Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B71D4CF0CE4C11EF8991F880762E951A.roa
File: B71D4CF0CE4C11EF8991F880762E951A.roa (raw, json)
Hash identifier: AClkRGFhZj25ykF7MIV986O6Jv+B892dzalVy03+mf8=
Subject key identifier: 21:88:F6:5C:22:5B:D3:40:40:1E:24:13:A2:8C:39:9C:1E:D1:B2:4F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102C7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B71D4CF0CE4C11EF8991F880762E951A.roa
Signing time: Thu 09 Jan 2025 05:43:56 +0000
ROA not before: Thu 09 Jan 2025 05:43:52 +0000
ROA not after: Fri 09 Jan 2026 05:43:52 +0000
asID: 17561
IP address blocks: 156.238.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66247 (0x102c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 05:43:52 2025 GMT
Not After : Jan 9 05:43:52 2026 GMT
Subject: CN=677f621c-b121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:45:71:ea:af:e8:c1:92:eb:e6:98:e8:c2:e0:
81:db:1e:e8:4b:b6:72:78:07:34:ca:1c:29:ae:0b:
2b:f1:0b:94:aa:7a:f3:bd:a8:70:50:04:b3:dd:70:
20:2b:d1:ac:df:4f:ad:ef:14:dd:28:1d:28:13:b2:
ac:1d:a7:83:6e:5c:94:a8:49:54:e5:95:67:24:8d:
d7:8d:30:0e:44:bb:61:0c:88:4c:c6:03:db:51:2d:
b7:13:5c:a8:aa:e1:5e:cd:f0:95:26:5a:28:68:e2:
72:da:90:20:f1:fd:55:2d:9a:fb:6c:70:0c:0e:a0:
1b:fc:f1:c9:d6:79:8c:44:5b:d3:e6:dc:40:0f:26:
7d:89:87:69:64:e8:d1:d8:30:31:5a:97:1a:76:2f:
86:aa:ed:e8:77:e2:60:22:5e:21:2a:f0:52:0d:4d:
de:29:f0:25:ff:ac:e1:49:c0:84:0c:6c:49:9b:8c:
36:d1:ac:a1:60:4c:84:14:fa:fd:15:57:df:b1:00:
2d:ac:0e:3c:76:9e:c4:31:29:31:52:f5:a4:74:26:
94:4a:14:4f:54:d4:2b:1c:fe:f4:05:d6:ce:2e:84:
68:13:ba:e6:1f:37:d5:db:39:8e:65:38:f4:04:9f:
58:09:1f:f7:bf:67:c5:b1:58:d7:36:b8:2d:2e:ab:
6e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:88:F6:5C:22:5B:D3:40:40:1E:24:13:A2:8C:39:9C:1E:D1:B2:4F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B71D4CF0CE4C11EF8991F880762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.55.0/24
Signature Algorithm: sha256WithRSAEncryption
26:22:dc:58:14:73:d8:fc:a7:10:7e:97:47:18:f2:52:e0:c0:
d4:e4:e3:75:0d:57:d7:94:3f:69:3a:1d:cf:ac:8a:ac:e0:55:
d6:e4:91:a2:1d:98:71:4b:5f:68:a4:5e:55:2a:fe:f8:d2:1a:
de:85:8c:e7:2f:dd:da:0a:d5:c0:77:49:99:88:a1:41:e6:da:
ed:ba:95:d2:c3:c8:b1:65:4e:88:93:54:55:64:e2:a0:93:5e:
1d:70:1b:de:b4:35:6b:d8:9c:2e:c3:2a:7d:9b:50:ba:dd:99:
29:f2:29:b8:c0:b7:a2:6f:42:14:13:80:44:75:5f:4b:f0:2f:
c7:c2:b1:24:e6:d7:6d:74:28:af:67:82:21:0e:83:a5:c0:ea:
31:56:29:97:6a:3a:9e:6b:bb:02:2a:e3:f8:d0:27:cd:10:c8:
0a:5a:9f:aa:2f:c3:78:99:43:19:04:9c:a1:fb:ae:34:50:6c:
45:66:73:17:d9:86:0e:73:f9:ec:8a:d7:e9:c6:92:ba:83:a7:
11:31:23:45:3e:b6:c5:12:fa:d7:af:b5:17:72:73:4d:71:e0:
30:41:51:c0:49:82:6d:86:51:09:be:70:65:dc:f0:1f:f9:8f:
1d:d1:5a:7a:b9:ae:72:c3:49:2c:39:f3:eb:0e:14:32:af:52:
d7:70:36:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQLHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDU0MzUyWhcNMjYwMTA5MDU0MzUyWjAYMRYw
FAYDVQQDEw02NzdmNjIxYy1iMTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArUVx6q/owZLr5pjowuCB2x7oS7ZyeAc0yhwprgsr8QuUqnrzvahwUASz
3XAgK9Gs30+t7xTdKB0oE7KsHaeDblyUqElU5ZVnJI3XjTAORLthDIhMxgPbUS23
E1yoquFezfCVJlooaOJy2pAg8f1VLZr7bHAMDqAb/PHJ1nmMRFvT5txADyZ9iYdp
ZOjR2DAxWpcadi+Gqu3od+JgIl4hKvBSDU3eKfAl/6zhScCEDGxJm4w20ayhYEyE
FPr9FVffsQAtrA48dp7EMSkxUvWkdCaUShRPVNQrHP70BdbOLoRoE7rmHzfV2zmO
ZTj0BJ9YCR/3v2fFsVjXNrgtLqtuwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCGI
9lwiW9NAQB4kE6KMOZwe0bJPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNzFENENGMENFNEMxMUVGODk5MUY4ODA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO43MA0GCSqGSIb3DQEBCwUA
A4IBAQAmItxYFHPY/KcQfpdHGPJS4MDU5ON1DVfXlD9pOh3PrIqs4FXW5JGiHZhx
S19opF5VKv740hrehYznL93aCtXAd0mZiKFB5trtupXSw8ixZU6Ik1RVZOKgk14d
cBvetDVr2Jwuwyp9m1C63Zkp8im4wLeib0IUE4BEdV9L8C/HwrEk5tdtdCivZ4Ih
DoOlwOoxVimXajqea7sCKuP40CfNEMgKWp+qL8N4mUMZBJyh+640UGxFZnMX2YYO
c/nsitfpxpK6g6cRMSNFPrbFEvrXr7UXcnNNceAwQVHASYJthlEJvnBl3PAf+Y8d
0Vp6ua5yw0ksOfPrDhQyr1LXcDbz
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:16 2025 by rpki-client