Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BE0F214C94B11EFAF8F1096762E951A.roa
File: 7BE0F214C94B11EFAF8F1096762E951A.roa (raw, json)
Hash identifier: JlWn/Yp7VhWid/4+MpNNWyzPRs5Vus6Md6zBsj4iZvU=
Subject key identifier: 18:F3:45:C0:13:C5:41:F2:A3:33:CA:98:17:92:FF:AC:D6:5B:36:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F392
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BE0F214C94B11EFAF8F1096762E951A.roa
Signing time: Thu 02 Jan 2025 20:52:31 +0000
ROA not before: Thu 02 Jan 2025 20:52:27 +0000
ROA not after: Mon 13 Dec 2027 20:52:27 +0000
asID: 17561
IP address blocks: 156.225.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62354 (0xf392)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:52:27 2025 GMT
Not After : Dec 13 20:52:27 2027 GMT
Subject: CN=6776fc8f-6e95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:13:0c:ad:f8:86:0d:17:7d:be:74:58:e5:93:
d1:47:d6:52:3e:1d:f6:d6:44:e0:d7:fe:07:e3:b1:
d1:51:d0:8e:00:4c:62:f3:f3:1d:3d:31:79:05:41:
f6:88:b0:23:a3:c0:25:38:a4:2e:7d:93:07:10:7a:
7b:a0:75:28:39:35:0e:0d:6f:a6:f9:c3:7f:e3:74:
ae:c9:20:95:30:2d:63:e8:d0:48:a9:2c:c3:10:4a:
9e:cd:cd:d9:6b:b7:53:70:b7:62:82:c0:99:d2:4f:
fa:23:db:01:73:fd:39:86:55:90:04:a6:88:f8:6a:
6b:46:37:85:26:ea:4c:e9:51:89:94:10:06:53:4a:
34:f3:73:88:3c:14:9d:c3:ed:b7:a8:3b:45:64:9d:
83:70:a8:02:a4:f1:93:87:c5:66:51:80:6b:09:6c:
03:d6:0a:2a:1a:e3:4a:c0:83:9c:aa:0b:a4:71:48:
98:ea:47:ce:05:5a:03:55:73:4c:61:91:da:7c:de:
03:51:8f:c2:a7:1f:ed:e6:e9:7b:bb:31:6e:39:6e:
a1:c0:24:61:d8:86:73:a8:90:f8:24:dc:32:e4:d5:
36:3d:ff:f1:2f:4b:13:3b:32:fe:c0:7a:8f:1f:6c:
70:7d:b8:33:0f:8a:0f:9f:94:7b:49:cb:78:f2:38:
ad:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F3:45:C0:13:C5:41:F2:A3:33:CA:98:17:92:FF:AC:D6:5B:36:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BE0F214C94B11EFAF8F1096762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.160.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a1:4c:c8:73:69:51:9b:fb:7c:92:a9:e7:ef:fd:8c:50:d1:
0d:e9:b9:d6:f0:0b:f1:6d:9b:79:32:c0:66:56:35:b6:d8:73:
95:e7:20:e0:33:4a:6c:34:fc:77:ee:df:b7:84:ab:9c:e0:b6:
9e:5e:33:eb:0f:8d:2f:78:dd:88:0f:23:b9:5b:d6:54:4b:cd:
64:1b:77:00:4e:a1:06:07:47:bf:97:52:2c:8c:0b:1c:f5:a7:
88:82:07:a0:0c:40:cc:20:6d:a0:53:33:67:d8:b5:0b:da:7d:
97:3b:9c:fc:62:6a:25:3a:1c:0a:92:74:96:d7:9d:37:62:b0:
6a:e4:39:3f:4f:b9:6b:b1:11:65:0d:ed:50:22:da:fe:2a:0a:
4b:fd:23:8f:81:75:c1:4e:88:8f:ef:98:b8:50:f2:51:b2:20:
8a:9c:e5:bf:c6:5b:3f:75:3d:82:c7:96:13:29:a7:02:a9:80:
af:cd:da:4b:86:e2:1f:0a:43:7f:95:19:bc:02:f6:87:e5:58:
a4:10:56:87:c6:4d:19:ab:eb:6c:fa:dd:30:2a:90:36:22:29:
54:5e:24:b7:14:90:8c:b5:89:56:06:46:d8:f1:c2:24:ae:9e:
55:02:f1:e8:5c:04:7c:dc:38:07:a2:d0:6e:0e:9a:ba:c4:7b:
a3:58:a0:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPOSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjA1MjI3WhcNMjcxMjEzMjA1MjI3WjAYMRYw
FAYDVQQDEw02Nzc2ZmM4Zi02ZTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7hMMrfiGDRd9vnRY5ZPRR9ZSPh321kTg1/4H47HRUdCOAExi8/MdPTF5
BUH2iLAjo8AlOKQufZMHEHp7oHUoOTUODW+m+cN/43SuySCVMC1j6NBIqSzDEEqe
zc3Za7dTcLdigsCZ0k/6I9sBc/05hlWQBKaI+GprRjeFJupM6VGJlBAGU0o083OI
PBSdw+23qDtFZJ2DcKgCpPGTh8VmUYBrCWwD1goqGuNKwIOcqgukcUiY6kfOBVoD
VXNMYZHafN4DUY/Cpx/t5ul7uzFuOW6hwCRh2IZzqJD4JNwy5NU2Pf/xL0sTOzL+
wHqPH2xwfbgzD4oPn5R7Sct48jitaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBjz
RcATxUHyozPKmBeS/6zWWzbfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QkUwRjIxNEM5NEIxMUVGQUY4RjEwOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOGgMA0GCSqGSIb3DQEBCwUA
A4IBAQBYoUzIc2lRm/t8kqnn7/2MUNEN6bnW8AvxbZt5MsBmVjW22HOV5yDgM0ps
NPx37t+3hKuc4LaeXjPrD40veN2IDyO5W9ZUS81kG3cATqEGB0e/l1IsjAsc9aeI
ggegDEDMIG2gUzNn2LUL2n2XO5z8YmolOhwKknSW1503YrBq5Dk/T7lrsRFlDe1Q
Itr+KgpL/SOPgXXBToiP75i4UPJRsiCKnOW/xls/dT2Cx5YTKacCqYCvzdpLhuIf
CkN/lRm8AvaH5VikEFaHxk0Zq+ts+t0wKpA2IilUXiS3FJCMtYlWBkbY8cIkrp5V
AvHoXAR83DgHotBuDpq6xHujWKCL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:08 2025 by rpki-client