Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D02FBDD0CE4D11EFA5D8A687762E951A.roa
File: D02FBDD0CE4D11EFA5D8A687762E951A.roa (raw, json)
Hash identifier: bqsM8k/e6sLZfHBhksetJcPTS3qGsKVVF68izwL/5EQ=
Subject key identifier: 51:AC:B3:F9:2F:55:6C:39:77:C4:5C:9F:E6:05:71:6E:AC:1F:1A:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102CF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D02FBDD0CE4D11EFA5D8A687762E951A.roa
Signing time: Thu 09 Jan 2025 05:51:47 +0000
ROA not before: Thu 09 Jan 2025 05:51:43 +0000
ROA not after: Fri 09 Jan 2026 05:51:43 +0000
asID: 17561
IP address blocks: 156.238.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66255 (0x102cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 05:51:43 2025 GMT
Not After : Jan 9 05:51:43 2026 GMT
Subject: CN=677f63f3-f0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f2:d2:5e:8e:c4:50:7e:0a:49:bb:db:b7:fa:
f6:4e:7b:aa:2b:47:ca:38:d7:30:27:0a:6c:ab:96:
f7:13:3e:7c:3b:e9:c7:0a:9b:1c:c8:bd:d8:ad:70:
7e:56:99:df:3a:15:46:7c:9c:43:61:25:b1:3f:45:
c0:be:b2:08:15:ba:82:74:c2:61:2b:11:33:84:b3:
de:d5:88:be:59:bf:17:00:4e:bb:6b:24:ba:17:f0:
b2:84:97:01:0c:2a:a0:84:c8:32:39:7b:bc:46:bf:
84:dc:2c:08:dd:25:53:27:5b:2f:88:29:23:04:df:
13:0d:fd:8d:81:74:12:54:24:3a:39:59:ed:52:ce:
25:5d:a0:4a:70:ae:dd:8a:5b:d3:0d:52:74:84:c2:
bb:08:9a:65:84:a1:85:32:45:cd:1d:5d:65:7f:1a:
1f:b3:e1:73:53:22:bf:00:30:d5:88:3d:9f:d3:b4:
8b:d2:89:4b:61:91:f0:78:4f:90:bb:d9:0e:3f:d2:
4d:96:cd:59:b9:4e:01:2a:c3:52:7e:77:75:44:28:
c4:a7:ed:96:74:3b:0f:a8:00:3d:67:1c:33:25:9e:
67:b8:76:5f:52:b5:45:f5:ec:9e:dc:52:80:1c:a4:
91:12:e1:76:80:20:ac:08:6e:74:c8:41:46:ef:3d:
ab:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AC:B3:F9:2F:55:6C:39:77:C4:5C:9F:E6:05:71:6E:AC:1F:1A:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D02FBDD0CE4D11EFA5D8A687762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.59.0/24
Signature Algorithm: sha256WithRSAEncryption
22:bb:77:08:85:9f:49:32:8d:59:39:be:26:b1:07:42:2d:ac:
0e:90:b4:1e:13:e1:6f:f9:9d:e9:82:cf:33:a0:24:4b:6f:2d:
66:63:f0:01:8f:c2:0b:8c:e8:07:a2:3b:06:ec:d2:d3:6d:43:
9c:be:45:a6:80:65:2e:b6:5c:92:b7:93:5b:5d:8d:df:b4:fd:
97:07:ff:1a:0d:79:2c:41:24:90:b0:97:5d:1f:07:9b:ec:94:
e9:68:5b:18:c1:fd:f8:42:ad:f8:f9:18:9e:7d:25:63:cb:a7:
fc:f2:01:8d:d9:5b:50:dd:84:bb:57:8b:0a:d1:d6:1a:5a:71:
25:c1:61:93:78:cd:4b:32:a1:40:68:84:40:68:13:3e:e1:47:
65:0c:3c:48:c8:80:4d:33:db:32:fe:f9:16:f4:0a:cc:b3:21:
e8:0f:25:dd:e1:10:03:a0:88:8f:88:c9:24:7a:0e:54:c0:f5:
27:9e:69:39:68:87:f1:69:ab:62:c6:c9:fa:f5:50:88:38:a0:
22:6a:fc:42:54:c8:41:81:81:df:bb:cd:94:6d:ef:47:1c:38:
7e:ed:67:85:9e:bc:a1:b1:c7:da:61:a4:8d:3a:53:6f:04:cf:
51:e6:2d:1d:69:ec:b1:5f:f8:83:f3:20:9b:b3:56:ac:80:1a:
00:05:8d:8d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQLPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDU1MTQzWhcNMjYwMTA5MDU1MTQzWjAYMRYw
FAYDVQQDEw02NzdmNjNmMy1mMGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyPLSXo7EUH4KSbvbt/r2TnuqK0fKONcwJwpsq5b3Ez58O+nHCpscyL3Y
rXB+VpnfOhVGfJxDYSWxP0XAvrIIFbqCdMJhKxEzhLPe1Yi+Wb8XAE67ayS6F/Cy
hJcBDCqghMgyOXu8Rr+E3CwI3SVTJ1sviCkjBN8TDf2NgXQSVCQ6OVntUs4lXaBK
cK7dilvTDVJ0hMK7CJplhKGFMkXNHV1lfxofs+FzUyK/ADDViD2f07SL0olLYZHw
eE+Qu9kOP9JNls1ZuU4BKsNSfnd1RCjEp+2WdDsPqAA9ZxwzJZ5nuHZfUrVF9eye
3FKAHKSREuF2gCCsCG50yEFG7z2rEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFGs
s/kvVWw5d8Rcn+YFcW6sHxr+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDJGQkREMENFNEQxMUVGQTVEOEE2ODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO47MA0GCSqGSIb3DQEBCwUA
A4IBAQAiu3cIhZ9JMo1ZOb4msQdCLawOkLQeE+Fv+Z3pgs8zoCRLby1mY/ABj8IL
jOgHojsG7NLTbUOcvkWmgGUutlySt5NbXY3ftP2XB/8aDXksQSSQsJddHweb7JTp
aFsYwf34Qq34+RiefSVjy6f88gGN2VtQ3YS7V4sK0dYaWnElwWGTeM1LMqFAaIRA
aBM+4UdlDDxIyIBNM9sy/vkW9ArMsyHoDyXd4RADoIiPiMkkeg5UwPUnnmk5aIfx
aatixsn69VCIOKAiavxCVMhBgYHfu82Ube9HHDh+7WeFnryhscfaYaSNOlNvBM9R
5i0daeyxX/iD8yCbs1asgBoABY2N
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:06 2025 by rpki-client