Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0EBFE64D30211EFA3322D5B762E951A.roa
File: D0EBFE64D30211EFA3322D5B762E951A.roa (raw, json)
Hash identifier: yufW2r++BGDlSodDz8J4+7+M+lFztsqQjSmEIk7CiM4=
Subject key identifier: C3:04:99:29:F7:24:50:11:27:32:4B:C6:7D:89:AD:A5:C8:CA:57:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107F9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0EBFE64D30211EFA3322D5B762E951A.roa
Signing time: Wed 15 Jan 2025 05:37:32 +0000
ROA not before: Wed 15 Jan 2025 05:37:28 +0000
ROA not after: Mon 03 Jan 2028 05:37:28 +0000
asID: 17561
IP address blocks: 156.254.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67577 (0x107f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 05:37:28 2025 GMT
Not After : Jan 3 05:37:28 2028 GMT
Subject: CN=6787499c-c506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:10:6b:18:d1:c1:4f:10:e7:89:db:8d:6f:40:
81:10:84:fc:a9:d3:64:c7:cf:93:3f:83:83:a8:fa:
1d:a2:ef:63:cc:3f:10:1b:3d:59:60:9f:8e:cd:c0:
fc:35:fe:76:7e:65:13:2e:83:18:42:63:e4:47:95:
7d:01:86:1a:37:24:0d:be:c0:ca:dc:d7:0f:6f:a3:
7c:e6:16:63:2f:15:41:e3:0c:61:88:fe:69:ff:22:
f0:eb:1c:40:f1:f8:3a:54:87:cd:4a:9a:78:3f:31:
20:f2:ee:86:40:57:f3:95:f7:02:ce:9f:9b:e2:ec:
45:86:e4:8a:54:ce:69:a1:93:74:18:f9:06:94:a5:
fd:47:20:85:30:a9:f3:25:d4:17:74:9e:0f:3d:89:
a1:7a:73:1d:c2:e0:0d:46:15:02:c5:74:02:3b:73:
7f:96:f1:03:12:20:e8:09:d8:01:6c:86:73:32:be:
b9:45:63:f9:54:64:53:b2:6d:01:38:25:ab:8e:56:
a4:07:ed:0c:e4:f0:0d:e5:be:c4:59:cf:81:bc:ea:
3a:79:86:ed:e2:f5:35:9f:41:70:0c:d1:0d:2a:3b:
67:c1:d7:f8:8a:9d:cc:24:bc:a0:6d:47:ca:5e:a0:
28:20:86:1c:ad:2d:95:82:ff:bf:00:39:46:80:b9:
0a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:04:99:29:F7:24:50:11:27:32:4B:C6:7D:89:AD:A5:C8:CA:57:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D0EBFE64D30211EFA3322D5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.39.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:0e:4a:e6:1e:f0:ee:c5:a9:b2:0f:89:64:9a:02:83:d5:11:
7d:9f:ef:6c:0b:65:b5:e8:53:fa:6d:6d:0d:f9:af:58:54:90:
f4:9d:01:3e:36:30:34:a7:46:fa:bf:69:ec:2d:a2:15:2a:a8:
39:a2:4b:03:3c:f7:ad:a8:42:7e:6a:8d:27:92:7d:c6:ac:1e:
16:8e:8a:1a:ed:6e:c6:25:8b:16:4a:a1:f8:aa:27:17:c9:1f:
2f:ea:94:6f:f6:63:62:66:79:f6:f0:90:52:6c:9d:ae:61:ee:
32:a2:71:0e:d3:8b:cf:f4:b0:bc:a6:6e:1d:31:47:4d:ce:65:
2f:1c:0d:da:4e:ea:74:f3:9d:0e:06:93:2c:8f:00:17:9f:db:
4a:ec:c9:0b:e4:d6:9d:b5:b6:89:c0:f8:46:35:ca:5e:be:99:
42:fa:33:47:35:37:cd:b3:0b:98:05:82:6f:89:02:dc:18:99:
17:93:06:54:f6:26:a4:78:01:95:60:5b:78:6b:b9:ff:67:fa:
21:bf:ca:ce:03:d9:37:3e:fc:80:81:53:8f:8b:9a:0a:a8:56:
d3:ce:e4:e3:84:a3:54:c1:73:e3:fd:26:33:01:05:f7:18:0c:
70:5a:a5:15:23:8c:4c:78:c0:d1:6f:0c:2a:52:f0:42:47:96:
fa:7b:8b:01
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQf5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDUzNzI4WhcNMjgwMTAzMDUzNzI4WjAYMRYw
FAYDVQQDEw02Nzg3NDk5Yy1jNTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzRBrGNHBTxDniduNb0CBEIT8qdNkx8+TP4ODqPodou9jzD8QGz1ZYJ+O
zcD8Nf52fmUTLoMYQmPkR5V9AYYaNyQNvsDK3NcPb6N85hZjLxVB4wxhiP5p/yLw
6xxA8fg6VIfNSpp4PzEg8u6GQFfzlfcCzp+b4uxFhuSKVM5poZN0GPkGlKX9RyCF
MKnzJdQXdJ4PPYmhenMdwuANRhUCxXQCO3N/lvEDEiDoCdgBbIZzMr65RWP5VGRT
sm0BOCWrjlakB+0M5PAN5b7EWc+BvOo6eYbt4vU1n0FwDNENKjtnwdf4ip3MJLyg
bUfKXqAoIIYcrS2Vgv+/ADlGgLkKOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMME
mSn3JFARJzJLxn2JraXIylcUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMEVCRkU2NEQzMDIxMUVGQTMzMjJENUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4nMA0GCSqGSIb3DQEBCwUA
A4IBAQCODkrmHvDuxamyD4lkmgKD1RF9n+9sC2W16FP6bW0N+a9YVJD0nQE+NjA0
p0b6v2nsLaIVKqg5oksDPPetqEJ+ao0nkn3GrB4Wjooa7W7GJYsWSqH4qicXyR8v
6pRv9mNiZnn28JBSbJ2uYe4yonEO04vP9LC8pm4dMUdNzmUvHA3aTup0850OBpMs
jwAXn9tK7MkL5NadtbaJwPhGNcpevplC+jNHNTfNswuYBYJviQLcGJkXkwZU9iak
eAGVYFt4a7n/Z/ohv8rOA9k3PvyAgVOPi5oKqFbTzuTjhKNUwXPj/SYzAQX3GAxw
WqUVI4xMeMDRbwwqUvBCR5b6e4sB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:26 2025 by rpki-client