Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6A6E568CCAE11EF85C089A9762E951A.roa
File: C6A6E568CCAE11EF85C089A9762E951A.roa (raw, json)
Hash identifier: vNZ9bUrmeFwsTUcXQ1kv4XuwKDFWgiSQVl7wny+mC7s=
Subject key identifier: 69:A6:40:E1:4D:07:AA:41:59:18:BC:1A:6A:DF:D6:FD:1F:63:37:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9E6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6A6E568CCAE11EF85C089A9762E951A.roa
Signing time: Tue 07 Jan 2025 04:20:50 +0000
ROA not before: Tue 07 Jan 2025 04:20:46 +0000
ROA not after: Mon 13 Dec 2027 04:20:46 +0000
asID: 17561
IP address blocks: 156.232.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63974 (0xf9e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:20:46 2025 GMT
Not After : Dec 13 04:20:46 2027 GMT
Subject: CN=677caba2-eea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bf:85:80:b9:37:1a:08:65:95:6b:bc:98:d6:
e2:a8:e7:8c:61:92:c8:85:10:5c:d6:2f:ee:69:73:
ff:3f:d3:9a:8c:a3:86:5f:35:22:e7:cf:a9:e3:ac:
80:5c:77:e2:42:c5:f0:88:38:95:02:5a:1d:48:a8:
17:1c:87:ec:e9:08:fa:ff:8b:4d:c3:58:dd:a6:9f:
13:69:5b:cd:2b:f2:bc:4a:be:09:60:07:73:d6:c2:
c7:4a:49:23:95:21:13:49:b0:76:13:c4:25:14:bf:
c9:96:7a:20:e1:81:c0:6d:26:35:8b:d4:81:5d:71:
2b:12:22:e3:12:ce:1f:21:bb:0e:0e:e4:ad:ba:2d:
06:e2:01:1d:2a:b4:5b:53:1c:8a:c4:29:67:c1:09:
08:80:06:2a:13:ff:c9:03:4c:89:e9:6c:59:47:14:
95:d7:16:57:40:6d:37:12:33:5f:d3:6d:d2:81:a7:
b6:f7:07:b8:67:20:fc:3f:ab:7f:f4:9c:85:7a:74:
cd:1a:4c:03:92:72:41:16:3c:e8:ec:7f:40:ac:ed:
3b:48:b8:eb:10:86:98:48:ae:26:c7:81:7d:62:47:
cc:0c:39:b9:dd:b9:d7:6e:77:91:28:23:f1:e8:69:
03:c2:e2:d4:62:da:eb:7d:34:96:2c:aa:30:9e:af:
ff:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A6:40:E1:4D:07:AA:41:59:18:BC:1A:6A:DF:D6:FD:1F:63:37:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6A6E568CCAE11EF85C089A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.67.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:3b:d8:40:e4:58:04:3a:5e:f5:13:ff:ee:05:9c:49:f2:e7:
3a:d3:76:e9:55:ac:19:98:0f:f4:3a:e6:a2:79:f8:72:a1:b6:
0d:9e:58:d6:49:02:10:f6:06:f0:b4:1d:c2:a0:3a:1b:c1:77:
14:17:4e:8b:5d:ad:3b:18:96:ca:d7:ac:b9:5a:e8:49:97:a9:
4d:54:48:ea:7d:fc:97:63:6a:24:00:06:a5:fb:e9:18:40:03:
25:e5:1a:9c:87:a3:80:56:74:c6:fc:23:61:e7:33:90:c9:ab:
91:ff:cf:cc:62:f2:5f:37:1e:ee:fe:8f:6a:5c:09:6d:de:b3:
73:ac:11:27:8e:8c:45:86:35:62:39:ef:3a:d8:de:fc:b8:d1:
fa:4c:20:bb:9e:0d:8b:52:cb:6d:1c:9d:c2:43:26:99:4c:49:
5d:12:54:04:a9:e1:94:3e:33:b6:19:d0:a7:e7:ba:17:b7:1f:
36:56:af:19:08:6d:ff:5c:64:ae:d7:f5:3e:4a:33:1c:62:47:
b6:3e:11:a8:0d:31:28:04:cd:78:7c:a2:bb:e4:6f:f5:5a:c7:
d7:c1:19:83:7a:88:46:45:d5:01:bd:b5:93:61:e6:4b:e3:a2:
58:3b:4f:55:2a:ee:c3:9f:b4:34:da:da:3f:ed:b7:3b:d2:6a:
bf:bf:42:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPnmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQyMDQ2WhcNMjcxMjEzMDQyMDQ2WjAYMRYw
FAYDVQQDEw02NzdjYWJhMi1lZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt7+FgLk3GghllWu8mNbiqOeMYZLIhRBc1i/uaXP/P9OajKOGXzUi58+p
46yAXHfiQsXwiDiVAlodSKgXHIfs6Qj6/4tNw1jdpp8TaVvNK/K8Sr4JYAdz1sLH
SkkjlSETSbB2E8QlFL/Jlnog4YHAbSY1i9SBXXErEiLjEs4fIbsODuStui0G4gEd
KrRbUxyKxClnwQkIgAYqE//JA0yJ6WxZRxSV1xZXQG03EjNf023Sgae29we4ZyD8
P6t/9JyFenTNGkwDknJBFjzo7H9ArO07SLjrEIaYSK4mx4F9YkfMDDm53bnXbneR
KCPx6GkDwuLUYtrrfTSWLKownq//uQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGmm
QOFNB6pBWRi8Gmrf1v0fYzfdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNkE2RTU2OENDQUUxMUVGODVDMDg5QTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhDMA0GCSqGSIb3DQEBCwUA
A4IBAQCrO9hA5FgEOl71E//uBZxJ8uc603bpVawZmA/0OuaiefhyobYNnljWSQIQ
9gbwtB3CoDobwXcUF06LXa07GJbK16y5WuhJl6lNVEjqffyXY2okAAal++kYQAMl
5Rqch6OAVnTG/CNh5zOQyauR/8/MYvJfNx7u/o9qXAlt3rNzrBEnjoxFhjViOe86
2N78uNH6TCC7ng2LUsttHJ3CQyaZTEldElQEqeGUPjO2GdCn57oXtx82Vq8ZCG3/
XGSu1/U+SjMcYke2PhGoDTEoBM14fKK75G/1WsfXwRmDeohGRdUBvbWTYeZL46JY
O09VKu7Dn7Q02to/7bc70mq/v0Ib
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:20 2025 by rpki-client