Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/777BF40EC96D11EFAD984C6E762E951A.roa
File: 777BF40EC96D11EFAD984C6E762E951A.roa (raw, json)
Hash identifier: AEwG9ge81engFd4PIHxpoTFxemROvUcqPg2+otGe52U=
Subject key identifier: 66:21:A0:28:5A:9C:CB:84:2D:3B:53:90:4D:E9:70:4B:EF:DC:C1:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F492
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/777BF40EC96D11EFAD984C6E762E951A.roa
Signing time: Fri 03 Jan 2025 00:55:47 +0000
ROA not before: Fri 03 Jan 2025 00:00:43 +0000
ROA not after: Mon 13 Dec 2027 00:00:43 +0000
asID: 17561
IP address blocks: 156.226.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62610 (0xf492)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 00:00:43 2025 GMT
Not After : Dec 13 00:00:43 2027 GMT
Subject: CN=67773592-0ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:74:b4:e5:fd:ad:ec:4c:f2:8b:2d:42:db:
3a:1f:93:98:7a:6d:13:16:3d:92:c3:8f:6f:4b:41:
17:3f:11:85:53:9b:fb:8c:8e:2c:33:f0:76:b6:c8:
20:41:86:a9:ef:90:cc:9f:a5:e4:69:92:54:81:21:
67:ce:c5:b0:5e:b1:c1:b8:8b:63:cf:a0:cc:b6:4b:
b8:15:61:84:a1:50:91:bb:a8:d7:62:db:72:14:bb:
a8:3c:cb:99:d2:2d:bb:73:26:f9:3e:4e:66:96:85:
17:3a:c6:5a:35:0b:56:6e:43:79:60:ce:b9:e1:b6:
fd:04:61:cb:7f:37:9a:e3:8c:fd:b1:b9:09:a1:5a:
71:7d:50:f7:cc:82:24:28:9e:9a:97:2a:74:22:3f:
cc:4e:a2:3b:f9:df:bd:e6:27:74:8c:6d:63:cb:9f:
36:a0:da:2a:1a:ff:aa:ad:a1:87:2c:29:2a:99:fe:
f2:d3:34:6b:b9:42:2f:43:80:d6:f3:a3:4e:a1:0d:
b8:01:b0:55:0e:c8:00:de:21:5f:22:60:79:2c:e0:
29:cc:8f:0c:b0:5d:90:ec:f9:6d:f0:cf:16:db:c8:
8e:42:a3:7f:a8:76:47:a1:e4:2d:a7:3f:d5:dd:19:
ad:c1:01:9b:be:5e:2e:ea:42:51:97:c8:7d:b5:9d:
46:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:21:A0:28:5A:9C:CB:84:2D:3B:53:90:4D:E9:70:4B:EF:DC:C1:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/777BF40EC96D11EFAD984C6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.253.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:e6:76:3c:ec:79:10:d3:31:90:a0:e5:1d:89:0c:8f:40:38:
0d:08:c1:59:cf:c7:1c:83:09:bb:80:0d:f3:5b:a3:54:f5:64:
56:cb:91:69:d4:19:7b:49:db:c7:9c:6a:a0:4e:c0:83:5c:d5:
f8:91:7b:cf:ed:d0:1f:24:3d:4e:75:8a:6f:f3:d1:2d:ea:75:
02:8e:ea:74:3c:8b:08:ac:4e:55:bd:03:05:ac:52:e9:ee:48:
f3:10:6c:d5:96:82:d9:bf:37:95:de:58:85:d2:df:e5:a3:49:
36:1b:2d:29:f3:55:b1:a4:55:0b:05:72:ec:f1:98:b4:4d:50:
0d:15:6c:15:2d:20:7b:8a:ac:b2:31:d3:0a:c0:d5:b5:18:06:
a2:a3:8e:d9:86:39:0c:8c:47:db:03:c6:76:18:99:2a:03:49:
f2:bf:62:60:27:01:2e:c1:ea:62:19:7e:8e:91:ae:6e:9c:7f:
de:40:28:94:83:8a:ad:05:0d:b4:60:34:ca:80:ba:66:d1:ea:
a4:27:cd:91:07:f8:22:e1:09:1a:97:43:1b:78:c7:4d:6b:45:
b2:43:b2:32:75:cc:52:c2:43:a9:32:c1:04:1c:ed:67:5d:e5:
2b:e4:b3:29:2b:37:c2:f1:73:28:2b:0e:7a:2d:5f:5c:7f:d5:
33:fd:e4:15
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPSSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDAwMDQzWhcNMjcxMjEzMDAwMDQzWjAYMRYw
FAYDVQQDEw02Nzc3MzU5Mi0wYWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArQR0tOX9rexM8ostQts6H5OYem0TFj2Sw49vS0EXPxGFU5v7jI4sM/B2
tsggQYap75DMn6XkaZJUgSFnzsWwXrHBuItjz6DMtku4FWGEoVCRu6jXYttyFLuo
PMuZ0i27cyb5Pk5mloUXOsZaNQtWbkN5YM654bb9BGHLfzea44z9sbkJoVpxfVD3
zIIkKJ6alyp0Ij/MTqI7+d+95id0jG1jy582oNoqGv+qraGHLCkqmf7y0zRruUIv
Q4DW86NOoQ24AbBVDsgA3iFfImB5LOApzI8MsF2Q7Plt8M8W28iOQqN/qHZHoeQt
pz/V3RmtwQGbvl4u6kJRl8h9tZ1G+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGYh
oChanMuELTtTkE3pcEvv3MEOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NzdCRjQwRUM5NkQxMUVGQUQ5ODRDNkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOL9MA0GCSqGSIb3DQEBCwUA
A4IBAQC35nY87HkQ0zGQoOUdiQyPQDgNCMFZz8ccgwm7gA3zW6NU9WRWy5Fp1Bl7
SdvHnGqgTsCDXNX4kXvP7dAfJD1OdYpv89Et6nUCjup0PIsIrE5VvQMFrFLp7kjz
EGzVloLZvzeV3liF0t/lo0k2Gy0p81WxpFULBXLs8Zi0TVANFWwVLSB7iqyyMdMK
wNW1GAaio47ZhjkMjEfbA8Z2GJkqA0nyv2JgJwEuwepiGX6Oka5unH/eQCiUg4qt
BQ20YDTKgLpm0eqkJ82RB/gi4Qkal0MbeMdNa0WyQ7IydcxSwkOpMsEEHO1nXeUr
5LMpKzfC8XMoKw56LV9cf9Uz/eQV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:13 2025 by rpki-client