Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E731FA8D17E11EF9C78F3B6762E951A.roa
File: 7E731FA8D17E11EF9C78F3B6762E951A.roa (raw, json)
Hash identifier: igQnPRCSx6YGzB0dKaCN4sGBcAD3Rxkq8U6dkTzhDm4=
Subject key identifier: E7:B8:B5:1E:2C:04:C6:8C:88:42:0A:D8:4F:DA:E0:9A:D9:85:1A:60
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01068C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E731FA8D17E11EF9C78F3B6762E951A.roa
Signing time: Mon 13 Jan 2025 07:17:49 +0000
ROA not before: Mon 13 Jan 2025 07:17:45 +0000
ROA not after: Thu 20 Feb 2025 07:17:45 +0000
asID: 60223
IP address blocks: 156.253.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67212 (0x1068c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 07:17:45 2025 GMT
Not After : Feb 20 07:17:45 2025 GMT
Subject: CN=6784be1d-dc27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3c:88:85:74:ff:39:d9:84:a2:92:cd:c2:ac:
94:b2:34:6c:4c:11:33:97:81:71:b6:31:e8:e2:8b:
38:9b:ea:90:cc:c6:4f:c7:07:52:4a:04:b9:21:d4:
90:4a:0c:5a:0e:21:88:d1:e4:8a:51:00:da:3b:5a:
b0:b2:9a:c7:e5:de:ea:3a:54:d2:1e:b0:27:06:a2:
08:f7:18:cd:68:25:a0:cf:d9:ce:30:32:5f:a5:5a:
12:eb:a7:f7:93:71:e4:92:8d:88:3b:0e:88:ac:c1:
f7:93:56:ba:0f:ac:8f:19:48:93:8d:6d:a5:f1:31:
40:ad:4a:5e:f1:0b:8b:89:4d:0c:00:b8:0d:64:4e:
9e:d9:a5:4a:33:45:c5:d7:5d:8f:a5:c6:a0:23:42:
fa:56:87:2b:a1:c6:e8:e5:2b:c4:ad:20:2f:0a:78:
30:8c:b8:e3:2a:7d:52:f9:26:ef:f4:4d:38:c0:54:
63:e7:4d:63:7d:e5:d9:aa:d4:60:69:a7:2c:9c:77:
2a:d3:e2:1e:fb:35:fe:75:d4:b0:cc:a4:7e:b3:d2:
79:45:e1:7c:34:01:b9:d1:66:68:ff:91:d8:2c:b5:
e0:bb:72:2a:1a:41:ef:67:15:a7:25:c4:78:af:41:
a6:b6:e8:0b:23:f5:20:8e:f3:db:63:2e:18:0c:bf:
9e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B8:B5:1E:2C:04:C6:8C:88:42:0A:D8:4F:DA:E0:9A:D9:85:1A:60
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E731FA8D17E11EF9C78F3B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.227.0/24
Signature Algorithm: sha256WithRSAEncryption
04:a2:4e:4c:26:6d:93:e9:fe:02:64:c0:df:1d:08:40:2d:f1:
bc:d4:c1:0e:0e:2e:31:25:5a:be:81:d7:f5:1c:7d:1b:3e:3f:
18:ff:c5:82:41:f4:0a:dd:be:a0:62:96:94:f0:5c:5c:e8:29:
85:8f:c1:1a:1f:d4:92:f5:53:af:e0:93:af:b0:f6:d4:fd:c6:
72:e9:e8:9a:d3:f7:19:04:45:8f:a3:f9:c3:64:b1:e3:07:17:
c6:f6:e8:7e:a2:52:13:b4:10:fa:07:bf:64:d0:95:16:83:52:
99:08:ee:19:c8:d5:10:ce:06:e1:9a:6c:51:b5:f2:63:1a:80:
37:24:0a:8d:6f:10:0b:41:8d:70:a2:7a:19:aa:8e:85:df:7c:
0e:7c:4e:57:06:bf:ab:dd:b0:2b:b2:e8:9a:7b:c2:19:60:75:
93:00:1d:79:08:27:e5:d0:ec:5d:ae:6a:ee:bd:bc:34:81:65:
09:e1:33:a0:d9:ea:4e:a1:35:a8:02:fb:f4:4e:2f:ed:31:c3:
29:e7:70:78:85:cf:75:17:ef:49:77:8c:e2:ac:55:a9:8a:75:
c3:ea:ce:47:75:f1:1b:56:d8:9a:7f:fd:9c:33:ef:57:39:5e:
f8:be:1a:7b:9a:67:f7:e7:9c:a1:91:0e:f6:cc:0f:66:5d:79:
9e:a1:f0:98
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQaMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDcxNzQ1WhcNMjUwMjIwMDcxNzQ1WjAYMRYw
FAYDVQQDEw02Nzg0YmUxZC1kYzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAojyIhXT/OdmEopLNwqyUsjRsTBEzl4FxtjHo4os4m+qQzMZPxwdSSgS5
IdSQSgxaDiGI0eSKUQDaO1qwsprH5d7qOlTSHrAnBqII9xjNaCWgz9nOMDJfpVoS
66f3k3Hkko2IOw6IrMH3k1a6D6yPGUiTjW2l8TFArUpe8QuLiU0MALgNZE6e2aVK
M0XF112PpcagI0L6Vocrocbo5SvErSAvCngwjLjjKn1S+Sbv9E04wFRj501jfeXZ
qtRgaacsnHcq0+Ie+zX+ddSwzKR+s9J5ReF8NAG50WZo/5HYLLXgu3IqGkHvZxWn
JcR4r0GmtugLI/UgjvPbYy4YDL+eawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOe4
tR4sBMaMiEIK2E/a4JrZhRpgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RTczMUZBOEQxN0UxMUVGOUM3OEYzQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3jMA0GCSqGSIb3DQEBCwUA
A4IBAQAEok5MJm2T6f4CZMDfHQhALfG81MEODi4xJVq+gdf1HH0bPj8Y/8WCQfQK
3b6gYpaU8Fxc6CmFj8EaH9SS9VOv4JOvsPbU/cZy6eia0/cZBEWPo/nDZLHjBxfG
9uh+olITtBD6B79k0JUWg1KZCO4ZyNUQzgbhmmxRtfJjGoA3JAqNbxALQY1wonoZ
qo6F33wOfE5XBr+r3bArsuiae8IZYHWTAB15CCfl0Oxdrmruvbw0gWUJ4TOg2epO
oTWoAvv0Ti/tMcMp53B4hc91F+9Jd4zirFWpinXD6s5HdfEbVtiaf/2cM+9XOV74
vhp7mmf355yhkQ72zA9mXXmeofCY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:09 2025 by rpki-client