Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ACF1D75CCDAF11EFBE9A3593762E951A.roa
File: ACF1D75CCDAF11EFBE9A3593762E951A.roa (raw, json)
Hash identifier: HhlzESt0N/r2o3Qbuq0Wste3XUaOS9S+kKrFCuqC+8c=
Subject key identifier: A4:1C:BA:F2:23:7C:1C:59:72:C8:5E:04:B5:E6:22:E4:A0:C0:7C:85
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010175
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ACF1D75CCDAF11EFBE9A3593762E951A.roa
Signing time: Wed 08 Jan 2025 10:59:48 +0000
ROA not before: Wed 08 Jan 2025 10:59:44 +0000
ROA not after: Mon 13 Dec 2027 10:59:44 +0000
asID: 17561
IP address blocks: 156.255.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65909 (0x10175)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:59:44 2025 GMT
Not After : Dec 13 10:59:44 2027 GMT
Subject: CN=677e5aa4-1777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:41:c3:59:85:28:15:14:73:51:74:68:bd:39:
e1:00:48:d5:fb:b4:ab:a9:12:80:95:e7:8e:e7:e5:
00:e0:8c:58:44:da:b2:c8:aa:61:c7:dc:6c:bd:c9:
b1:72:9a:ce:b0:f8:ed:1a:52:8a:05:a1:5b:06:f3:
05:13:0a:6e:32:a3:1b:56:dd:db:e2:64:c7:df:a4:
2f:b4:3e:68:9a:97:af:29:5d:b3:fc:39:1e:62:90:
be:04:e1:fd:99:5d:30:5d:35:70:e7:25:df:3f:50:
4d:ab:8f:55:e7:0b:cb:a9:f0:b2:cb:37:8a:78:61:
f3:39:0f:05:74:db:c2:ce:b3:2d:61:69:49:36:8f:
79:6a:af:0c:ee:5a:e9:d1:21:51:4b:c4:7b:6f:1d:
5d:22:2c:69:f6:b6:a5:75:91:3c:20:cd:a5:fa:96:
f2:f1:f8:bd:f9:04:dc:cd:dc:c1:28:06:2d:e1:9e:
8a:0f:76:62:e4:a8:27:ea:bf:0d:df:ba:4c:76:cb:
97:80:b8:9b:35:00:e3:8d:d6:12:fe:e3:15:44:ef:
c6:b2:29:6b:2e:40:47:c5:06:b6:7b:c8:fa:4f:f9:
d9:61:10:22:3f:40:cb:15:67:53:de:59:a1:67:2b:
93:ae:20:19:8b:2e:20:89:a2:ac:5f:1a:d6:f4:6b:
fc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:1C:BA:F2:23:7C:1C:59:72:C8:5E:04:B5:E6:22:E4:A0:C0:7C:85
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ACF1D75CCDAF11EFBE9A3593762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.62.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:e5:20:6d:fe:96:73:ba:81:37:57:06:b3:a1:08:15:d8:87:
7a:50:20:70:d4:90:cc:55:4d:16:a3:59:63:c0:d1:cc:c0:19:
96:a4:db:c5:21:cd:94:11:f1:33:04:6a:b9:5e:85:05:ee:89:
c7:18:a1:79:62:5a:d7:5c:10:ef:43:88:57:63:e5:a2:1a:78:
f6:c8:30:7a:3b:a1:19:76:a1:27:8f:22:4d:56:47:0e:38:1b:
12:77:8d:7f:0a:08:b5:01:bc:ed:4f:33:e1:86:9a:0e:b3:c3:
c2:72:20:2a:41:93:88:fd:e1:6d:4a:e0:e3:89:d8:52:2b:34:
30:15:99:73:44:c3:a0:77:78:f2:ed:c3:18:2e:bb:72:bd:cb:
3b:fb:0b:21:38:86:41:3a:86:49:76:f5:71:1e:6d:ff:c6:13:
d0:b0:bc:4d:49:94:d4:70:62:f5:dd:57:a0:da:1a:ec:46:62:
c1:ba:a6:91:a2:34:36:1d:d8:a8:5a:14:e5:db:ea:c1:73:96:
79:40:00:c9:d1:9d:61:8b:16:b5:05:70:76:ba:cd:1f:70:7e:
cb:89:10:8c:63:6b:9e:12:81:cc:fe:b4:35:e9:c7:36:34:39:
de:19:95:c3:71:98:fd:32:9c:41:3b:f1:ee:85:c1:b3:05:08:
47:4c:3d:3d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQF1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTA1OTQ0WhcNMjcxMjEzMTA1OTQ0WjAYMRYw
FAYDVQQDEw02NzdlNWFhNC0xNzc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzEHDWYUoFRRzUXRovTnhAEjV+7SrqRKAleeO5+UA4IxYRNqyyKphx9xs
vcmxcprOsPjtGlKKBaFbBvMFEwpuMqMbVt3b4mTH36QvtD5ompevKV2z/DkeYpC+
BOH9mV0wXTVw5yXfP1BNq49V5wvLqfCyyzeKeGHzOQ8FdNvCzrMtYWlJNo95aq8M
7lrp0SFRS8R7bx1dIixp9raldZE8IM2l+pby8fi9+QTczdzBKAYt4Z6KD3Zi5Kgn
6r8N37pMdsuXgLibNQDjjdYS/uMVRO/GsilrLkBHxQa2e8j6T/nZYRAiP0DLFWdT
3lmhZyuTriAZiy4giaKsXxrW9Gv8cQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKQc
uvIjfBxZcsheBLXmIuSgwHyFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQ0YxRDc1Q0NEQUYxMUVGQkU5QTM1OTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8+MA0GCSqGSIb3DQEBCwUA
A4IBAQC35SBt/pZzuoE3VwazoQgV2Id6UCBw1JDMVU0Wo1ljwNHMwBmWpNvFIc2U
EfEzBGq5XoUF7onHGKF5YlrXXBDvQ4hXY+WiGnj2yDB6O6EZdqEnjyJNVkcOOBsS
d41/Cgi1AbztTzPhhpoOs8PCciAqQZOI/eFtSuDjidhSKzQwFZlzRMOgd3jy7cMY
Lrtyvcs7+wshOIZBOoZJdvVxHm3/xhPQsLxNSZTUcGL13Veg2hrsRmLBuqaRojQ2
HdioWhTl2+rBc5Z5QADJ0Z1hixa1BXB2us0fcH7LiRCMY2ueEoHM/rQ16cc2NDne
GZXDcZj9MpxBO/HuhcGzBQhHTD09
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:18 2025 by rpki-client