Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA2D1236D31111EFBD4258B8762E951A.roa
File: AA2D1236D31111EFBD4258B8762E951A.roa (raw, json)
Hash identifier: 5bsu0EtGTkL9HCWcsl2evByf+5GoPQ+KSj7LIaGlfbg=
Subject key identifier: 4C:F5:20:4E:C6:C2:95:23:E0:43:ED:C0:E0:14:86:D0:FE:1D:FD:6E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01084F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA2D1236D31111EFBD4258B8762E951A.roa
Signing time: Wed 15 Jan 2025 07:23:50 +0000
ROA not before: Wed 15 Jan 2025 07:23:46 +0000
ROA not after: Mon 03 Jan 2028 07:23:46 +0000
asID: 17561
IP address blocks: 156.254.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67663 (0x1084f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:23:46 2025 GMT
Not After : Jan 3 07:23:46 2028 GMT
Subject: CN=67876286-db25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cf:57:88:f4:42:11:4c:d2:0e:dd:99:e3:df:
13:29:a5:c2:49:e6:3e:ba:a1:48:87:e2:c7:bf:7d:
bc:3c:6d:93:4b:af:62:ff:c8:36:bb:b4:c3:98:6c:
16:9e:3f:fa:68:b7:9f:26:1d:9f:f8:11:fd:0c:f4:
ff:f6:42:92:9d:fb:6d:a3:ac:14:53:dd:e9:be:72:
07:de:15:69:9a:ba:ac:fc:a9:af:6e:f3:b2:22:3f:
86:11:43:0d:6c:55:1d:5e:83:30:5b:07:9f:ef:ad:
c5:fe:45:51:91:6a:a5:8d:25:04:f1:1e:2b:d4:a7:
5b:d4:a1:6c:7c:57:ef:ed:65:40:bf:53:9b:d3:de:
2d:e8:20:3b:4a:91:9c:42:9f:d9:39:4c:20:ea:0e:
ec:69:5a:39:60:d3:41:c8:54:3d:bf:b5:50:94:6e:
4d:f4:7c:e7:c5:90:62:53:5b:7e:09:17:f7:07:79:
06:1e:ea:27:5d:04:1b:fc:41:ed:61:c7:f1:1b:35:
10:7b:04:25:f9:f1:cb:dc:95:56:76:58:39:31:be:
b2:93:09:5f:91:ae:32:0d:29:cb:0c:0f:83:05:f0:
9a:96:76:ba:a3:f9:7c:c6:c5:62:43:4e:0c:1d:c1:
99:93:cc:33:ef:c7:af:a7:7d:cf:a0:bc:6d:32:e1:
bb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F5:20:4E:C6:C2:95:23:E0:43:ED:C0:E0:14:86:D0:FE:1D:FD:6E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA2D1236D31111EFBD4258B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.61.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:ad:6d:6f:93:6c:95:9a:ff:d2:df:17:e5:ad:b1:ea:a7:95:
df:43:37:d9:d7:5b:d1:21:47:e8:77:03:9a:b8:fc:e5:aa:eb:
e4:3b:db:4f:15:66:cf:8e:28:e9:60:8f:d4:1d:96:7a:d8:8d:
81:bf:ec:ef:9c:ee:44:68:ac:b2:ed:83:fa:61:3f:da:31:93:
70:38:82:0f:57:83:ec:c9:7f:07:db:b6:82:7f:d1:57:fc:be:
af:25:d9:7b:d4:c9:42:cf:6b:4a:f1:08:7d:7b:ce:4d:ec:95:
61:10:37:ee:b9:d2:dd:3c:c8:53:c8:3f:05:b1:14:cc:b9:cb:
65:4b:9c:d2:5b:5a:50:5f:a8:02:98:cf:dd:e8:65:e4:57:56:
89:39:a3:54:00:78:b1:b6:34:ab:4a:cd:fd:6c:cd:c8:b0:ef:
9d:8e:9b:2f:0d:7c:ce:a0:09:d1:aa:2c:9f:93:8d:d4:90:ab:
12:60:7b:b0:17:74:1b:1d:6d:f3:b3:32:c5:f4:18:f2:47:90:
ff:b4:7a:c9:3b:9b:33:f5:ef:12:88:d5:e4:73:a3:ad:e3:f4:
02:6b:3a:9c:3e:dc:4e:ce:79:10:26:62:b7:31:99:d0:e3:6b:
79:f4:95:84:e7:19:6b:16:57:ff:54:ea:a7:07:87:81:53:28:
e8:25:7f:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDcyMzQ2WhcNMjgwMTAzMDcyMzQ2WjAYMRYw
FAYDVQQDEw02Nzg3NjI4Ni1kYjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAys9XiPRCEUzSDt2Z498TKaXCSeY+uqFIh+LHv328PG2TS69i/8g2u7TD
mGwWnj/6aLefJh2f+BH9DPT/9kKSnftto6wUU93pvnIH3hVpmrqs/KmvbvOyIj+G
EUMNbFUdXoMwWwef763F/kVRkWqljSUE8R4r1Kdb1KFsfFfv7WVAv1Ob094t6CA7
SpGcQp/ZOUwg6g7saVo5YNNByFQ9v7VQlG5N9HznxZBiU1t+CRf3B3kGHuonXQQb
/EHtYcfxGzUQewQl+fHL3JVWdlg5Mb6ykwlfka4yDSnLDA+DBfCalna6o/l8xsVi
Q04MHcGZk8wz78evp33PoLxtMuG7OwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEz1
IE7GwpUj4EPtwOAUhtD+Hf1uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTJEMTIzNkQzMTExMUVGQkQ0MjU4Qjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP49MA0GCSqGSIb3DQEBCwUA
A4IBAQAfrW1vk2yVmv/S3xflrbHqp5XfQzfZ11vRIUfodwOauPzlquvkO9tPFWbP
jijpYI/UHZZ62I2Bv+zvnO5EaKyy7YP6YT/aMZNwOIIPV4PsyX8H27aCf9FX/L6v
Jdl71MlCz2tK8Qh9e85N7JVhEDfuudLdPMhTyD8FsRTMuctlS5zSW1pQX6gCmM/d
6GXkV1aJOaNUAHixtjSrSs39bM3IsO+djpsvDXzOoAnRqiyfk43UkKsSYHuwF3Qb
HW3zszLF9BjyR5D/tHrJO5sz9e8SiNXkc6Ot4/QCazqcPtxOznkQJmK3MZnQ42t5
9JWE5xlrFlf/VOqnB4eBUyjoJX/G
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:31 2025 by rpki-client