Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A71048CCD3811EF8955368C762E951A.roa
File: 7A71048CCD3811EF8955368C762E951A.roa (raw, json)
Hash identifier: hQuHYX3w/OuLlBu/ygCF2qvpIZZQeuFL/kfK8vKJWyE=
Subject key identifier: 46:F0:98:2A:9C:B0:D6:04:98:5C:A4:3D:B7:48:DD:73:86:44:BA:7E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE2D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A71048CCD3811EF8955368C762E951A.roa
Signing time: Tue 07 Jan 2025 20:46:33 +0000
ROA not before: Tue 07 Jan 2025 20:46:29 +0000
ROA not after: Mon 13 Dec 2027 20:46:29 +0000
asID: 17561
IP address blocks: 156.243.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65069 (0xfe2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:46:29 2025 GMT
Not After : Dec 13 20:46:29 2027 GMT
Subject: CN=677d92a9-4801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d1:01:c7:ba:6f:a9:77:59:a8:86:03:85:4a:
b1:f6:c2:75:8d:00:4e:6e:8b:25:7c:7b:bc:4f:e1:
db:7a:ad:0b:7c:cb:36:15:0b:2d:c2:b4:84:3e:cc:
56:95:d7:ca:20:50:e3:a4:a5:88:ec:8c:dc:e2:da:
84:11:48:7f:89:ff:43:70:63:0c:e6:22:04:7e:52:
a1:46:8b:80:b4:49:9e:9e:3f:04:a6:f1:fb:6b:b8:
56:e5:0a:9d:64:09:3f:4d:17:af:5a:59:e9:22:c9:
7e:bb:60:0b:33:f1:61:25:c9:20:37:3e:06:42:5c:
65:a9:13:9b:55:0d:fb:40:3a:47:4a:93:25:ec:9e:
b4:93:24:c8:d6:6b:41:e9:1f:41:29:44:2a:5a:43:
7d:d3:2c:60:b4:e9:07:b5:58:ea:49:76:1e:28:b5:
39:ae:10:69:ac:98:63:da:c4:d9:b9:85:55:a3:64:
73:d1:7c:bf:71:b4:37:10:ca:61:b7:b8:69:18:1d:
d9:27:a7:41:4a:ff:36:49:47:cf:94:8f:ef:a7:1e:
59:2a:b0:14:33:28:8b:08:ee:ad:a2:46:bb:ed:0e:
73:63:e3:12:27:f9:26:44:a8:bf:2d:79:82:e1:b9:
0d:e9:76:c5:ea:39:f0:2d:fd:12:47:48:77:e3:cf:
15:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F0:98:2A:9C:B0:D6:04:98:5C:A4:3D:B7:48:DD:73:86:44:BA:7E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A71048CCD3811EF8955368C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.63.0/24
Signature Algorithm: sha256WithRSAEncryption
55:53:1b:aa:f2:f4:29:b7:bb:58:52:7d:0f:51:d6:7c:64:53:
a5:d1:f9:bf:8c:81:85:04:59:a6:7f:1f:c8:8d:46:a8:b0:b5:
a2:91:71:d4:39:58:41:c9:80:00:44:d2:60:44:a7:1e:dc:ed:
27:80:47:0c:8c:3a:2c:bc:44:f8:2c:c9:ef:42:0e:16:dc:33:
4a:01:af:79:2b:f5:59:ef:2a:02:a6:19:53:81:8d:4b:1e:c6:
c5:d0:f8:0e:71:e8:b2:12:26:4b:f9:db:a8:a3:eb:b4:6b:50:
bd:4d:e8:c5:53:3c:fa:77:76:98:18:35:7f:fa:66:7a:32:b8:
e5:c7:28:6c:8e:94:f6:2c:93:25:9c:35:26:76:ac:77:01:d6:
00:8b:f2:bb:62:f8:4d:bd:8d:d6:53:57:50:b1:4e:a0:c0:72:
e9:15:ab:96:ca:09:bf:d6:f6:28:fd:f8:d8:1e:70:d6:c5:53:
41:bc:a1:13:5f:17:c7:c2:be:5c:85:8c:ed:bb:04:71:c8:6b:
02:0f:0c:7d:2d:0d:9a:79:d5:31:a1:81:14:b4:ca:62:9f:d4:
5f:10:4b:58:d7:d5:f6:ad:7c:a0:77:83:e2:b2:ef:78:fd:ef:
58:c7:87:30:b2:68:07:aa:cb:55:07:29:87:14:8a:41:ff:35:
f8:d2:4c:3b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjA0NjI5WhcNMjcxMjEzMjA0NjI5WjAYMRYw
FAYDVQQDEw02NzdkOTJhOS00ODAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAk9EBx7pvqXdZqIYDhUqx9sJ1jQBOboslfHu8T+Hbeq0LfMs2FQstwrSE
PsxWldfKIFDjpKWI7Izc4tqEEUh/if9DcGMM5iIEflKhRouAtEmenj8EpvH7a7hW
5QqdZAk/TRevWlnpIsl+u2ALM/FhJckgNz4GQlxlqRObVQ37QDpHSpMl7J60kyTI
1mtB6R9BKUQqWkN90yxgtOkHtVjqSXYeKLU5rhBprJhj2sTZuYVVo2Rz0Xy/cbQ3
EMpht7hpGB3ZJ6dBSv82SUfPlI/vpx5ZKrAUMyiLCO6toka77Q5zY+MSJ/kmRKi/
LXmC4bkN6XbF6jnwLf0SR0h3488VkQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEbw
mCqcsNYEmFykPbdI3XOGRLp+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QTcxMDQ4Q0NEMzgxMUVGODk1NTM2OEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPM/MA0GCSqGSIb3DQEBCwUA
A4IBAQBVUxuq8vQpt7tYUn0PUdZ8ZFOl0fm/jIGFBFmmfx/IjUaosLWikXHUOVhB
yYAARNJgRKce3O0ngEcMjDosvET4LMnvQg4W3DNKAa95K/VZ7yoCphlTgY1LHsbF
0PgOceiyEiZL+duoo+u0a1C9TejFUzz6d3aYGDV/+mZ6MrjlxyhsjpT2LJMlnDUm
dqx3AdYAi/K7YvhNvY3WU1dQsU6gwHLpFauWygm/1vYo/fjYHnDWxVNBvKETXxfH
wr5chYztuwRxyGsCDwx9LQ2aedUxoYEUtMpin9RfEEtY19X2rXygd4Pisu94/e9Y
x4cwsmgHqstVBymHFIpB/zX40kw7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:30 2025 by rpki-client