Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA68C0E2D2F511EFBA36378B762E951A.roa
File: DA68C0E2D2F511EFBA36378B762E951A.roa (raw, json)
Hash identifier: 5mKRUK50uQheWAusbwI/8nyuZxSYRbPhIS6i6OwO8dA=
Subject key identifier: FE:7C:6D:59:46:1C:EA:C4:B7:DD:4E:79:76:4E:B8:73:EC:06:09:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107A1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA68C0E2D2F511EFBA36378B762E951A.roa
Signing time: Wed 15 Jan 2025 04:04:45 +0000
ROA not before: Wed 15 Jan 2025 04:04:41 +0000
ROA not after: Mon 03 Jan 2028 04:04:41 +0000
asID: 17561
IP address blocks: 156.252.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67489 (0x107a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:04:41 2025 GMT
Not After : Jan 3 04:04:41 2028 GMT
Subject: CN=678733dc-77d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:09:8b:dc:75:b6:f8:b4:d5:26:97:2b:5d:38:
f4:d6:90:b9:48:d9:ac:49:47:31:74:0a:5a:b8:49:
5f:ca:08:00:f6:df:4a:a6:87:c8:df:28:cc:bb:38:
51:cc:c3:2c:8d:4e:2b:a8:a8:79:6d:5a:d6:f2:1d:
83:94:df:7c:77:64:df:90:33:89:6b:68:f7:07:6b:
32:c5:a5:9f:fc:17:f8:d0:c4:6e:dd:b1:2b:c1:eb:
29:f6:08:d2:70:17:f5:6a:34:04:6d:df:e2:51:39:
cc:ae:30:9c:8d:70:e0:2b:d6:f1:5f:e2:52:42:19:
ee:32:47:b2:99:47:3c:17:cc:49:07:23:b0:07:0d:
91:25:f8:64:3f:44:d5:ea:3d:fc:61:aa:2b:7f:d2:
06:12:d6:3c:ac:d3:15:c5:cb:20:68:b6:a7:52:69:
5b:aa:6f:ce:93:a8:4d:ad:46:64:a6:c7:cd:9d:60:
82:59:d7:bc:ff:2a:b7:fa:59:32:da:8c:ae:43:08:
65:b0:91:17:fd:70:f4:d4:15:90:c9:73:c4:3f:7b:
91:38:d9:3a:7b:f6:45:40:d7:4c:64:2a:a0:28:75:
48:91:1a:fd:bd:7a:c8:67:c3:71:e9:81:85:54:cb:
e4:08:72:0d:05:ec:d8:29:2c:87:b9:dd:ce:5d:56:
44:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7C:6D:59:46:1C:EA:C4:B7:DD:4E:79:76:4E:B8:73:EC:06:09:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA68C0E2D2F511EFBA36378B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.6.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:d1:ba:d9:07:30:dd:ab:fb:b1:15:1b:52:5b:dc:a1:02:bc:
87:68:91:2e:ec:0a:c2:56:61:fd:4d:c0:eb:e3:06:b1:6b:f6:
ac:8b:2e:11:9a:d7:de:1c:b6:78:33:44:d8:d9:2b:5a:f1:e1:
b5:3e:3e:8a:b1:c8:cc:73:f6:e7:fe:f9:8d:0d:0f:52:86:28:
c3:bf:bf:e5:84:d3:06:7d:eb:f9:de:fb:73:7e:67:58:05:00:
b7:97:25:4a:4c:fb:ce:74:37:11:d3:7c:b5:e2:83:d2:00:64:
25:f6:3c:1a:97:cd:93:8b:ff:ed:a4:ae:86:92:8a:37:4b:90:
82:12:05:d4:8c:30:83:e2:db:ba:f1:5e:cb:41:25:b3:a1:05:
d2:18:00:ac:8a:fe:99:82:de:53:e7:dc:a9:22:d0:f5:b1:27:
c4:ce:2a:60:f8:2b:b7:54:c9:26:45:4d:5f:13:65:46:bd:e1:
84:d9:66:14:e0:54:a5:2d:6f:50:67:06:7a:2b:6c:f5:18:42:
d1:20:a1:85:d5:00:56:a9:d0:d8:a5:a2:f5:07:e3:b8:a0:b0:
be:68:89:0c:b0:83:7c:39:79:2b:7a:dc:c1:7e:e4:83:81:8e:
41:95:66:50:c0:37:5f:a1:68:f6:84:94:f4:74:28:35:09:bb:
1d:a7:96:28
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQehMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQwNDQxWhcNMjgwMTAzMDQwNDQxWjAYMRYw
FAYDVQQDEw02Nzg3MzNkYy03N2Q5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8AmL3HW2+LTVJpcrXTj01pC5SNmsSUcxdApauElfyggA9t9KpofI3yjM
uzhRzMMsjU4rqKh5bVrW8h2DlN98d2TfkDOJa2j3B2syxaWf/Bf40MRu3bErwesp
9gjScBf1ajQEbd/iUTnMrjCcjXDgK9bxX+JSQhnuMkeymUc8F8xJByOwBw2RJfhk
P0TV6j38Yaorf9IGEtY8rNMVxcsgaLanUmlbqm/Ok6hNrUZkpsfNnWCCWde8/yq3
+lky2oyuQwhlsJEX/XD01BWQyXPEP3uRONk6e/ZFQNdMZCqgKHVIkRr9vXrIZ8Nx
6YGFVMvkCHINBezYKSyHud3OXVZEewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP58
bVlGHOrEt91OeXZOuHPsBgmmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQTY4QzBFMkQyRjUxMUVGQkEzNjM3OEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwGMA0GCSqGSIb3DQEBCwUA
A4IBAQCu0brZBzDdq/uxFRtSW9yhAryHaJEu7ArCVmH9TcDr4waxa/asiy4Rmtfe
HLZ4M0TY2Sta8eG1Pj6KscjMc/bn/vmNDQ9ShijDv7/lhNMGfev53vtzfmdYBQC3
lyVKTPvOdDcR03y14oPSAGQl9jwal82Ti//tpK6Gkoo3S5CCEgXUjDCD4tu68V7L
QSWzoQXSGACsiv6Zgt5T59ypItD1sSfEzipg+Cu3VMkmRU1fE2VGveGE2WYU4FSl
LW9QZwZ6K2z1GELRIKGF1QBWqdDYpaL1B+O4oLC+aIkMsIN8OXkretzBfuSDgY5B
lWZQwDdfoWj2hJT0dCg1Cbsdp5Yo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:03 2025 by rpki-client