Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C1187C66CEF611EF99AF0CB2762E951A.roa
File: C1187C66CEF611EF99AF0CB2762E951A.roa (raw, json)
Hash identifier: bDhvQFcAs7S7xioiXXfjaAnxnnWZq5J4UrYJrQ4vQEY=
Subject key identifier: A6:6A:C9:9B:0C:D0:F5:A1:78:D1:9E:C9:A8:75:8D:F0:4A:51:A5:42
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010493
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C1187C66CEF611EF99AF0CB2762E951A.roa
Signing time: Fri 10 Jan 2025 02:01:07 +0000
ROA not before: Fri 10 Jan 2025 02:01:03 +0000
ROA not after: Wed 12 Feb 2025 02:01:03 +0000
asID: 20473
IP address blocks: 156.236.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66707 (0x10493)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 02:01:03 2025 GMT
Not After : Feb 12 02:01:03 2025 GMT
Subject: CN=67807f63-754f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:f4:ec:db:be:a0:dd:57:37:f3:e2:89:94:
73:2f:d6:ed:d2:d0:93:85:87:84:85:f5:40:b4:e1:
88:ea:55:3b:4a:2c:ec:0c:22:b7:87:fc:01:cf:22:
ee:ea:8a:b4:f8:38:d6:20:e8:67:73:71:85:8b:09:
d9:3b:22:e6:f6:59:a1:33:b5:6e:86:07:ee:b1:ed:
c6:19:09:bb:01:0f:e0:79:b4:6c:b4:21:15:6e:a6:
ae:6e:3f:c8:f9:b6:24:85:c9:cc:3b:54:3b:d7:dc:
76:a6:45:2c:ba:40:d3:e3:50:a6:88:78:16:f0:24:
c6:c9:d6:56:cb:5d:88:9b:45:75:1d:8e:2b:aa:67:
0f:1d:1b:8f:13:af:e3:52:b6:08:45:64:d5:1d:3c:
3d:39:74:04:84:9a:18:ff:f0:24:6a:cf:28:01:50:
f4:ce:f5:f2:3a:2e:1f:34:b0:59:6a:ff:1b:c2:07:
33:ad:e0:22:58:35:6d:91:dc:bd:35:0e:f1:48:6c:
a6:35:81:58:64:85:5d:8b:ff:4f:7c:9b:05:d7:40:
82:e0:58:c0:61:ff:70:8f:79:a0:d5:2f:0a:2a:2d:
59:83:c9:2d:b4:0b:ee:62:97:71:e9:05:20:7a:81:
cb:dc:d9:7c:07:6c:81:9c:23:7e:94:12:3f:bd:cb:
62:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6A:C9:9B:0C:D0:F5:A1:78:D1:9E:C9:A8:75:8D:F0:4A:51:A5:42
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C1187C66CEF611EF99AF0CB2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.77.0/24
Signature Algorithm: sha256WithRSAEncryption
59:86:ff:a3:e0:91:1e:00:71:30:a9:a7:92:72:3a:d6:9d:1d:
a4:5a:d4:99:58:05:b1:89:7c:6d:af:1a:5d:ad:f4:a4:99:4f:
13:9d:c4:e2:c2:42:a8:de:90:ce:4a:98:eb:e8:12:c8:3a:00:
5c:a6:97:8f:ec:c4:8f:30:6f:dd:31:85:d4:ec:f0:86:c6:48:
99:23:13:e4:aa:29:39:e3:14:f0:4d:cc:62:0e:a8:bd:55:16:
43:e0:2e:78:81:ce:8d:8a:e4:5b:f6:7a:52:17:96:ab:32:59:
77:3c:bf:9e:6d:89:85:ca:dc:d7:d0:e8:4e:2d:4f:00:99:7b:
7c:5d:5e:76:10:34:ce:67:88:81:c8:62:11:3d:61:0d:42:e5:
39:0c:35:6c:11:ec:92:36:82:c5:5b:e3:a9:94:25:a4:89:40:
be:1e:da:c9:2d:6b:bd:af:40:60:cb:f7:7d:19:eb:10:e4:3d:
91:7e:0d:b4:c2:2c:a1:3a:d6:7b:10:53:f0:de:d9:0f:0c:e4:
63:3c:85:bb:af:ca:79:23:0c:a5:a5:a4:b4:83:01:16:6e:29:
cd:ac:fe:28:03:76:bb:76:9b:9c:ea:de:0a:eb:e7:fd:1b:10:
20:c6:77:93:4a:9d:0e:38:7e:d4:ba:0d:d3:c5:f3:91:df:f7:
51:82:47:05
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQSTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDIwMTAzWhcNMjUwMjEyMDIwMTAzWjAYMRYw
FAYDVQQDEw02NzgwN2Y2My03NTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuV/07Nu+oN1XN/PiiZRzL9bt0tCThYeEhfVAtOGI6lU7SizsDCK3h/wB
zyLu6oq0+DjWIOhnc3GFiwnZOyLm9lmhM7Vuhgfuse3GGQm7AQ/gebRstCEVbqau
bj/I+bYkhcnMO1Q719x2pkUsukDT41CmiHgW8CTGydZWy12Im0V1HY4rqmcPHRuP
E6/jUrYIRWTVHTw9OXQEhJoY//Akas8oAVD0zvXyOi4fNLBZav8bwgczreAiWDVt
kdy9NQ7xSGymNYFYZIVdi/9PfJsF10CC4FjAYf9wj3mg1S8KKi1Zg8kttAvuYpdx
6QUgeoHL3Nl8B2yBnCN+lBI/vctioQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKZq
yZsM0PWheNGeyah1jfBKUaVCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMTE4N0M2NkNFRjYxMUVGOTlBRjBDQjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOxNMA0GCSqGSIb3DQEBCwUA
A4IBAQBZhv+j4JEeAHEwqaeScjrWnR2kWtSZWAWxiXxtrxpdrfSkmU8TncTiwkKo
3pDOSpjr6BLIOgBcppeP7MSPMG/dMYXU7PCGxkiZIxPkqik54xTwTcxiDqi9VRZD
4C54gc6NiuRb9npSF5arMll3PL+ebYmFytzX0OhOLU8AmXt8XV52EDTOZ4iByGIR
PWENQuU5DDVsEeySNoLFW+OplCWkiUC+HtrJLWu9r0Bgy/d9GesQ5D2Rfg20wiyh
OtZ7EFPw3tkPDORjPIW7r8p5IwylpaS0gwEWbinNrP4oA3a7dpuc6t4K6+f9GxAg
xneTSp0OOH7Uug3TxfOR3/dRgkcF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:54 2025 by rpki-client