Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82012D8ED31511EFA16DDB51762E951A.roa
File: 82012D8ED31511EFA16DDB51762E951A.roa (raw, json)
Hash identifier: ABFfdz1UndegZq3IFQKVgqO5TPV/2hkmNjwGaxmuP9c=
Subject key identifier: CB:8A:64:72:A1:65:A5:3F:F3:B0:18:EC:5C:65:98:AC:52:C9:4A:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010869
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82012D8ED31511EFA16DDB51762E951A.roa
Signing time: Wed 15 Jan 2025 07:51:20 +0000
ROA not before: Wed 15 Jan 2025 07:51:16 +0000
ROA not after: Mon 03 Jan 2028 07:51:16 +0000
asID: 17561
IP address blocks: 156.254.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67689 (0x10869)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:51:16 2025 GMT
Not After : Jan 3 07:51:16 2028 GMT
Subject: CN=678768f8-e400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c7:9e:34:19:87:b2:e7:33:35:51:b8:ca:1b:
0e:d3:e5:0a:07:65:24:be:71:ba:4d:f1:22:38:70:
cb:d5:a9:88:0c:5f:6b:cd:34:cc:d8:33:bb:ff:4a:
b2:5c:8c:81:1b:6b:1e:ec:91:0f:9d:8f:a4:4c:69:
3e:16:ff:29:11:55:3b:00:e1:bf:1e:e3:49:f8:98:
d4:bf:99:6e:4c:61:bc:76:09:6a:06:85:0f:d9:d7:
82:bb:87:60:6e:29:23:6e:60:e9:40:3e:05:3d:6a:
af:5c:a1:a4:0d:2f:57:8e:3d:b1:62:0f:2f:c5:46:
6f:03:35:86:7b:07:16:4d:bf:08:91:c0:62:09:4d:
bd:d2:b7:d7:51:3a:4a:ae:96:3c:5b:2e:ae:37:f5:
b3:5d:36:ba:93:dd:bc:3e:5f:b1:27:20:6c:77:ee:
43:7f:8c:c1:f9:f8:ce:19:5b:4c:45:ea:8a:e2:b5:
e1:31:94:90:99:2f:f6:69:aa:96:f1:0c:59:72:c2:
13:ca:94:5f:79:01:2e:34:68:11:ff:96:a2:06:67:
29:96:80:3c:7b:53:77:5a:ed:c5:c2:fd:06:fe:7e:
d1:5c:f2:7b:16:cc:0b:10:6c:e5:0e:2a:89:5a:f8:
14:45:4d:fa:23:ac:60:ce:09:ed:3e:4c:c1:d3:03:
7b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8A:64:72:A1:65:A5:3F:F3:B0:18:EC:5C:65:98:AC:52:C9:4A:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/82012D8ED31511EFA16DDB51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.74.0/24
Signature Algorithm: sha256WithRSAEncryption
72:66:9c:e9:67:1e:11:cb:e2:9c:cc:07:60:a2:b6:53:6f:bb:
0c:19:23:16:b7:79:65:18:87:23:f6:35:58:d6:51:56:66:66:
d9:c1:f4:31:e3:81:7d:1a:40:d2:ef:53:b2:80:f2:8e:b3:97:
e8:21:b0:b3:37:92:1f:f9:46:c2:8e:b2:b2:81:0a:7e:b9:0d:
6b:34:96:b4:ed:0f:a9:57:90:69:2b:72:6b:21:c4:4b:43:05:
9c:91:b6:71:d3:8c:d5:d8:0c:77:76:b4:ea:3c:a3:96:5a:ba:
21:a0:c0:c2:ef:9b:43:fe:c8:80:fa:f2:91:12:9c:32:ad:0a:
f6:4e:8d:b4:31:36:97:e5:6d:f5:87:a5:b8:fd:07:67:a2:70:
f6:5b:d6:3a:0b:96:01:4a:8e:b6:44:ff:f3:30:b1:1e:10:54:
5f:0a:52:c0:fd:2d:63:80:8c:51:98:ae:03:8d:f5:e9:3e:bd:
2b:a2:d4:91:51:eb:fe:e7:89:20:77:cc:ba:9c:c0:c3:d1:5d:
52:f4:4c:b3:22:f6:7d:45:55:25:15:dc:6e:04:c4:93:27:cb:
b3:07:60:fa:03:93:81:b7:7f:6e:36:1b:8c:e7:5a:2d:72:9e:
7d:19:ac:5f:1e:41:7b:36:ba:85:50:83:3c:3d:c6:13:ad:e9:
da:d2:00:17
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDc1MTE2WhcNMjgwMTAzMDc1MTE2WjAYMRYw
FAYDVQQDEw02Nzg3NjhmOC1lNDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0ceeNBmHsuczNVG4yhsO0+UKB2UkvnG6TfEiOHDL1amIDF9rzTTM2DO7
/0qyXIyBG2se7JEPnY+kTGk+Fv8pEVU7AOG/HuNJ+JjUv5luTGG8dglqBoUP2deC
u4dgbikjbmDpQD4FPWqvXKGkDS9Xjj2xYg8vxUZvAzWGewcWTb8IkcBiCU290rfX
UTpKrpY8Wy6uN/WzXTa6k928Pl+xJyBsd+5Df4zB+fjOGVtMReqK4rXhMZSQmS/2
aaqW8QxZcsITypRfeQEuNGgR/5aiBmcploA8e1N3Wu3Fwv0G/n7RXPJ7FswLEGzl
DiqJWvgURU36I6xgzgntPkzB0wN7gwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMuK
ZHKhZaU/87AY7FxlmKxSyUoMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MjAxMkQ4RUQzMTUxMUVGQTE2RERCNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5KMA0GCSqGSIb3DQEBCwUA
A4IBAQByZpzpZx4Ry+KczAdgorZTb7sMGSMWt3llGIcj9jVY1lFWZmbZwfQx44F9
GkDS71OygPKOs5foIbCzN5If+UbCjrKygQp+uQ1rNJa07Q+pV5BpK3JrIcRLQwWc
kbZx04zV2Ax3drTqPKOWWrohoMDC75tD/siA+vKREpwyrQr2To20MTaX5W31h6W4
/QdnonD2W9Y6C5YBSo62RP/zMLEeEFRfClLA/S1jgIxRmK4DjfXpPr0rotSRUev+
54kgd8y6nMDD0V1S9EyzIvZ9RVUlFdxuBMSTJ8uzB2D6A5OBt39uNhuM51otcp59
GaxfHkF7NrqFUIM8PcYTrena0gAX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:43 2025 by rpki-client