Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F633CCCCD8711EFA586A994762E951A.roa
File: 7F633CCCCD8711EFA586A994762E951A.roa (raw, json)
Hash identifier: jGVW4V+lpiFl/mUjUZgG2vA0h0O61PhiWuJrSfcE6pQ=
Subject key identifier: C9:D8:46:11:6F:33:CE:77:7D:CA:B8:36:CA:18:DF:D3:B7:BC:CC:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010035
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F633CCCCD8711EFA586A994762E951A.roa
Signing time: Wed 08 Jan 2025 06:12:11 +0000
ROA not before: Wed 08 Jan 2025 06:12:08 +0000
ROA not after: Mon 13 Dec 2027 06:12:08 +0000
asID: 17561
IP address blocks: 156.252.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65589 (0x10035)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 06:12:08 2025 GMT
Not After : Dec 13 06:12:08 2027 GMT
Subject: CN=677e173b-cdfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fd:32:68:e3:88:c4:93:d1:eb:ee:1a:58:f7:
27:e3:08:33:62:a8:31:5b:b4:ae:94:22:67:28:d4:
45:f9:20:24:c5:b3:52:d8:a3:66:4a:bb:f3:44:4d:
7b:c6:d5:c3:d5:3c:f7:9e:47:6e:a7:e1:a4:47:cf:
52:19:27:c3:3f:5b:97:5a:ef:62:56:d2:1c:79:20:
df:52:61:80:9b:24:2a:ba:64:6d:44:c9:02:21:17:
0e:49:f8:10:67:a9:bb:d2:97:98:3f:44:5d:5f:ee:
a9:9e:bb:d7:8e:f0:29:33:de:82:5f:c1:ab:b1:a0:
ea:35:96:80:3e:bb:76:50:22:20:2d:ee:7d:03:bd:
fa:7c:f9:af:61:3b:68:fe:76:ba:96:67:cf:f0:25:
47:31:7b:8a:13:3e:ef:69:6d:f8:c1:12:36:a8:e9:
c0:b1:ed:73:b2:bd:8c:c0:7f:72:78:ee:54:54:a6:
fd:f6:b8:7b:81:b9:2e:18:14:e2:2e:4d:6c:bb:71:
25:73:5b:c9:7d:45:b1:24:b0:14:36:27:51:b1:20:
a0:77:2f:57:68:ca:77:15:68:75:e1:f4:c3:d7:7f:
4e:5b:da:cc:08:e4:c0:7e:cb:c2:1e:ef:02:d6:96:
1e:c2:c3:45:1c:28:b0:88:5f:b5:95:d1:75:83:30:
e7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D8:46:11:6F:33:CE:77:7D:CA:B8:36:CA:18:DF:D3:B7:BC:CC:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F633CCCCD8711EFA586A994762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.39.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:9e:f2:66:96:0e:c7:84:c4:a9:76:8c:5c:74:74:34:57:ea:
44:83:2f:e0:65:d8:93:2e:8a:7e:0e:38:23:1b:b3:7a:03:4f:
8c:c3:f6:d0:e8:f6:8c:ad:6b:c8:88:ba:00:e8:63:d9:b6:c6:
c4:98:7d:3a:09:52:ce:b4:fa:e0:d2:d0:51:9a:f4:b0:3b:a6:
a4:45:92:9b:e7:3e:06:19:7f:ba:7a:11:e5:82:bc:78:a4:ce:
78:a6:40:e7:b9:36:05:28:f1:ff:41:58:8f:b7:46:22:b7:bb:
c3:96:e9:6b:19:79:a0:af:84:cc:a9:54:3b:15:e0:6f:92:a5:
c6:1d:7b:0c:09:a3:fa:24:a5:f5:fa:e5:4a:6e:83:33:74:35:
f0:23:f8:cc:f2:76:6d:39:28:00:24:5d:a7:ac:5c:5b:0d:39:
cb:80:ed:2f:54:be:42:51:ae:c0:49:35:b8:48:d7:be:0c:be:
07:93:32:18:e5:a3:5f:c0:e9:10:a3:ae:92:41:83:3d:4d:90:
9e:60:3b:8f:6c:88:d8:ce:7d:fb:92:a1:b3:d0:a1:43:4f:4b:
dc:65:13:29:a7:76:a5:3f:25:e1:09:d6:34:0f:7c:fd:b0:37:
75:01:b6:15:6d:ec:61:f0:ff:d5:b6:d0:27:b0:d7:41:f5:e2:
51:a2:9e:cf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQA1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDYxMjA4WhcNMjcxMjEzMDYxMjA4WjAYMRYw
FAYDVQQDEw02NzdlMTczYi1jZGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv/0yaOOIxJPR6+4aWPcn4wgzYqgxW7SulCJnKNRF+SAkxbNS2KNmSrvz
RE17xtXD1Tz3nkdup+GkR89SGSfDP1uXWu9iVtIceSDfUmGAmyQqumRtRMkCIRcO
SfgQZ6m70peYP0RdX+6pnrvXjvApM96CX8GrsaDqNZaAPrt2UCIgLe59A736fPmv
YTto/na6lmfP8CVHMXuKEz7vaW34wRI2qOnAse1zsr2MwH9yeO5UVKb99rh7gbku
GBTiLk1su3Elc1vJfUWxJLAUNidRsSCgdy9XaMp3FWh14fTD139OW9rMCOTAfsvC
Hu8C1pYewsNFHCiwiF+1ldF1gzDnmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMnY
RhFvM853fcq4NsoY39O3vMwYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RjYzM0NDQ0NEODcxMUVGQTU4NkE5OTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwnMA0GCSqGSIb3DQEBCwUA
A4IBAQArnvJmlg7HhMSpdoxcdHQ0V+pEgy/gZdiTLop+DjgjG7N6A0+Mw/bQ6PaM
rWvIiLoA6GPZtsbEmH06CVLOtPrg0tBRmvSwO6akRZKb5z4GGX+6ehHlgrx4pM54
pkDnuTYFKPH/QViPt0Yit7vDlulrGXmgr4TMqVQ7FeBvkqXGHXsMCaP6JKX1+uVK
boMzdDXwI/jM8nZtOSgAJF2nrFxbDTnLgO0vVL5CUa7ASTW4SNe+DL4HkzIY5aNf
wOkQo66SQYM9TZCeYDuPbIjYzn37kqGz0KFDT0vcZRMpp3alPyXhCdY0D3z9sDd1
AbYVbexh8P/VttAnsNdB9eJRop7P
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:01 2025 by rpki-client