Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B6B060F6CD3711EFB4FE1687762E951A.roa
File: B6B060F6CD3711EFB4FE1687762E951A.roa (raw, json)
Hash identifier: 3gQI+iOyX9UhJ1Aw5OlvcUcbipTYB/ZnL+yjDxW69uI=
Subject key identifier: 9A:F9:3F:33:E8:AA:2D:C5:72:80:32:51:FE:27:18:5E:8F:4B:E7:39
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE27
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B6B060F6CD3711EFB4FE1687762E951A.roa
Signing time: Tue 07 Jan 2025 20:41:04 +0000
ROA not before: Tue 07 Jan 2025 20:41:01 +0000
ROA not after: Mon 13 Dec 2027 20:41:01 +0000
asID: 17561
IP address blocks: 156.243.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65063 (0xfe27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:41:01 2025 GMT
Not After : Dec 13 20:41:01 2027 GMT
Subject: CN=677d9160-6049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0c:61:0c:e0:c9:05:92:61:55:1a:8c:2c:d7:
ff:05:1c:58:b9:97:68:39:e0:e1:eb:fe:42:d7:ea:
7d:13:51:85:02:3d:5f:8c:6c:1c:83:6d:ea:bd:af:
82:a3:bd:69:36:73:11:0d:70:33:7d:3f:fc:86:b5:
da:5a:64:41:9c:9e:c0:5b:1c:14:3d:4e:a6:80:b4:
90:2d:6e:2b:28:c1:9e:9a:9b:6c:be:c0:73:4b:6a:
79:9d:7e:df:4f:5b:4a:b6:a3:d4:be:f7:4a:2c:7e:
01:c1:f4:28:2c:99:d2:83:94:01:23:1e:d0:45:3a:
2d:c6:d7:5d:ec:3a:6d:c4:87:dc:ee:90:50:b1:c1:
81:6a:d3:a8:81:3b:76:5e:55:1e:1f:d6:f4:1f:f3:
2e:1e:e0:ab:4e:4c:c9:ef:69:eb:c0:d5:6b:d7:a2:
16:66:ae:80:ba:30:80:92:7b:c2:02:30:a5:d7:1f:
17:01:4e:62:68:32:75:f1:77:01:c6:70:c5:1f:ae:
46:9d:0a:d6:61:49:5b:c5:27:40:5b:ce:9d:aa:77:
b0:85:9d:a6:3a:2b:ea:22:4b:e9:71:2a:d2:90:99:
ac:e8:5c:83:a0:cd:61:44:6a:85:df:15:7a:c9:79:
a9:85:45:aa:20:fb:94:16:63:86:40:c8:ff:2e:29:
81:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F9:3F:33:E8:AA:2D:C5:72:80:32:51:FE:27:18:5E:8F:4B:E7:39
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B6B060F6CD3711EFB4FE1687762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.60.0/24
Signature Algorithm: sha256WithRSAEncryption
70:02:2a:10:98:04:f9:f5:69:b3:5b:8d:bc:24:43:00:03:3f:
3b:6e:eb:c5:84:83:ec:78:68:ad:e3:91:ba:2f:7d:21:5d:7b:
4b:9a:5b:d0:4c:f7:3f:c0:8d:ec:cc:6f:2b:f4:66:cf:1d:81:
e1:bc:7e:fd:3f:5c:89:fe:e6:4c:33:d1:23:cc:df:b9:71:f5:
d7:be:4c:eb:4f:30:9a:84:fa:b4:2a:5b:fd:30:6e:a9:66:bc:
6d:3d:5e:93:79:8b:67:ee:ed:59:91:87:f8:ef:54:aa:00:ce:
2e:5c:13:2b:85:39:e8:07:78:af:3c:3e:4d:d4:f7:1f:de:7e:
28:7f:79:83:99:ad:ff:d7:99:35:ca:07:be:de:49:f0:48:02:
2e:1d:cd:b8:ba:ca:5c:3f:f4:c0:74:ae:3d:e9:04:61:30:8c:
08:7a:d0:6d:42:b9:b2:74:c6:f6:47:24:2b:d1:42:5d:30:42:
a4:80:c3:a3:4f:29:84:16:dc:db:43:7f:15:d9:12:0b:d9:3c:
7d:c8:65:24:6a:c2:1e:10:f1:74:1a:8d:cb:41:57:f3:52:8e:
a6:49:17:c7:6c:80:35:55:44:7a:56:3e:aa:09:83:1b:9e:80:
ce:be:8c:fe:5e:0f:b7:50:4e:08:e4:60:32:c7:c5:3c:4f:9c:
26:55:b9:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjA0MTAxWhcNMjcxMjEzMjA0MTAxWjAYMRYw
FAYDVQQDEw02NzdkOTE2MC02MDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqwxhDODJBZJhVRqMLNf/BRxYuZdoOeDh6/5C1+p9E1GFAj1fjGwcg23q
va+Co71pNnMRDXAzfT/8hrXaWmRBnJ7AWxwUPU6mgLSQLW4rKMGemptsvsBzS2p5
nX7fT1tKtqPUvvdKLH4BwfQoLJnSg5QBIx7QRTotxtdd7DptxIfc7pBQscGBatOo
gTt2XlUeH9b0H/MuHuCrTkzJ72nrwNVr16IWZq6AujCAknvCAjCl1x8XAU5iaDJ1
8XcBxnDFH65GnQrWYUlbxSdAW86dqnewhZ2mOivqIkvpcSrSkJms6FyDoM1hRGqF
3xV6yXmphUWqIPuUFmOGQMj/LimBcQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJr5
PzPoqi3FcoAyUf4nGF6PS+c5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNkIwNjBGNkNEMzcxMUVGQjRGRTE2ODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPM8MA0GCSqGSIb3DQEBCwUA
A4IBAQBwAioQmAT59WmzW428JEMAAz87buvFhIPseGit45G6L30hXXtLmlvQTPc/
wI3szG8r9GbPHYHhvH79P1yJ/uZMM9EjzN+5cfXXvkzrTzCahPq0Klv9MG6pZrxt
PV6TeYtn7u1ZkYf471SqAM4uXBMrhTnoB3ivPD5N1Pcf3n4of3mDma3/15k1yge+
3knwSAIuHc24uspcP/TAdK496QRhMIwIetBtQrmydMb2RyQr0UJdMEKkgMOjTymE
FtzbQ38V2RIL2Tx9yGUkasIeEPF0Go3LQVfzUo6mSRfHbIA1VUR6Vj6qCYMbnoDO
voz+Xg+3UE4I5GAyx8U8T5wmVbmp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:09 2025 by rpki-client