Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/910AEC22D2FA11EF984F79A7762E951A.roa
File: 910AEC22D2FA11EF984F79A7762E951A.roa (raw, json)
Hash identifier: 1hOgMmg9noYtrdXVt0JlJSYgsyckqpV5xeqdZaFzOLE=
Subject key identifier: 72:FC:04:59:D4:CF:D8:B1:44:66:A0:B0:FC:7A:77:78:A4:BE:D7:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107C1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/910AEC22D2FA11EF984F79A7762E951A.roa
Signing time: Wed 15 Jan 2025 04:38:29 +0000
ROA not before: Wed 15 Jan 2025 04:38:25 +0000
ROA not after: Mon 03 Jan 2028 04:38:25 +0000
asID: 17561
IP address blocks: 156.254.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67521 (0x107c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:38:25 2025 GMT
Not After : Jan 3 04:38:25 2028 GMT
Subject: CN=67873bc5-6ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9e:81:d9:9b:d4:57:c9:25:b3:eb:0a:97:88:
94:e9:c7:d8:0d:f4:9d:18:ce:be:b8:de:eb:13:c5:
4a:7a:55:66:11:9b:88:d7:62:db:86:14:cf:74:01:
19:3c:68:7a:6c:20:3d:0f:05:4b:d3:05:fa:c4:ec:
eb:45:52:61:cc:60:cf:a2:41:01:4b:7a:ad:29:0e:
a8:47:e8:e8:aa:13:74:af:79:bc:d7:9f:9a:85:10:
71:43:4b:ac:dd:4b:d9:53:93:27:00:f3:7d:f8:95:
27:3b:7b:b4:9a:02:f7:9a:ee:28:46:a6:9b:f3:36:
e4:c7:1c:56:b2:38:e7:8c:e2:94:26:c6:3c:ff:56:
d0:e2:ee:ab:d6:3e:7c:f3:cc:66:4d:15:aa:10:8e:
d5:ff:72:20:c2:c7:d4:2c:23:ea:75:3d:0d:29:bb:
52:57:34:e0:b6:b7:e7:b3:7f:05:f0:0b:1e:aa:d3:
4c:98:b5:89:80:68:d3:0d:3e:54:20:5b:c4:0e:69:
56:27:89:ea:f5:97:75:c7:80:77:95:45:6b:7b:18:
a0:8a:eb:cf:0f:54:99:42:1f:0c:5b:94:59:12:51:
81:ee:da:b4:fe:a5:c2:26:13:23:00:f4:70:d2:31:
7e:e1:79:eb:30:91:8d:f4:43:6f:7e:ad:37:54:55:
2e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FC:04:59:D4:CF:D8:B1:44:66:A0:B0:FC:7A:77:78:A4:BE:D7:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/910AEC22D2FA11EF984F79A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.11.0/24
Signature Algorithm: sha256WithRSAEncryption
47:8e:56:ba:96:ad:0d:03:8c:fa:b7:2d:c2:54:a9:7a:5c:19:
e0:9b:3c:8d:3a:a3:61:41:9c:b5:7d:eb:c4:39:0a:8f:bf:18:
81:9f:bc:75:58:43:f9:4a:4d:02:a4:06:7a:e6:06:8d:b4:22:
fc:3c:de:6e:19:a8:7c:fd:59:d1:00:df:e6:7d:33:b1:01:7a:
b9:f7:f8:85:90:a3:c3:03:e7:3b:8d:df:0a:77:b4:02:25:ff:
1d:0e:fd:02:7b:4d:19:ca:4e:7e:9c:6e:df:50:4a:70:a5:5e:
d6:52:31:ae:2e:20:9b:0d:16:d6:05:6c:19:7a:7d:74:44:77:
cf:fb:0b:16:28:e0:0a:d0:e0:1f:46:21:50:d2:cb:b1:3f:aa:
4a:6f:5f:7e:7a:0a:b2:58:f6:62:0f:94:9e:b1:24:22:43:c5:
7e:75:8c:48:28:15:23:37:5b:88:c7:e6:76:fd:78:fa:4c:30:
c6:f7:52:47:fd:e8:0c:58:f2:a0:a7:aa:93:ee:3f:18:28:24:
dc:05:a1:c4:30:25:f7:f1:97:54:f4:19:01:ac:1b:29:b1:3b:
67:35:c9:80:db:46:8e:de:c2:00:32:ec:f0:a3:6f:89:42:1f:
4e:cc:77:a7:16:a9:86:28:fd:06:44:d5:20:6b:df:e1:62:e3:
2f:ad:44:01
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQfBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQzODI1WhcNMjgwMTAzMDQzODI1WjAYMRYw
FAYDVQQDEw02Nzg3M2JjNS02YWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApp6B2ZvUV8kls+sKl4iU6cfYDfSdGM6+uN7rE8VKelVmEZuI12LbhhTP
dAEZPGh6bCA9DwVL0wX6xOzrRVJhzGDPokEBS3qtKQ6oR+joqhN0r3m815+ahRBx
Q0us3UvZU5MnAPN9+JUnO3u0mgL3mu4oRqab8zbkxxxWsjjnjOKUJsY8/1bQ4u6r
1j5888xmTRWqEI7V/3IgwsfULCPqdT0NKbtSVzTgtrfns38F8AseqtNMmLWJgGjT
DT5UIFvEDmlWJ4nq9Zd1x4B3lUVrexigiuvPD1SZQh8MW5RZElGB7tq0/qXCJhMj
APRw0jF+4XnrMJGN9ENvfq03VFUumQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHL8
BFnUz9ixRGagsPx6d3ikvtfFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MTBBRUMyMkQyRkExMUVGOTg0Rjc5QTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4LMA0GCSqGSIb3DQEBCwUA
A4IBAQBHjla6lq0NA4z6ty3CVKl6XBngmzyNOqNhQZy1fevEOQqPvxiBn7x1WEP5
Sk0CpAZ65gaNtCL8PN5uGah8/VnRAN/mfTOxAXq59/iFkKPDA+c7jd8Kd7QCJf8d
Dv0Ce00Zyk5+nG7fUEpwpV7WUjGuLiCbDRbWBWwZen10RHfP+wsWKOAK0OAfRiFQ
0suxP6pKb19+egqyWPZiD5SesSQiQ8V+dYxIKBUjN1uIx+Z2/Xj6TDDG91JH/egM
WPKgp6qT7j8YKCTcBaHEMCX38ZdU9BkBrBspsTtnNcmA20aO3sIAMuzwo2+JQh9O
zHenFqmGKP0GRNUga9/hYuMvrUQB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:25 2025 by rpki-client