Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F94EA92CCCE11EFBBE45671762E951A.roa
File: 7F94EA92CCCE11EFBBE45671762E951A.roa (raw, json)
Hash identifier: wrDHDgA2InFYpcOvOXu00P2/vDuh9hj+zVr+ICj7Fh8=
Subject key identifier: C6:38:EA:F6:DB:B4:96:8D:77:29:AE:FC:1D:4D:69:84:AD:96:95:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA9E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F94EA92CCCE11EFBBE45671762E951A.roa
Signing time: Tue 07 Jan 2025 08:07:55 +0000
ROA not before: Tue 07 Jan 2025 08:07:51 +0000
ROA not after: Sun 23 Mar 2025 08:07:51 +0000
asID: 142286
IP address blocks: 156.254.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64158 (0xfa9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:07:51 2025 GMT
Not After : Mar 23 08:07:51 2025 GMT
Subject: CN=677ce0db-5d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c1:d6:29:fd:aa:e0:08:1e:ed:c1:56:09:1d:
44:cf:fd:1a:c5:08:3f:56:38:00:ae:31:d8:ce:cf:
ce:65:0d:c5:57:12:5c:03:1d:0d:10:91:28:d5:ee:
6d:31:55:d2:42:bd:9b:ff:2b:7c:3b:44:07:aa:22:
01:18:e8:62:55:dd:01:79:6f:3e:7f:8e:2c:ec:3c:
a1:09:65:ab:95:8d:5c:9b:6a:96:83:6f:6c:87:6b:
25:40:15:ec:c7:6e:5f:1a:42:47:5b:14:94:a0:f0:
30:2b:d5:92:b8:28:2b:5d:82:67:db:c8:3a:ec:84:
e2:e9:76:3b:4b:10:7f:94:93:8f:9b:9e:c7:68:42:
79:5e:4b:21:8d:ff:0a:ae:9b:d8:3e:64:6e:f3:d1:
26:6a:73:8b:2b:62:39:5a:59:01:86:b9:46:bc:12:
a8:ea:ce:77:78:b8:63:27:b6:bd:75:8a:e7:5d:a4:
5d:6c:f2:09:78:b6:6c:96:c8:e6:81:5c:a0:91:17:
ef:73:35:4a:5f:0a:59:82:60:2b:26:c2:55:29:e5:
21:e1:89:04:a3:18:ae:fa:4c:4e:83:1f:cc:26:e6:
e6:d4:08:3c:34:e8:54:86:67:71:fa:31:96:65:23:
9d:31:f1:04:15:c0:b7:1a:61:a5:9b:cb:99:eb:ef:
6f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:38:EA:F6:DB:B4:96:8D:77:29:AE:FC:1D:4D:69:84:AD:96:95:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F94EA92CCCE11EFBBE45671762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.128.0/17
Signature Algorithm: sha256WithRSAEncryption
5e:0a:f6:38:2b:8e:89:10:5f:75:e6:0f:f4:a2:1d:9b:a0:4d:
7c:f5:15:2f:ba:45:84:1c:60:4e:ad:aa:bd:4a:54:5d:88:04:
28:f8:27:2e:70:a6:c5:d7:30:a2:92:69:89:7a:5b:1f:52:6b:
04:59:16:d1:42:ce:49:a2:55:e2:f1:6d:fa:cc:c4:85:cd:35:
d6:21:9e:ac:52:76:9f:94:e8:c6:c9:07:17:fa:d1:80:2e:32:
af:80:6a:95:29:9b:37:38:0f:c5:a9:eb:c1:a0:25:6c:f6:47:
27:38:37:e4:a6:2e:6e:80:79:54:c5:e2:11:d8:22:05:a6:a0:
fa:61:31:bc:4d:f7:a0:dc:35:8b:a6:68:39:c6:ad:7b:06:93:
75:f3:de:eb:15:b0:6c:88:13:32:e3:9c:c0:88:c6:b4:97:f5:
fa:32:95:f4:43:a3:4b:c5:48:10:11:22:6a:2d:25:7b:d1:28:
b7:88:84:31:4e:16:87:69:f6:67:c4:d3:c2:d3:e1:27:47:67:
5d:a4:f1:27:1e:db:e3:80:21:63:ee:df:d9:c0:c4:68:d7:ae:
6e:f8:95:dd:39:54:0c:9a:24:c0:92:54:2f:e3:7c:c3:8f:11:
7e:82:df:9b:98:a8:9b:04:d6:35:16:c4:1e:fc:9c:e0:ff:ab:
94:74:b5:40
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPqeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgwNzUxWhcNMjUwMzIzMDgwNzUxWjAYMRYw
FAYDVQQDEw02NzdjZTBkYi01ZDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0MHWKf2q4Age7cFWCR1Ez/0axQg/VjgArjHYzs/OZQ3FVxJcAx0NEJEo
1e5tMVXSQr2b/yt8O0QHqiIBGOhiVd0BeW8+f44s7DyhCWWrlY1cm2qWg29sh2sl
QBXsx25fGkJHWxSUoPAwK9WSuCgrXYJn28g67ITi6XY7SxB/lJOPm57HaEJ5Xksh
jf8KrpvYPmRu89EmanOLK2I5WlkBhrlGvBKo6s53eLhjJ7a9dYrnXaRdbPIJeLZs
lsjmgVygkRfvczVKXwpZgmArJsJVKeUh4YkEoxiu+kxOgx/MJubm1Ag8NOhUhmdx
+jGWZSOdMfEEFcC3GmGlm8uZ6+9v1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMY4
6vbbtJaNdymu/B1NaYStlpXiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Rjk0RUE5MkNDQ0UxMUVGQkJFNDU2NzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHnP6AMA0GCSqGSIb3DQEBCwUA
A4IBAQBeCvY4K46JEF915g/0oh2boE189RUvukWEHGBOraq9SlRdiAQo+CcucKbF
1zCikmmJelsfUmsEWRbRQs5JolXi8W36zMSFzTXWIZ6sUnaflOjGyQcX+tGALjKv
gGqVKZs3OA/FqevBoCVs9kcnODfkpi5ugHlUxeIR2CIFpqD6YTG8Tfeg3DWLpmg5
xq17BpN1897rFbBsiBMy45zAiMa0l/X6MpX0Q6NLxUgQESJqLSV70Si3iIQxThaH
afZnxNPC0+EnR2ddpPEnHtvjgCFj7t/ZwMRo165u+JXdOVQMmiTAklQv43zDjxF+
gt+bmKibBNY1FsQe/Jzg/6uUdLVA
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:21 2025 by rpki-client