Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C66440AC97111EFB4D1458C762E951A.roa
File: 9C66440AC97111EFB4D1458C762E951A.roa (raw, json)
Hash identifier: 7Pl6EVDbiBFI+SE7ePosTjD4QPnzsuQMb1K2WoVx/uI=
Subject key identifier: 60:34:04:CA:EA:D1:49:D6:4F:D7:B4:40:23:44:34:D4:14:9C:BC:63
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4BB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C66440AC97111EFB4D1458C762E951A.roa
Signing time: Fri 03 Jan 2025 01:25:26 +0000
ROA not before: Fri 03 Jan 2025 01:25:23 +0000
ROA not after: Mon 13 Dec 2027 01:25:23 +0000
asID: 17561
IP address blocks: 156.227.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62651 (0xf4bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:25:23 2025 GMT
Not After : Dec 13 01:25:23 2027 GMT
Subject: CN=67773c86-3f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:9f:f1:b1:ff:5b:aa:07:0e:35:cc:dd:ee:
46:fc:32:4b:6c:01:dc:89:5f:48:a0:31:28:05:5a:
e8:d4:7a:74:b6:68:fa:e6:80:c6:43:ea:af:02:b4:
85:16:99:94:32:a2:0c:fc:31:90:8e:7b:a2:b5:98:
52:b2:8d:cd:89:d0:91:ad:05:c4:81:9c:23:e4:2b:
e6:93:88:b9:57:c3:32:95:ea:3e:47:e6:48:c4:e3:
fc:7c:1e:f4:52:95:d6:19:1a:26:28:8b:8e:d7:56:
fc:84:1d:80:a2:92:65:ab:07:97:68:48:64:cd:a6:
eb:c6:51:99:45:6a:b2:4f:27:04:c9:4a:20:44:b9:
43:45:97:8a:c2:85:c1:4e:af:ca:98:7d:74:7a:6e:
b7:9e:18:7a:09:dc:ff:48:03:5e:37:97:51:c9:80:
0d:0e:ac:36:18:98:cc:76:5e:90:11:0e:3f:80:24:
fe:d1:73:b6:ab:9f:b6:ba:bc:b8:83:da:f2:20:b7:
41:67:59:a4:d3:37:d1:d9:e1:5e:d0:a4:9b:ab:fc:
e1:42:ee:3e:6b:1c:02:06:88:c8:06:11:d2:f5:6f:
74:cc:72:d1:3a:fb:2e:b0:16:9d:16:05:52:98:f4:
b9:f8:f8:90:5d:3f:5d:8b:25:db:c2:5a:e0:a3:e0:
07:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:34:04:CA:EA:D1:49:D6:4F:D7:B4:40:23:44:34:D4:14:9C:BC:63
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C66440AC97111EFB4D1458C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.79.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:b9:2c:3e:e5:0a:a8:1b:ea:d7:f6:e0:3f:46:09:9f:19:42:
90:93:96:9a:9f:92:16:61:6d:a1:9d:58:2a:26:c2:57:0e:ee:
36:c1:26:94:b5:1f:22:31:21:27:8d:51:35:fa:b9:4f:81:d1:
3c:b8:2c:85:49:1d:6b:37:e2:3a:d8:5d:34:9d:de:15:09:74:
66:0e:d6:89:32:97:1e:c0:5f:d1:05:80:9d:ba:86:21:4c:6f:
09:2b:00:29:59:aa:cc:21:68:13:a3:95:a1:2c:84:c2:f4:8d:
ef:08:29:01:ee:3e:2d:94:59:44:1e:a2:3d:b8:a5:dc:7d:79:
3b:e2:3a:11:40:99:92:b2:93:43:57:ae:60:cf:22:70:0d:75:
50:dc:1e:35:89:c8:d7:f4:27:aa:bd:18:d8:d9:4b:a4:21:18:
92:8b:0f:8b:95:b6:b6:54:0d:76:58:aa:d8:82:4f:7f:0e:07:
20:a3:f5:fe:69:0c:5e:7e:71:0a:a3:ae:4e:c0:d6:62:83:09:
3e:0b:52:ad:ea:c8:ab:41:04:37:27:86:4e:2b:e2:fc:fb:92:
03:da:1f:88:b8:65:e0:ff:5e:44:4e:ac:10:7c:eb:23:89:f6:
14:2c:c7:90:84:52:76:82:4e:cc:67:5e:98:8d:28:fe:6e:e2:
c4:6c:ea:87
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPS7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEyNTIzWhcNMjcxMjEzMDEyNTIzWjAYMRYw
FAYDVQQDEw02Nzc3M2M4Ni0zZjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq42f8bH/W6oHDjXM3e5G/DJLbAHciV9IoDEoBVro1Hp0tmj65oDGQ+qv
ArSFFpmUMqIM/DGQjnuitZhSso3NidCRrQXEgZwj5Cvmk4i5V8Myleo+R+ZIxOP8
fB70UpXWGRomKIuO11b8hB2AopJlqweXaEhkzabrxlGZRWqyTycEyUogRLlDRZeK
woXBTq/KmH10em63nhh6Cdz/SANeN5dRyYANDqw2GJjMdl6QEQ4/gCT+0XO2q5+2
ury4g9ryILdBZ1mk0zfR2eFe0KSbq/zhQu4+axwCBojIBhHS9W90zHLROvsusBad
FgVSmPS5+PiQXT9diyXbwlrgo+AHRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGA0
BMrq0UnWT9e0QCNENNQUnLxjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QzY2NDQwQUM5NzExMUVGQjREMTQ1OEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONPMA0GCSqGSIb3DQEBCwUA
A4IBAQB8uSw+5QqoG+rX9uA/RgmfGUKQk5aan5IWYW2hnVgqJsJXDu42wSaUtR8i
MSEnjVE1+rlPgdE8uCyFSR1rN+I62F00nd4VCXRmDtaJMpcewF/RBYCduoYhTG8J
KwApWarMIWgTo5WhLITC9I3vCCkB7j4tlFlEHqI9uKXcfXk74joRQJmSspNDV65g
zyJwDXVQ3B41icjX9CeqvRjY2UukIRiSiw+Llba2VA12WKrYgk9/Dgcgo/X+aQxe
fnEKo65OwNZigwk+C1Kt6sirQQQ3J4ZOK+L8+5ID2h+IuGXg/15ETqwQfOsjifYU
LMeQhFJ2gk7MZ16YjSj+buLEbOqH
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:15 2025 by rpki-client