Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0669F3ACDC611EFAFEA62A4762E951A.roa
File: D0669F3ACDC611EFAFEA62A4762E951A.roa (raw, json)
Hash identifier: EJaejfce8ighBufnAf2n4/V7El9HIfmF8tizUBwsbzc=
Subject key identifier: A8:4E:4A:60:68:4D:5A:4B:32:36:27:B3:0C:98:AA:3C:00:AE:66:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101A1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0669F3ACDC611EFAFEA62A4762E951A.roa
Signing time: Wed 08 Jan 2025 13:45:25 +0000
ROA not before: Wed 08 Jan 2025 13:45:22 +0000
ROA not after: Thu 16 Dec 2027 13:45:22 +0000
asID: 17561
IP address blocks: 156.249.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65953 (0x101a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 13:45:22 2025 GMT
Not After : Dec 16 13:45:22 2027 GMT
Subject: CN=677e8175-eabf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d5:47:b7:35:80:15:0e:ab:fc:71:1c:11:d3:
c5:b0:11:24:09:a9:47:14:ca:68:af:88:e0:e6:38:
9c:ca:2f:6f:69:39:d4:c8:98:e9:d8:87:87:ff:d1:
35:d0:98:7d:c3:c3:60:81:79:07:45:80:ac:1e:14:
78:a6:17:e9:45:9b:e1:d3:60:80:02:c3:33:e2:c4:
c0:32:de:bb:45:e4:c2:4a:d3:4a:3a:26:48:95:22:
b3:98:9e:cd:6d:63:a3:25:a0:2d:00:10:bb:62:c1:
27:c3:f2:ea:54:42:06:cd:1e:b0:0d:2d:7e:f7:d7:
6a:22:a3:7d:99:84:a8:25:17:37:cc:e2:e5:cd:80:
a9:ae:67:64:9a:bf:e7:92:d8:ad:f5:2b:1a:20:c0:
a2:c4:73:aa:d9:3f:70:cc:44:ce:ff:31:d0:ae:c1:
b9:ce:47:77:a8:47:45:3c:dc:9e:4b:79:a5:b7:e6:
5a:a1:df:0b:50:a1:b1:a7:f2:9f:75:e8:b1:30:5d:
44:56:94:57:59:a0:09:95:99:17:42:a5:2f:28:2d:
b0:05:b6:6a:da:ab:86:d7:e9:3b:6d:06:94:23:b7:
2f:5a:37:1e:5b:85:b7:d4:3a:be:02:b7:13:7c:ab:
c1:c4:04:fc:08:eb:bf:ef:68:0a:be:4a:6e:5f:b1:
4a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4E:4A:60:68:4D:5A:4B:32:36:27:B3:0C:98:AA:3C:00:AE:66:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0669F3ACDC611EFAFEA62A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.19.0/24
Signature Algorithm: sha256WithRSAEncryption
07:b5:1d:cb:63:99:e7:0f:ac:2d:13:48:5b:04:b4:bd:d2:48:
3c:c0:d6:16:0e:81:38:7b:d9:67:3a:2b:59:f6:2b:b0:ea:9b:
b2:93:3d:7c:b2:70:ba:b5:25:51:67:98:71:16:e8:a0:1c:5a:
14:8c:c9:47:f3:b3:5b:3e:a2:d2:e1:50:3c:ec:bc:e3:a3:67:
a7:b0:5f:8d:31:ae:6b:c5:80:cb:2f:a9:b2:10:1d:11:1b:ac:
92:fc:9b:a6:a5:cb:73:bb:84:1c:31:83:3d:c9:7a:ea:fa:d8:
6a:e3:e8:fd:95:9e:f5:07:bf:c9:2a:6f:f6:d3:7c:20:15:07:
54:85:f8:b9:0f:90:0c:62:9b:92:37:fc:52:d7:32:cc:04:99:
3f:e8:13:e4:90:da:57:36:5f:cc:b4:c5:ae:dc:40:c4:e5:48:
35:c2:9f:9d:f5:e9:bd:15:46:28:37:3e:8f:83:09:d2:69:89:
6b:10:da:cf:cd:da:13:6d:53:01:3f:2d:85:c5:5f:6f:2c:f3:
ab:c0:bc:ef:fa:f1:88:54:9b:ef:f2:ef:78:a4:c3:9f:3d:2a:
d2:1b:66:f7:e7:cd:57:ec:b6:2d:fc:2a:6f:7a:9b:fa:cd:14:
fa:57:f5:20:44:f1:65:cf:b1:aa:33:4d:78:82:06:12:0d:b7:
33:36:75:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQGhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTM0NTIyWhcNMjcxMjE2MTM0NTIyWjAYMRYw
FAYDVQQDEw02NzdlODE3NS1lYWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzdVHtzWAFQ6r/HEcEdPFsBEkCalHFMpor4jg5jicyi9vaTnUyJjp2IeH
/9E10Jh9w8NggXkHRYCsHhR4phfpRZvh02CAAsMz4sTAMt67ReTCStNKOiZIlSKz
mJ7NbWOjJaAtABC7YsEnw/LqVEIGzR6wDS1+99dqIqN9mYSoJRc3zOLlzYCprmdk
mr/nktit9SsaIMCixHOq2T9wzETO/zHQrsG5zkd3qEdFPNyeS3mlt+Zaod8LUKGx
p/KfdeixMF1EVpRXWaAJlZkXQqUvKC2wBbZq2quG1+k7bQaUI7cvWjceW4W31Dq+
ArcTfKvBxAT8COu/72gKvkpuX7FKMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKhO
SmBoTVpLMjYnswyYqjwArmaTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDY2OUYzQUNEQzYxMUVGQUZFQTYyQTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPkTMA0GCSqGSIb3DQEBCwUA
A4IBAQAHtR3LY5nnD6wtE0hbBLS90kg8wNYWDoE4e9lnOitZ9iuw6puykz18snC6
tSVRZ5hxFuigHFoUjMlH87NbPqLS4VA87Lzjo2ensF+NMa5rxYDLL6myEB0RG6yS
/Jumpctzu4QcMYM9yXrq+thq4+j9lZ71B7/JKm/203wgFQdUhfi5D5AMYpuSN/xS
1zLMBJk/6BPkkNpXNl/MtMWu3EDE5Ug1wp+d9em9FUYoNz6PgwnSaYlrENrPzdoT
bVMBPy2FxV9vLPOrwLzv+vGIVJvv8u94pMOfPSrSG2b3581X7LYt/Cpvepv6zRT6
V/UgRPFlz7GqM014ggYSDbczNnXO
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:34 2025 by rpki-client