Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E8CCA10C35B11EFBCFB4862762E951A.roa
File: 7E8CCA10C35B11EFBCFB4862762E951A.roa (raw, json)
Hash identifier: EpUeEd1emU1njjBlgvCH+Y1HS5X358e38qRq75AKbrA=
Subject key identifier: 25:93:B4:B9:3D:72:17:FE:98:0D:17:50:88:85:43:DE:89:F7:ED:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC67
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E8CCA10C35B11EFBCFB4862762E951A.roa
Signing time: Thu 26 Dec 2024 07:32:01 +0000
ROA not before: Thu 26 Dec 2024 07:31:57 +0000
ROA not after: Sun 23 Feb 2025 07:31:57 +0000
asID: 63139
IP address blocks: 156.225.112.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60519 (0xec67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 07:31:57 2024 GMT
Not After : Feb 23 07:31:57 2025 GMT
Subject: CN=676d0670-2b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:74:cc:48:35:36:f2:5d:1c:ec:38:2f:18:
15:9f:8a:71:90:e2:ea:8b:a5:be:b3:14:e8:35:99:
05:a9:54:88:30:96:3d:25:64:77:06:4a:49:eb:36:
23:93:56:a3:f7:b3:0f:dc:fb:7f:85:f3:e9:a1:b4:
57:16:ec:58:d1:b1:00:ef:67:ab:1d:14:80:56:87:
97:bf:9d:fa:cb:f7:09:5e:60:9b:18:18:ca:2b:36:
b7:82:6b:03:a9:89:a3:0a:76:5a:f7:2d:bd:48:c3:
a8:49:99:b7:de:c3:f8:4d:25:f1:4b:7d:f6:c7:20:
2c:dd:00:ba:3d:4b:45:ba:79:99:5b:40:9a:3d:74:
70:3b:6b:37:0b:22:f9:f3:10:d2:21:5a:b9:43:70:
5c:fa:33:d1:f6:c1:48:05:bd:90:f5:bd:a9:49:f5:
c4:4c:fd:a1:9d:02:75:00:a0:96:17:bb:03:d2:ad:
54:4a:19:17:67:12:bf:93:1f:28:c4:64:f9:b8:ef:
f8:cd:3a:8d:d4:62:3b:d0:40:09:74:4b:fd:58:68:
94:db:a4:54:a8:80:59:91:19:74:63:10:2b:b9:ec:
e3:58:af:e1:7b:7c:bb:0f:0d:bd:76:d5:9c:29:a2:
09:29:90:d3:d5:a2:90:fd:35:dc:10:18:d2:37:ce:
c7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:93:B4:B9:3D:72:17:FE:98:0D:17:50:88:85:43:DE:89:F7:ED:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E8CCA10C35B11EFBCFB4862762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.112.0/20
Signature Algorithm: sha256WithRSAEncryption
27:ac:f6:cb:de:4c:6c:42:89:e1:67:57:9b:63:46:60:af:6a:
19:3e:ff:49:4e:cb:7f:1b:2e:ae:c8:01:f9:41:00:47:19:e7:
e5:ab:52:74:b9:ee:4c:d6:49:05:29:df:69:4b:b5:ba:02:b3:
4e:ee:78:99:c3:99:1f:89:e3:3f:72:84:65:64:53:6a:91:23:
bb:75:db:e5:e9:ac:02:f8:6f:45:54:7c:55:4a:9f:1d:f1:7d:
14:ac:7d:0d:cf:5f:e8:4b:aa:d1:d6:21:6c:2e:df:ca:10:0c:
9e:ec:45:df:7d:ea:fd:2f:e6:71:7c:c5:72:8f:33:ca:78:9d:
44:f2:9d:b2:eb:5a:02:92:c3:6f:01:79:d9:a7:53:2a:fc:ed:
25:7f:5c:42:7c:7f:8c:fc:37:8e:5a:a6:c9:91:e5:bc:4d:d3:
8a:b1:27:48:71:35:ab:ff:da:48:81:61:8b:22:b1:9d:85:ac:
4a:fd:df:7e:2d:ea:6e:b5:cd:9c:c1:5d:c9:8d:0a:a5:08:a9:
4c:ad:f0:1f:e6:9d:ae:b5:55:56:01:10:07:c5:e4:9b:58:07:
a5:9e:ab:85:25:ed:ee:09:57:e9:bb:2c:6e:84:35:e1:ce:c3:
2f:3d:1f:ea:b9:dd:1b:bb:8f:85:3a:87:64:97:e4:6b:8f:ea:
93:31:a9:1c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOxnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDczMTU3WhcNMjUwMjIzMDczMTU3WjAYMRYw
FAYDVQQDEw02NzZkMDY3MC0yYjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuwB0zEg1NvJdHOw4LxgVn4pxkOLqi6W+sxToNZkFqVSIMJY9JWR3BkpJ
6zYjk1aj97MP3Pt/hfPpobRXFuxY0bEA72erHRSAVoeXv536y/cJXmCbGBjKKza3
gmsDqYmjCnZa9y29SMOoSZm33sP4TSXxS332xyAs3QC6PUtFunmZW0CaPXRwO2s3
CyL58xDSIVq5Q3Bc+jPR9sFIBb2Q9b2pSfXETP2hnQJ1AKCWF7sD0q1UShkXZxK/
kx8oxGT5uO/4zTqN1GI70EAJdEv9WGiU26RUqIBZkRl0YxAruezjWK/he3y7Dw29
dtWcKaIJKZDT1aKQ/TXcEBjSN87H3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCWT
tLk9chf+mA0XUIiFQ96J9+3uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RThDQ0ExMEMzNUIxMUVGQkNGQjQ4NjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOFwMA0GCSqGSIb3DQEBCwUA
A4IBAQAnrPbL3kxsQonhZ1ebY0Zgr2oZPv9JTst/Gy6uyAH5QQBHGeflq1J0ue5M
1kkFKd9pS7W6ArNO7niZw5kfieM/coRlZFNqkSO7ddvl6awC+G9FVHxVSp8d8X0U
rH0Nz1/oS6rR1iFsLt/KEAye7EXffer9L+ZxfMVyjzPKeJ1E8p2y61oCksNvAXnZ
p1Mq/O0lf1xCfH+M/DeOWqbJkeW8TdOKsSdIcTWr/9pIgWGLIrGdhaxK/d9+Lepu
tc2cwV3JjQqlCKlMrfAf5p2utVVWARAHxeSbWAelnquFJe3uCVfpuyxuhDXhzsMv
PR/qud0bu4+FOodkl+Rrj+qTMakc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:54 2025 by rpki-client