Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7ADA54C0D17D11EF9C415AB0762E951A.roa
File: 7ADA54C0D17D11EF9C415AB0762E951A.roa (raw, json)
Hash identifier: 55FqzcguP5eelMbgpgaidVGoApZdgVA5L5iQ4b4T1mA=
Subject key identifier: 8A:80:A0:71:F0:99:3D:49:EA:99:24:D2:5B:71:D8:B7:4A:0D:96:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010682
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7ADA54C0D17D11EF9C415AB0762E951A.roa
Signing time: Mon 13 Jan 2025 07:10:34 +0000
ROA not before: Mon 13 Jan 2025 07:10:30 +0000
ROA not after: Thu 20 Feb 2025 07:10:30 +0000
asID: 213828
IP address blocks: 156.253.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67202 (0x10682)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 07:10:30 2025 GMT
Not After : Feb 20 07:10:30 2025 GMT
Subject: CN=6784bc69-fe07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:27:11:dc:2a:5e:49:83:2d:04:f1:4d:9e:3c:
20:8b:c2:ce:b6:5c:86:83:9c:56:93:7b:2d:45:ba:
79:55:a1:2c:a9:4e:5c:45:64:45:d4:ac:45:9b:ac:
ca:0c:68:11:30:ab:bb:22:c0:81:d1:b7:4d:c7:b9:
ef:4a:e0:0f:4e:60:66:71:78:3b:14:7f:03:0e:37:
e3:66:64:b2:8e:1a:40:b5:40:3b:fb:f5:72:07:ce:
8e:69:ee:83:40:60:92:8f:cf:75:f9:43:09:ab:8f:
d6:83:99:5d:4a:59:60:38:87:ae:82:04:d7:b2:79:
0b:94:02:71:c4:1d:9f:71:32:67:be:b5:aa:54:dc:
31:6e:e1:cd:56:dd:c1:28:4b:5b:b8:7d:d3:29:75:
b8:d9:38:7a:db:e3:0d:78:6f:c8:8b:66:9d:1b:e0:
73:8e:00:20:52:ff:07:7b:d9:33:84:de:72:e4:f8:
4b:38:6a:fa:aa:90:20:34:2a:d9:9f:e6:e0:08:90:
da:f1:26:b1:c0:05:cc:e6:f0:01:ac:fe:21:84:54:
60:4b:a9:04:01:3b:89:e1:9f:5e:2e:d6:21:ce:fe:
ba:49:52:1f:1a:b9:1a:0d:4b:23:48:06:34:cc:12:
29:05:5f:4c:3d:a8:67:a6:6f:85:05:91:66:90:f6:
c2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:80:A0:71:F0:99:3D:49:EA:99:24:D2:5B:71:D8:B7:4A:0D:96:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7ADA54C0D17D11EF9C415AB0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.232.0/24
Signature Algorithm: sha256WithRSAEncryption
31:1f:62:85:a8:da:ae:cc:80:64:04:7c:4e:74:63:d1:2a:a9:
77:49:88:18:84:73:d2:16:7c:28:d6:2e:ce:24:fe:a1:9f:da:
cd:0e:72:5b:9d:a2:26:b0:16:48:1e:36:35:fe:b2:09:85:ba:
e2:60:7d:39:50:cd:d2:ca:61:6b:0f:47:bc:88:74:eb:88:c2:
05:31:8c:19:42:bc:90:93:c0:0f:5d:5f:39:64:18:d7:09:86:
72:36:18:5e:b1:80:6d:b4:f6:42:2f:f2:2a:6a:56:71:46:1b:
13:79:80:e4:7a:7f:62:ce:30:19:51:1d:bc:23:5d:a4:03:01:
71:bc:7d:73:97:f3:6d:3d:39:7a:0f:16:a6:5b:84:51:3c:10:
eb:98:79:92:03:8f:20:4b:a5:56:1e:b5:c9:d0:8d:e6:fd:a0:
4f:a3:26:92:10:71:90:f8:e0:f4:25:6f:0e:23:35:a6:99:9b:
4b:37:ab:c4:ab:ac:1b:e1:71:e3:a5:9e:53:f3:25:73:1a:63:
e6:fa:07:9b:67:91:92:69:38:58:cf:13:c3:13:09:41:d8:7a:
df:f1:02:3a:83:bb:fd:77:90:c2:28:e4:6f:90:48:ba:66:e8:
f9:ad:43:dd:ac:d1:4a:aa:30:b8:6f:93:f3:19:f2:f7:76:ed:
7a:f6:f1:3b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQaCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDcxMDMwWhcNMjUwMjIwMDcxMDMwWjAYMRYw
FAYDVQQDEw02Nzg0YmM2OS1mZTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuCcR3CpeSYMtBPFNnjwgi8LOtlyGg5xWk3stRbp5VaEsqU5cRWRF1KxF
m6zKDGgRMKu7IsCB0bdNx7nvSuAPTmBmcXg7FH8DDjfjZmSyjhpAtUA7+/VyB86O
ae6DQGCSj891+UMJq4/Wg5ldSllgOIeuggTXsnkLlAJxxB2fcTJnvrWqVNwxbuHN
Vt3BKEtbuH3TKXW42Th62+MNeG/Ii2adG+BzjgAgUv8He9kzhN5y5PhLOGr6qpAg
NCrZn+bgCJDa8SaxwAXM5vABrP4hhFRgS6kEATuJ4Z9eLtYhzv66SVIfGrkaDUsj
SAY0zBIpBV9MPahnpm+FBZFmkPbC/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIqA
oHHwmT1J6pkk0ltx2LdKDZboMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QURBNTRDMEQxN0QxMUVGOUM0MTVBQjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3oMA0GCSqGSIb3DQEBCwUA
A4IBAQAxH2KFqNquzIBkBHxOdGPRKql3SYgYhHPSFnwo1i7OJP6hn9rNDnJbnaIm
sBZIHjY1/rIJhbriYH05UM3SymFrD0e8iHTriMIFMYwZQryQk8APXV85ZBjXCYZy
NhhesYBttPZCL/IqalZxRhsTeYDken9izjAZUR28I12kAwFxvH1zl/NtPTl6Dxam
W4RRPBDrmHmSA48gS6VWHrXJ0I3m/aBPoyaSEHGQ+OD0JW8OIzWmmZtLN6vEq6wb
4XHjpZ5T8yVzGmPm+gebZ5GSaThYzxPDEwlB2Hrf8QI6g7v9d5DCKORvkEi6Zuj5
rUPdrNFKqjC4b5PzGfL3du169vE7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:42 2025 by rpki-client