Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7235CB2CD1F11EF826E0F70762E951A.roa
File: C7235CB2CD1F11EF826E0F70762E951A.roa (raw, json)
Hash identifier: jI+9Hw4iI2wLij0345W4d2kIRmPfpVaTd2h7fHLBeMM=
Subject key identifier: 05:9F:D2:D2:C6:BA:D3:03:1B:02:24:55:38:28:EA:DD:C0:79:57:99
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD69
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7235CB2CD1F11EF826E0F70762E951A.roa
Signing time: Tue 07 Jan 2025 17:49:44 +0000
ROA not before: Tue 07 Jan 2025 17:49:40 +0000
ROA not after: Mon 13 Dec 2027 17:49:40 +0000
asID: 17561
IP address blocks: 156.241.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64873 (0xfd69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:49:40 2025 GMT
Not After : Dec 13 17:49:40 2027 GMT
Subject: CN=677d6938-5d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0e:4b:84:e0:13:bf:36:6b:5c:b2:2c:dc:b1:
5a:98:cc:68:79:6d:40:e7:c7:76:77:f3:0c:a1:8b:
23:82:dc:bb:67:ae:31:16:af:bc:a0:00:25:98:fb:
b1:c7:9c:c7:fd:18:aa:b6:db:ef:77:f3:80:b4:da:
16:a2:f0:54:8a:66:b4:a8:66:16:a9:46:cb:3e:34:
1c:38:56:a4:26:76:19:56:ba:76:5c:3f:90:f8:a6:
d9:ee:ed:e2:42:08:67:46:03:f8:34:1c:eb:ac:33:
21:e7:e3:3e:49:53:22:49:6a:d4:3b:7e:a5:aa:6c:
8f:59:93:7c:db:df:bd:57:e0:1d:5b:1d:b5:db:33:
bd:2a:6e:85:25:26:0c:6f:1d:73:43:86:09:8d:be:
b6:7a:42:0e:0a:84:1f:ff:40:41:6d:bb:9e:22:53:
64:d5:3b:a7:fe:a9:3f:ac:ae:77:04:70:de:8f:18:
e4:fb:2a:c9:57:e9:30:6d:35:f7:21:d7:49:a8:1e:
8c:dc:0b:f1:49:fe:f8:f6:c8:bc:64:59:61:31:3f:
4d:84:da:30:b1:98:08:61:50:5e:09:c6:4d:c2:54:
37:56:c9:60:a4:64:e5:72:a5:d2:90:1c:ac:0a:42:
f0:9d:a5:9b:df:dc:c2:9a:67:6c:5f:31:bd:0f:2d:
86:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:9F:D2:D2:C6:BA:D3:03:1B:02:24:55:38:28:EA:DD:C0:79:57:99
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7235CB2CD1F11EF826E0F70762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.62.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:7f:31:d5:c5:77:a0:04:72:9e:54:07:05:de:1c:c0:64:db:
11:b4:b6:20:cd:c6:9a:39:e5:14:88:22:7e:d5:fe:4c:67:84:
fd:9f:58:c9:d3:0e:d1:d4:7f:8c:38:eb:53:3b:7c:af:70:9a:
ef:cf:da:6a:6e:ab:86:8e:a9:1e:2d:86:81:d2:b7:1d:ba:1a:
3f:99:5a:68:ba:86:57:b5:15:eb:be:9f:2f:99:e3:66:0b:85:
4b:bd:e2:d1:1b:b8:30:e2:40:96:dc:37:a7:24:42:4b:b7:50:
c9:11:f3:64:da:cb:bd:7a:f1:92:be:53:e8:9b:15:27:58:d1:
48:bc:4e:a9:27:f1:28:d5:07:d1:e2:fc:fb:1d:e2:d9:7c:0a:
40:04:c1:e5:65:b4:a2:49:ff:13:92:85:fb:3a:7a:9b:8c:74:
e1:a4:ae:fd:8a:6b:26:00:be:ce:90:89:31:8e:e1:5e:2a:2d:
78:e2:43:33:28:f7:0b:8c:71:b1:0e:56:33:73:41:d1:d4:da:
21:3d:dc:b9:ce:2a:24:36:28:61:76:6a:50:fe:8a:d0:57:b0:
c8:5e:7f:df:e6:20:2a:00:9b:74:ec:f4:e0:55:01:3d:b3:22:
10:32:6b:18:f7:41:1d:e1:34:f1:46:78:40:d5:9d:8a:27:08:
b8:80:ac:d5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTc0OTQwWhcNMjcxMjEzMTc0OTQwWjAYMRYw
FAYDVQQDEw02NzdkNjkzOC01ZDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtA5LhOATvzZrXLIs3LFamMxoeW1A58d2d/MMoYsjgty7Z64xFq+8oAAl
mPuxx5zH/Riqttvvd/OAtNoWovBUima0qGYWqUbLPjQcOFakJnYZVrp2XD+Q+KbZ
7u3iQghnRgP4NBzrrDMh5+M+SVMiSWrUO36lqmyPWZN829+9V+AdWx212zO9Km6F
JSYMbx1zQ4YJjb62ekIOCoQf/0BBbbueIlNk1Tun/qk/rK53BHDejxjk+yrJV+kw
bTX3IddJqB6M3AvxSf749si8ZFlhMT9NhNowsZgIYVBeCcZNwlQ3VslgpGTlcqXS
kBysCkLwnaWb39zCmmdsXzG9Dy2GfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAWf
0tLGutMDGwIkVTgo6t3AeVeZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNzIzNUNCMkNEMUYxMUVGODI2RTBGNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPE+MA0GCSqGSIb3DQEBCwUA
A4IBAQCjfzHVxXegBHKeVAcF3hzAZNsRtLYgzcaaOeUUiCJ+1f5MZ4T9n1jJ0w7R
1H+MOOtTO3yvcJrvz9pqbquGjqkeLYaB0rcduho/mVpouoZXtRXrvp8vmeNmC4VL
veLRG7gw4kCW3DenJEJLt1DJEfNk2su9evGSvlPomxUnWNFIvE6pJ/Eo1QfR4vz7
HeLZfApABMHlZbSiSf8TkoX7OnqbjHThpK79imsmAL7OkIkxjuFeKi144kMzKPcL
jHGxDlYzc0HR1NohPdy5ziokNihhdmpQ/orQV7DIXn/f5iAqAJt07PTgVQE9syIQ
MmsY90Ed4TTxRnhA1Z2KJwi4gKzV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:12 2025 by rpki-client