Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D29AEF7ECD8311EFBAF6E07D762E951A.roa
File: D29AEF7ECD8311EFBAF6E07D762E951A.roa (raw, json)
Hash identifier: yGQ+NJZv4Iq5lYCrlOb9ftDahPVAZqYhVu0atqcw8xU=
Subject key identifier: 38:62:AA:20:A9:FB:E8:12:99:07:68:EF:EC:B8:85:F6:88:1D:73:28
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010019
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D29AEF7ECD8311EFBAF6E07D762E951A.roa
Signing time: Wed 08 Jan 2025 05:45:53 +0000
ROA not before: Wed 08 Jan 2025 05:45:48 +0000
ROA not after: Mon 13 Dec 2027 05:45:48 +0000
asID: 17561
IP address blocks: 156.252.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65561 (0x10019)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:45:48 2025 GMT
Not After : Dec 13 05:45:48 2027 GMT
Subject: CN=677e1111-eb92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:eb:e0:14:05:33:a4:ad:65:5f:97:2c:e4:8f:
ed:12:9b:8e:5d:f8:fb:1f:b0:ac:c3:ae:06:17:07:
2e:0c:14:bb:62:69:86:c1:06:38:7a:98:28:c0:25:
20:d3:56:dd:dd:1a:4b:f6:ef:37:84:33:8c:df:7f:
28:65:b4:4d:e1:7a:a2:dc:8f:93:00:39:1d:04:60:
1d:6a:5e:00:42:d3:7e:cd:3b:91:92:9f:99:2d:0c:
65:79:2e:c7:4a:e9:0b:0c:cb:9a:34:af:47:51:0e:
ea:75:87:98:c1:71:26:6c:64:eb:93:94:bf:f7:c9:
e1:de:28:0e:9a:17:c7:24:bc:5b:71:fc:53:4a:26:
00:67:72:c7:93:b2:81:bd:20:48:d5:80:9b:9a:6e:
b5:08:86:27:10:b3:65:80:95:97:9e:4f:3f:b2:10:
6a:2d:ca:e8:8c:3a:6a:0b:e0:74:2c:f4:94:c5:78:
ba:4b:dc:0e:73:e9:26:c0:79:59:b9:13:35:96:4e:
02:81:61:f0:4b:59:b0:a2:b5:53:7b:b3:ff:da:55:
09:51:cd:5d:c0:e6:e8:72:c6:38:93:99:07:46:5b:
ea:63:a9:e2:4f:45:97:e8:45:33:65:c1:9f:1f:c1:
25:fa:89:bd:75:01:53:d8:95:32:d1:a0:ee:6b:51:
10:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:62:AA:20:A9:FB:E8:12:99:07:68:EF:EC:B8:85:F6:88:1D:73:28
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D29AEF7ECD8311EFBAF6E07D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.24.0/24
Signature Algorithm: sha256WithRSAEncryption
71:fc:a4:62:68:64:d8:bd:59:5b:51:61:29:d0:b6:8c:a3:2c:
fb:2e:9f:cd:4c:63:f4:b8:3b:48:f9:3d:e3:e3:3e:07:65:c1:
cd:72:50:80:fe:09:0d:08:3f:d6:33:7d:01:30:53:99:d8:3e:
98:ec:ec:44:42:d7:b6:7c:e9:01:eb:dc:dc:0d:bf:21:cc:cb:
79:a4:38:94:4d:97:a2:fd:ba:a1:ab:7f:16:59:11:34:a7:c5:
e5:06:04:bf:61:50:af:b1:07:96:dc:b7:06:7d:6e:6e:dc:b4:
fa:7a:16:f2:4a:82:44:a5:ed:17:78:ac:13:7c:c9:7c:bc:86:
26:25:1a:ae:e6:ab:7e:d0:22:55:6d:6b:3c:66:ee:5b:15:f3:
1e:13:38:61:eb:1f:17:24:ba:ef:dd:34:a8:94:ba:96:ac:04:
78:d1:94:d0:d0:90:9d:e8:41:94:3d:96:bd:fd:e2:05:2d:1f:
6a:8f:12:c4:8b:4f:03:5a:ff:74:4f:a4:aa:bf:de:4b:da:38:
71:63:35:f5:5d:ec:92:43:f5:4f:99:a3:3c:f6:9a:1a:02:7b:
00:9e:d4:aa:86:ea:01:a6:ac:28:40:1e:52:52:13:16:f1:f5:
82:25:44:66:1a:db:a4:dc:19:ce:24:ab:14:a6:ea:9a:fb:0c:
91:fc:60:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQAZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDU0NTQ4WhcNMjcxMjEzMDU0NTQ4WjAYMRYw
FAYDVQQDEw02NzdlMTExMS1lYjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqOvgFAUzpK1lX5cs5I/tEpuOXfj7H7Csw64GFwcuDBS7YmmGwQY4epgo
wCUg01bd3RpL9u83hDOM338oZbRN4Xqi3I+TADkdBGAdal4AQtN+zTuRkp+ZLQxl
eS7HSukLDMuaNK9HUQ7qdYeYwXEmbGTrk5S/98nh3igOmhfHJLxbcfxTSiYAZ3LH
k7KBvSBI1YCbmm61CIYnELNlgJWXnk8/shBqLcrojDpqC+B0LPSUxXi6S9wOc+km
wHlZuRM1lk4CgWHwS1mworVTe7P/2lUJUc1dwObocsY4k5kHRlvqY6niT0WX6EUz
ZcGfH8El+om9dQFT2JUy0aDua1EQmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDhi
qiCp++gSmQdo7+y4hfaIHXMoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMjlBRUY3RUNEODMxMUVGQkFGNkUwN0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwYMA0GCSqGSIb3DQEBCwUA
A4IBAQBx/KRiaGTYvVlbUWEp0LaMoyz7Lp/NTGP0uDtI+T3j4z4HZcHNclCA/gkN
CD/WM30BMFOZ2D6Y7OxEQte2fOkB69zcDb8hzMt5pDiUTZei/bqhq38WWRE0p8Xl
BgS/YVCvsQeW3LcGfW5u3LT6ehbySoJEpe0XeKwTfMl8vIYmJRqu5qt+0CJVbWs8
Zu5bFfMeEzhh6x8XJLrv3TSolLqWrAR40ZTQ0JCd6EGUPZa9/eIFLR9qjxLEi08D
Wv90T6Sqv95L2jhxYzX1XeySQ/VPmaM89poaAnsAntSqhuoBpqwoQB5SUhMW8fWC
JURmGtuk3BnOJKsUpuqa+wyR/GBV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:34 2025 by rpki-client