Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8E25A9CECD6F11EFB2A58D7E762E951A.roa
File: 8E25A9CECD6F11EFB2A58D7E762E951A.roa (raw, json)
Hash identifier: UpXv4TkIgOvH64F9AUfvjvjFmclWPEWL9Jc44SRMwak=
Subject key identifier: 7D:82:CD:5F:48:B6:81:ED:7C:97:11:3B:1A:30:CE:22:AB:68:64:4B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF7F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8E25A9CECD6F11EFB2A58D7E762E951A.roa
Signing time: Wed 08 Jan 2025 03:20:48 +0000
ROA not before: Wed 08 Jan 2025 03:20:44 +0000
ROA not after: Mon 13 Dec 2027 03:20:44 +0000
asID: 17561
IP address blocks: 156.248.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65407 (0xff7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 03:20:44 2025 GMT
Not After : Dec 13 03:20:44 2027 GMT
Subject: CN=677def10-008b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b0:d9:1d:32:2b:f4:14:87:f3:e0:86:ab:b8:
96:23:44:6c:65:ff:56:01:2c:69:64:69:71:16:53:
b9:aa:92:2f:71:37:8f:19:10:f9:2a:fe:85:05:c6:
05:a4:94:3b:62:ba:28:5e:73:05:f0:2e:e6:43:de:
a6:1e:b5:6b:71:5e:ef:03:b2:aa:df:25:43:a0:15:
97:80:c0:6a:88:39:69:fe:b0:9d:14:31:b5:3b:b8:
1e:ba:1d:a7:34:6e:bd:28:05:f6:0f:b8:77:45:d8:
87:ec:8c:d5:6a:3f:a9:35:d9:3e:c4:08:1d:ae:5f:
d2:9a:84:29:04:11:4c:f3:83:95:52:41:00:74:e3:
e8:b2:f3:53:a3:33:6b:1c:1c:05:4e:29:a8:21:f1:
69:cb:68:28:9e:ed:a3:fd:a9:91:98:9b:4b:47:c5:
62:c7:37:de:32:d3:20:67:c2:7a:a9:31:75:7c:4d:
28:25:cb:26:31:5b:e2:5e:54:5a:67:6d:db:de:30:
d8:55:31:60:35:b3:60:aa:46:9b:af:fd:15:f0:c0:
29:58:46:41:3d:04:06:47:7a:13:e9:56:59:18:15:
91:ac:ed:6c:97:49:77:2f:95:d9:de:1c:e6:e1:de:
c5:c5:7e:8d:28:e5:35:c7:19:74:33:1f:8c:78:c6:
2f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:82:CD:5F:48:B6:81:ED:7C:97:11:3B:1A:30:CE:22:AB:68:64:4B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8E25A9CECD6F11EFB2A58D7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.25.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:5b:22:9f:f4:69:b8:b8:bc:ae:e8:73:da:59:e6:68:6a:ae:
49:79:ef:51:96:1a:20:32:3b:28:cf:53:06:c6:63:e6:43:63:
1f:ea:fb:14:dc:7c:39:41:a3:e2:cf:62:b4:1e:78:e5:ad:1e:
ad:42:1b:24:41:20:0a:eb:43:75:5b:37:b8:3e:bd:61:68:c3:
30:82:d0:ae:a9:1e:1f:82:26:fa:3e:6a:d3:a7:7e:f9:b2:6b:
0c:24:56:68:f3:7b:91:ec:fc:1e:e0:0f:1e:dd:39:26:ab:7d:
99:80:e7:6f:a5:88:eb:ab:8b:87:a8:13:c8:ee:ab:80:ad:df:
7f:67:9b:4a:bf:62:75:60:f5:7b:b1:ec:32:27:0e:53:1d:6b:
6c:f4:95:0f:ef:3d:74:ac:71:49:5f:a4:09:78:ad:5e:cb:56:
6a:ba:ab:73:11:ac:8e:b9:16:ad:17:80:c2:61:13:78:9d:1b:
ad:3d:54:7e:b3:14:f1:33:64:49:ba:fd:5c:f8:7d:2c:14:a8:
28:59:f0:70:92:20:bc:b8:0e:e4:cb:9e:86:fd:5d:8e:29:27:
d4:5c:c6:82:b7:39:e8:b9:c7:02:2a:ce:40:6d:71:6b:93:01:
a7:97:ab:e9:c8:6f:da:9d:2f:78:d1:a0:86:11:b6:21:5b:ff:
f5:a6:21:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP9/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDMyMDQ0WhcNMjcxMjEzMDMyMDQ0WjAYMRYw
FAYDVQQDEw02NzdkZWYxMC0wMDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxbDZHTIr9BSH8+CGq7iWI0RsZf9WASxpZGlxFlO5qpIvcTePGRD5Kv6F
BcYFpJQ7YrooXnMF8C7mQ96mHrVrcV7vA7Kq3yVDoBWXgMBqiDlp/rCdFDG1O7ge
uh2nNG69KAX2D7h3RdiH7IzVaj+pNdk+xAgdrl/SmoQpBBFM84OVUkEAdOPosvNT
ozNrHBwFTimoIfFpy2gonu2j/amRmJtLR8VixzfeMtMgZ8J6qTF1fE0oJcsmMVvi
XlRaZ23b3jDYVTFgNbNgqkabr/0V8MApWEZBPQQGR3oT6VZZGBWRrO1sl0l3L5XZ
3hzm4d7FxX6NKOU1xxl0Mx+MeMYvhQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH2C
zV9ItoHtfJcROxowziKraGRLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RTI1QTlDRUNENkYxMUVGQjJBNThEN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPgZMA0GCSqGSIb3DQEBCwUA
A4IBAQAeWyKf9Gm4uLyu6HPaWeZoaq5Jee9RlhogMjsoz1MGxmPmQ2Mf6vsU3Hw5
QaPiz2K0HnjlrR6tQhskQSAK60N1Wze4Pr1haMMwgtCuqR4fgib6PmrTp375smsM
JFZo83uR7Pwe4A8e3Tkmq32ZgOdvpYjrq4uHqBPI7quArd9/Z5tKv2J1YPV7sewy
Jw5THWts9JUP7z10rHFJX6QJeK1ey1ZquqtzEayOuRatF4DCYRN4nRutPVR+sxTx
M2RJuv1c+H0sFKgoWfBwkiC8uA7ky56G/V2OKSfUXMaCtznouccCKs5AbXFrkwGn
l6vpyG/anS940aCGEbYhW//1piHn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:40 2025 by rpki-client