Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A08ED75ACDAD11EF96BD9285762E951A.roa
File: A08ED75ACDAD11EF96BD9285762E951A.roa (raw, json)
Hash identifier: zI/AyLQ3OaoTkvOltRqjPzrIjkXbL25+Adp20t4ZqRw=
Subject key identifier: EE:37:3E:9A:E9:62:92:69:F3:F2:A9:9C:9C:A1:47:18:FB:6D:55:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010165
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A08ED75ACDAD11EF96BD9285762E951A.roa
Signing time: Wed 08 Jan 2025 10:45:08 +0000
ROA not before: Wed 08 Jan 2025 10:45:04 +0000
ROA not after: Mon 13 Dec 2027 10:45:04 +0000
asID: 17561
IP address blocks: 156.255.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65893 (0x10165)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:45:04 2025 GMT
Not After : Dec 13 10:45:04 2027 GMT
Subject: CN=677e5734-cc67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8e:92:ef:de:2e:7e:1f:f2:31:79:95:15:2f:
14:81:bf:d8:6d:94:b5:62:65:c2:64:68:03:4e:63:
0c:75:23:7e:d6:6e:71:c5:0d:fa:c8:df:6f:06:8e:
3f:81:9a:d0:09:b2:fb:bb:54:78:44:a6:e4:5d:0c:
86:fc:9e:35:c1:76:98:d5:a6:21:b0:5a:77:d8:99:
51:3c:de:4f:0b:0d:40:1b:48:30:92:3c:5a:5b:73:
b2:f6:48:fc:0f:14:c9:81:ab:9a:6c:38:6d:84:2c:
93:0b:0d:25:23:3c:1c:e9:0d:b3:a2:a9:fe:66:d4:
aa:e3:5f:18:9c:8e:75:48:db:10:78:7c:8a:9c:be:
fa:b8:52:1a:fb:3d:a0:17:1c:ba:ad:2b:b2:63:ec:
9d:7f:f2:cb:7b:a9:10:cc:16:ac:b7:0a:79:1e:81:
65:e9:18:70:60:b4:8e:fd:a8:e4:0a:f7:8f:39:ef:
19:24:b6:0f:1d:9e:6b:78:a6:ce:20:38:a0:ba:44:
94:74:2d:77:67:a7:52:6d:6e:40:6b:7c:7d:9d:bb:
f3:6b:ff:da:d1:c2:75:5f:d6:df:87:e1:ec:06:4e:
1d:cf:6b:43:85:41:30:d9:63:76:17:2c:e9:0c:2c:
29:64:66:9c:8a:68:6d:f7:94:3d:d5:fb:66:61:5d:
41:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:37:3E:9A:E9:62:92:69:F3:F2:A9:9C:9C:A1:47:18:FB:6D:55:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A08ED75ACDAD11EF96BD9285762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.53.0/24
Signature Algorithm: sha256WithRSAEncryption
54:d6:b1:70:fa:c9:4d:4d:12:bf:76:9d:21:69:42:3f:87:1f:
88:97:9c:14:4f:c5:ca:b6:5c:ed:77:61:63:05:34:03:8f:65:
99:82:c0:74:e1:9c:de:d8:6a:f4:83:90:4c:ab:46:36:2a:ab:
97:7d:ee:91:67:b5:32:d9:50:2a:6f:0e:b9:9a:ba:91:97:08:
55:ad:2d:2f:91:3f:00:90:25:18:d3:d6:ef:4e:d6:12:a8:13:
7c:df:23:24:d1:9b:c4:91:a8:40:36:7d:a3:23:c5:fd:b3:08:
4a:1c:b5:3b:57:eb:f9:c5:2d:04:bf:fa:3b:c2:ce:58:d3:2f:
94:a0:e1:01:93:86:b1:49:54:09:84:58:80:1a:d9:cf:24:d7:
29:ad:89:95:3a:ec:88:a0:0b:4d:1b:d3:c0:48:c9:62:0b:a4:
f0:ec:24:1a:88:2e:f8:3e:3d:a2:ba:8a:ef:2c:8b:20:bd:e2:
26:c0:10:d1:44:89:44:8c:71:cb:4c:fd:9f:46:90:03:91:9f:
b8:78:42:68:73:d1:94:65:d3:a7:67:9b:b3:91:d9:8d:2d:dc:
d8:77:6f:0a:50:51:be:69:47:63:8d:19:2d:eb:6b:54:5d:87:
59:d4:4e:59:58:fc:51:36:44:78:1c:56:c5:39:20:1a:30:3c:
1d:dc:fc:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTA0NTA0WhcNMjcxMjEzMTA0NTA0WjAYMRYw
FAYDVQQDEw02NzdlNTczNC1jYzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1I6S794ufh/yMXmVFS8Ugb/YbZS1YmXCZGgDTmMMdSN+1m5xxQ36yN9v
Bo4/gZrQCbL7u1R4RKbkXQyG/J41wXaY1aYhsFp32JlRPN5PCw1AG0gwkjxaW3Oy
9kj8DxTJgauabDhthCyTCw0lIzwc6Q2zoqn+ZtSq418YnI51SNsQeHyKnL76uFIa
+z2gFxy6rSuyY+ydf/LLe6kQzBastwp5HoFl6RhwYLSO/ajkCvePOe8ZJLYPHZ5r
eKbOIDigukSUdC13Z6dSbW5Aa3x9nbvza//a0cJ1X9bfh+HsBk4dz2tDhUEw2WN2
FyzpDCwpZGacimht95Q91ftmYV1BiQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO43
PprpYpJp8/KpnJyhRxj7bVV6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMDhFRDc1QUNEQUQxMUVGOTZCRDkyODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP81MA0GCSqGSIb3DQEBCwUA
A4IBAQBU1rFw+slNTRK/dp0haUI/hx+Il5wUT8XKtlztd2FjBTQDj2WZgsB04Zze
2Gr0g5BMq0Y2KquXfe6RZ7Uy2VAqbw65mrqRlwhVrS0vkT8AkCUY09bvTtYSqBN8
3yMk0ZvEkahANn2jI8X9swhKHLU7V+v5xS0Ev/o7ws5Y0y+UoOEBk4axSVQJhFiA
GtnPJNcprYmVOuyIoAtNG9PASMliC6Tw7CQaiC74Pj2iuorvLIsgveImwBDRRIlE
jHHLTP2fRpADkZ+4eEJoc9GUZdOnZ5uzkdmNLdzYd28KUFG+aUdjjRkt62tUXYdZ
1E5ZWPxRNkR4HFbFOSAaMDwd3PzK
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:54 2025 by rpki-client