Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D1632ECCF2D11EFBF076D97762E951A.roa
File: 7D1632ECCF2D11EFBF076D97762E951A.roa (raw, json)
Hash identifier: grAYwtdrlKk5z0yg5qacXjFrSAbNDhIMXI+AHkaej1s=
Subject key identifier: 6D:92:99:4A:2E:B6:17:69:F4:A0:BF:6C:9A:AA:BE:F0:C2:0F:BD:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01051D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D1632ECCF2D11EFBF076D97762E951A.roa
Signing time: Fri 10 Jan 2025 08:32:55 +0000
ROA not before: Fri 10 Jan 2025 08:32:51 +0000
ROA not after: Sat 22 Mar 2025 08:32:51 +0000
asID: 142286
IP address blocks: 156.250.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66845 (0x1051d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 08:32:51 2025 GMT
Not After : Mar 22 08:32:51 2025 GMT
Subject: CN=6780db37-7f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:54:08:d9:75:31:50:5c:ce:81:dd:93:a4:6a:
19:ad:99:97:75:23:aa:fa:b2:fa:8d:eb:ef:60:17:
aa:0f:eb:d8:d6:76:af:9a:d7:94:8c:78:c9:0f:0f:
d4:32:c6:40:20:44:b6:b4:b0:04:3c:38:9c:a7:33:
65:23:48:75:d7:e1:2b:44:c3:59:07:14:80:e6:d8:
6a:af:94:46:9c:07:73:a2:e8:40:76:b5:17:c9:5f:
f7:f7:41:27:71:bb:cb:70:49:8d:5c:30:b6:95:dc:
3e:54:93:cb:79:21:ef:07:c0:31:10:a6:35:9c:7a:
1d:00:d3:2f:61:04:4e:1f:fb:dc:e6:d3:9d:3b:99:
53:16:3b:03:30:ea:9f:2d:14:28:d8:38:4a:f8:d1:
64:5f:c3:bc:70:18:31:6b:75:8f:31:f0:7b:ac:25:
c3:d6:cd:f6:49:3e:6e:f1:bc:4c:ce:ef:27:24:d3:
09:7d:cc:43:f9:12:64:cc:71:ef:54:2d:d6:10:bf:
22:66:57:5f:ab:cc:ad:41:ae:73:db:3b:ab:14:4d:
3b:b5:51:75:1d:0b:3a:5e:c2:aa:5c:b3:cf:ef:16:
88:e0:0f:ec:69:a4:43:94:7d:a8:88:39:05:72:09:
57:7c:d4:81:23:ed:6b:e2:75:a4:b4:e5:22:a3:e3:
aa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:92:99:4A:2E:B6:17:69:F4:A0:BF:6C:9A:AA:BE:F0:C2:0F:BD:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D1632ECCF2D11EFBF076D97762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5a:92:b5:6e:72:2b:79:03:7b:b5:69:ff:3d:91:1d:cf:58:f9:
9d:85:6d:5b:59:95:6c:05:98:c8:f0:29:47:22:de:27:13:68:
6a:17:79:63:d8:b8:be:c8:67:6d:17:68:0b:26:ad:d6:19:69:
38:c0:20:ce:64:7d:56:d0:1b:8c:09:94:15:2e:42:5b:86:cb:
1b:7c:a5:fd:10:a5:fc:c8:3a:be:06:88:1d:38:65:22:b2:93:
7e:a6:19:39:77:8a:4f:82:dd:d7:f3:7e:47:40:a4:06:22:69:
aa:b3:04:4d:bf:40:30:72:01:fa:78:e2:c6:30:83:12:14:7a:
a9:c3:9c:d4:24:a0:af:c3:dd:56:c0:49:12:4b:c4:23:7e:65:
64:6b:2e:4d:08:f9:f7:33:11:5d:36:a8:87:d9:00:fd:1c:bd:
fd:dd:a1:e1:4a:c5:fd:6a:e6:c8:78:77:6f:f6:b3:09:e1:38:
79:63:16:ae:e3:c0:ac:28:1f:16:8d:fb:ed:3b:48:4a:3a:1d:
ac:e7:36:ad:6d:5c:6b:7a:92:6c:9b:b6:d7:7a:da:96:51:32:
b4:b6:fa:75:5d:cc:fd:9f:bb:60:67:f1:e5:0a:4d:48:e4:ec:
65:df:d5:10:11:53:c6:4d:b0:a7:92:ff:65:fd:5e:34:10:be:
17:9b:9e:01
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQUdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDgzMjUxWhcNMjUwMzIyMDgzMjUxWjAYMRYw
FAYDVQQDEw02NzgwZGIzNy03ZjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtlQI2XUxUFzOgd2TpGoZrZmXdSOq+rL6jevvYBeqD+vY1navmteUjHjJ
Dw/UMsZAIES2tLAEPDicpzNlI0h11+ErRMNZBxSA5thqr5RGnAdzouhAdrUXyV/3
90EncbvLcEmNXDC2ldw+VJPLeSHvB8AxEKY1nHodANMvYQROH/vc5tOdO5lTFjsD
MOqfLRQo2DhK+NFkX8O8cBgxa3WPMfB7rCXD1s32ST5u8bxMzu8nJNMJfcxD+RJk
zHHvVC3WEL8iZldfq8ytQa5z2zurFE07tVF1HQs6XsKqXLPP7xaI4A/saaRDlH2o
iDkFcglXfNSBI+1r4nWktOUio+OqmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG2S
mUouthdp9KC/bJqqvvDCD72xMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RDE2MzJFQ0NGMkQxMUVGQkYwNzZEOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnPpAMA0GCSqGSIb3DQEBCwUA
A4IBAQBakrVucit5A3u1af89kR3PWPmdhW1bWZVsBZjI8ClHIt4nE2hqF3lj2Li+
yGdtF2gLJq3WGWk4wCDOZH1W0BuMCZQVLkJbhssbfKX9EKX8yDq+BogdOGUispN+
phk5d4pPgt3X835HQKQGImmqswRNv0AwcgH6eOLGMIMSFHqpw5zUJKCvw91WwEkS
S8QjfmVkay5NCPn3MxFdNqiH2QD9HL393aHhSsX9aubIeHdv9rMJ4Th5Yxau48Cs
KB8WjfvtO0hKOh2s5zatbVxrepJsm7bXetqWUTK0tvp1Xcz9n7tgZ/HlCk1I5Oxl
39UQEVPGTbCnkv9l/V40EL4Xm54B
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:46 2025 by rpki-client