcNMjUxMjE2MDgxMzMzWjAYMRYw
FAYDVQQDEw02NzdlMzNiMS1lNTBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3fhEsrm/Fd8Um2hE7sJF2uO2gU/qlPBbBdJtYEBMtQVa/rcXSxiGGesR
Dn04tRq6BQw3gG/fwVoFx4ZYRKtnPLWHX+TLoQpVBoN7WiDdVtHJjC2Ac3Nlk5Ak
iwzN4qd6fltzCDBAhUBeGE4J7dGK2ofGVgOOT0Q6usXG4QhMUSPoT/yjO1CvAzd+
s0g1wVNpcV8bFaq7u1+WutVRnD1xxzIAPAG5DTqwceDPgqGsRih2v9okIf05Z8R2
yBGJXDPamV+raHWzeBYVBCeLjZMrdUGvVal6fAcA/E5vzePacqOhg2PGz1pe+3I7
NoK8nOJIznAFAgMufg80wiTDVa3BaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNE6
Oa1AIgNNje4KdG2QlaXlDdUAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NUY2RUZCQUNEOTgxMUVGQUI0REI5N0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlJMA0GCSqGSIb3DQEBCwUA
A4IBAQC20M0vADTOy14yv/MFgTAhtkQheo40iCfReIGg8mzbIVNC4VPZqu5ev/kZ
wCKobwleN99qdI7E7JMeH9KtnQl0mET0GupGoQPbWMcZsoJJFsnOWitr+KLSzSW9
GCuL8GnjNI8Q++OZrpQoHbxMT3O+vVoYp2HjYgYwc9ubXiTqQ9fpFX1la43fjt6o
+e09E8pQAcW7iFsTTO/8xMzvx0AmYIxa6SHlK8w6l79ILVB8CHg3jJhUyuSRr4Mx
gkSy/W0NYrI/z2x8erikwDJ3PghauRWupnKJEbRaMF/oPpcWtF0uF4+wJlCtnHcx
x74FUpvwzxLjIMy7htzyj15zvMI9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:44 2025 by rpki-client