Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C05F7C64D17D11EF8884A9B0762E951A.roa
File: C05F7C64D17D11EF8884A9B0762E951A.roa (raw, json)
Hash identifier: 9MsvNeYs39xzcu4i0WlY0ORIXqPh0wIv+YUrjUwRj+A=
Subject key identifier: F2:92:66:F5:8E:0A:12:E4:A0:AF:9F:04:3A:3B:39:67:6D:C4:BC:F7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010684
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C05F7C64D17D11EF8884A9B0762E951A.roa
Signing time: Mon 13 Jan 2025 07:12:30 +0000
ROA not before: Mon 13 Jan 2025 07:12:26 +0000
ROA not after: Thu 20 Feb 2025 07:12:26 +0000
asID: 213828
IP address blocks: 156.253.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67204 (0x10684)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 07:12:26 2025 GMT
Not After : Feb 20 07:12:26 2025 GMT
Subject: CN=6784bcde-6c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fa:f5:3c:10:9c:a2:4d:60:20:60:ee:0d:26:
29:2a:35:f3:6a:32:72:ca:e3:0d:61:d9:1f:0e:49:
94:a6:24:51:6b:fe:25:a3:fe:41:5a:eb:f9:bd:ba:
10:2c:90:33:0b:24:dd:b5:78:13:d9:37:d6:2e:f7:
47:f1:2e:2a:34:49:40:e2:45:42:da:4a:35:71:9d:
b6:10:bb:8c:c1:66:f3:e4:4d:92:91:b3:e6:15:4d:
f8:87:e7:36:48:61:53:8a:83:ae:5e:ab:5b:ff:5b:
68:1f:1d:d6:8f:d4:11:b9:3e:df:82:33:42:72:15:
94:5e:a4:d5:1f:af:16:2f:1b:7c:fa:c6:95:aa:7b:
e2:25:57:d4:ce:53:4e:c7:04:54:ed:50:38:54:b6:
9f:17:c9:d3:35:bb:68:ec:49:18:9d:fa:2d:be:9d:
f4:56:88:d6:3f:74:c1:28:fa:90:d9:17:6c:8d:a0:
68:12:45:64:a8:1b:87:45:f4:33:5c:e0:b1:52:40:
77:75:7a:2f:9b:35:73:39:df:c3:4d:f4:ce:ee:18:
9d:6f:89:0f:01:72:78:1a:60:65:17:63:88:3d:a0:
a9:c0:b1:b4:aa:c8:91:6e:00:f5:0c:48:68:80:8e:
2a:d5:fb:37:a4:67:93:e2:3f:23:30:64:ed:49:ea:
ae:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:92:66:F5:8E:0A:12:E4:A0:AF:9F:04:3A:3B:39:67:6D:C4:BC:F7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C05F7C64D17D11EF8884A9B0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.231.0/24
Signature Algorithm: sha256WithRSAEncryption
71:6f:5d:44:8f:bf:73:be:35:31:16:62:38:f4:41:80:cc:49:
fa:99:71:71:47:0d:42:c4:fd:8c:c4:b0:4d:dd:66:22:a8:c3:
b9:a2:28:7d:b1:47:6b:5f:34:3b:e6:8a:75:e6:30:ba:c9:6a:
21:77:35:90:49:c0:70:7f:b3:6d:77:91:27:09:6e:f8:23:17:
0c:3d:8a:c0:29:5c:b4:95:6a:b9:f5:27:29:0b:6a:f4:6b:a6:
25:1b:ae:cd:f2:b7:eb:fa:c6:87:20:6d:00:e1:b8:58:0f:36:
7f:2b:21:ac:12:3f:06:b0:49:7f:ed:e0:c9:35:1e:58:ee:b3:
78:58:66:49:00:ba:fd:52:26:53:cc:da:0f:8b:05:60:49:f4:
ae:80:29:ff:89:85:f3:98:dc:c2:56:62:83:e1:0a:33:f5:61:
f4:66:32:fd:3a:22:dd:4a:c3:10:41:8e:60:c5:27:cc:46:6e:
6b:d1:bc:b0:6d:22:91:e2:94:43:d0:9b:18:07:e8:6b:fa:e2:
32:7b:64:91:c8:86:e8:f3:cb:93:65:83:39:0c:9c:b5:c6:3e:
a1:77:e4:8d:3e:26:ed:27:e7:d7:db:a2:0f:9e:84:c8:b1:0f:
1e:ab:c9:73:b2:93:8e:fc:be:f0:9d:1d:fe:74:9c:72:18:19:
13:7d:9f:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQaEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDcxMjI2WhcNMjUwMjIwMDcxMjI2WjAYMRYw
FAYDVQQDEw02Nzg0YmNkZS02Yzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAufr1PBCcok1gIGDuDSYpKjXzajJyyuMNYdkfDkmUpiRRa/4lo/5BWuv5
vboQLJAzCyTdtXgT2TfWLvdH8S4qNElA4kVC2ko1cZ22ELuMwWbz5E2SkbPmFU34
h+c2SGFTioOuXqtb/1toHx3Wj9QRuT7fgjNCchWUXqTVH68WLxt8+saVqnviJVfU
zlNOxwRU7VA4VLafF8nTNbto7EkYnfotvp30VojWP3TBKPqQ2RdsjaBoEkVkqBuH
RfQzXOCxUkB3dXovmzVzOd/DTfTO7hidb4kPAXJ4GmBlF2OIPaCpwLG0qsiRbgD1
DEhogI4q1fs3pGeT4j8jMGTtSequNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPKS
ZvWOChLkoK+fBDo7OWdtxLz3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMDVGN0M2NEQxN0QxMUVGODg4NEE5QjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3nMA0GCSqGSIb3DQEBCwUA
A4IBAQBxb11Ej79zvjUxFmI49EGAzEn6mXFxRw1CxP2MxLBN3WYiqMO5oih9sUdr
XzQ75op15jC6yWohdzWQScBwf7Ntd5EnCW74IxcMPYrAKVy0lWq59ScpC2r0a6Yl
G67N8rfr+saHIG0A4bhYDzZ/KyGsEj8GsEl/7eDJNR5Y7rN4WGZJALr9UiZTzNoP
iwVgSfSugCn/iYXzmNzCVmKD4Qoz9WH0ZjL9OiLdSsMQQY5gxSfMRm5r0bywbSKR
4pRD0JsYB+hr+uIye2SRyIbo88uTZYM5DJy1xj6hd+SNPibtJ+fX26IPnoTIsQ8e
q8lzspOO/L7wnR3+dJxyGBkTfZ9/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:04 2025 by rpki-client