Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B712C950CD0D11EF89BB797F762E951A.roa
File: B712C950CD0D11EF89BB797F762E951A.roa (raw, json)
Hash identifier: lT28p8tusmsmU5vaejppuk4HAR1uSlMRX+JjTdflkX8=
Subject key identifier: B9:C5:8F:58:55:F7:7B:A0:8B:C4:9B:65:32:6B:E3:E4:7B:4A:8F:73
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCD7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B712C950CD0D11EF89BB797F762E951A.roa
Signing time: Tue 07 Jan 2025 15:40:26 +0000
ROA not before: Tue 07 Jan 2025 15:40:23 +0000
ROA not after: Mon 13 Dec 2027 15:40:23 +0000
asID: 17561
IP address blocks: 156.239.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64727 (0xfcd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:40:23 2025 GMT
Not After : Dec 13 15:40:23 2027 GMT
Subject: CN=677d4aea-4506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:87:de:bc:c4:11:ab:b1:d9:3a:90:1b:c4:c6:
75:ab:18:90:dc:c7:c5:7d:9d:ab:46:42:7d:e7:d4:
c7:19:bf:13:e8:26:d6:4a:c2:a2:c7:20:4c:e7:40:
d1:4b:cb:3f:da:a3:46:71:c2:ad:c6:4a:cd:33:3b:
c8:a2:4f:fc:10:ff:b4:a5:77:63:17:b0:1f:41:a1:
c2:78:89:db:4a:0d:9e:81:33:f4:24:74:3f:d3:09:
b1:9b:04:67:f8:2c:01:59:27:9c:68:4d:f7:99:9c:
a7:e5:8b:f5:67:d7:c1:54:77:e4:94:36:aa:55:b4:
a1:42:fa:94:0d:0c:04:cd:7c:00:ed:24:c3:ef:8a:
36:50:ee:45:97:eb:f1:36:6a:62:19:17:0c:bb:c7:
f1:a7:49:a2:29:f8:af:d6:ae:11:c1:16:5a:12:33:
01:81:84:45:b6:62:54:d0:0e:db:b0:8d:9b:1f:87:
55:27:51:fb:ee:3e:35:7e:b4:31:13:5a:67:0b:29:
ef:db:e2:c7:64:b0:5c:67:5d:63:fa:a9:b8:3b:64:
5f:4a:94:1e:7b:43:9e:b2:b8:89:8d:2d:6b:41:06:
53:75:ef:96:6d:4b:6f:9c:ff:5c:51:bc:ae:19:9d:
98:60:bc:f2:8a:35:20:d5:be:2e:fd:b6:62:20:90:
45:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:C5:8F:58:55:F7:7B:A0:8B:C4:9B:65:32:6B:E3:E4:7B:4A:8F:73
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B712C950CD0D11EF89BB797F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.63.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:66:fb:d9:39:c2:66:7c:6b:c1:7e:f6:80:08:0a:62:3c:57:
34:4a:eb:e8:72:ff:e0:36:e5:12:05:ec:9d:b5:43:88:54:73:
f7:9d:02:ee:28:31:14:82:ab:99:1e:4f:d0:8b:eb:77:90:3d:
54:3a:2a:e9:82:e3:57:9d:77:0e:65:8b:a1:68:58:fa:42:81:
1b:73:b1:42:74:28:68:1f:09:d6:a4:0a:36:14:3a:49:a4:26:
63:4c:ac:84:f1:db:7e:8a:5f:76:42:7e:d4:74:06:35:c2:c3:
d8:ac:1e:65:dd:0c:1c:50:8d:93:b3:82:65:3c:90:2a:6b:68:
7f:08:fa:24:5f:a5:a2:e5:74:d9:79:ac:7c:38:32:c7:30:ae:
3c:37:fb:5f:62:36:0b:a4:c2:01:31:2d:9a:3d:99:bb:cb:a6:
19:26:04:01:7c:b8:78:dd:35:25:c4:b3:b2:5b:cf:97:68:f4:
d8:2b:82:65:57:e5:24:a5:d6:ed:0a:d9:84:35:e5:9c:d3:2b:
79:0a:60:43:c6:c6:2a:7a:1c:64:92:5b:c1:20:2e:c3:90:b3:
ea:c8:1f:fc:cf:2e:dd:a1:55:8e:dc:e3:2f:c5:d2:e5:d0:fb:
02:2a:62:5e:5b:66:d2:24:ca:d5:3a:f1:e9:fe:c0:cb:bc:2b:
b3:4a:5e:a4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPzXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTU0MDIzWhcNMjcxMjEzMTU0MDIzWjAYMRYw
FAYDVQQDEw02NzdkNGFlYS00NTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqYfevMQRq7HZOpAbxMZ1qxiQ3MfFfZ2rRkJ959THGb8T6CbWSsKixyBM
50DRS8s/2qNGccKtxkrNMzvIok/8EP+0pXdjF7AfQaHCeInbSg2egTP0JHQ/0wmx
mwRn+CwBWSecaE33mZyn5Yv1Z9fBVHfklDaqVbShQvqUDQwEzXwA7STD74o2UO5F
l+vxNmpiGRcMu8fxp0miKfiv1q4RwRZaEjMBgYRFtmJU0A7bsI2bH4dVJ1H77j41
frQxE1pnCynv2+LHZLBcZ11j+qm4O2RfSpQee0OesriJjS1rQQZTde+WbUtvnP9c
UbyuGZ2YYLzyijUg1b4u/bZiIJBFqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLnF
j1hV93ugi8SbZTJr4+R7So9zMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNzEyQzk1MENEMEQxMUVGODlCQjc5N0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8/MA0GCSqGSIb3DQEBCwUA
A4IBAQBPZvvZOcJmfGvBfvaACApiPFc0Suvocv/gNuUSBeydtUOIVHP3nQLuKDEU
gquZHk/Qi+t3kD1UOirpguNXnXcOZYuhaFj6QoEbc7FCdChoHwnWpAo2FDpJpCZj
TKyE8dt+il92Qn7UdAY1wsPYrB5l3QwcUI2Ts4JlPJAqa2h/CPokX6Wi5XTZeax8
ODLHMK48N/tfYjYLpMIBMS2aPZm7y6YZJgQBfLh43TUlxLOyW8+XaPTYK4JlV+Uk
pdbtCtmENeWc0yt5CmBDxsYqehxkklvBIC7DkLPqyB/8zy7doVWO3OMvxdLl0PsC
KmJeW2bSJMrVOvHp/sDLvCuzSl6k
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:53 2025 by rpki-client