Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB7BA8F4D17F11EFAAC04DBF762E951A.roa
File: DB7BA8F4D17F11EFAAC04DBF762E951A.roa (raw, json)
Hash identifier: 16d0FXK2gApHefdXQ+fr7p9ESiOga7/kA3QGXQ4+P9c=
Subject key identifier: B3:54:05:2A:E4:C2:B3:8E:5D:68:31:3B:93:77:17:32:12:B9:97:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010696
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB7BA8F4D17F11EFAAC04DBF762E951A.roa
Signing time: Mon 13 Jan 2025 07:27:35 +0000
ROA not before: Mon 13 Jan 2025 07:27:31 +0000
ROA not after: Thu 20 Feb 2025 07:27:31 +0000
asID: 213993
IP address blocks: 156.253.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67222 (0x10696)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 07:27:31 2025 GMT
Not After : Feb 20 07:27:31 2025 GMT
Subject: CN=6784c066-28f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3e:08:13:c6:58:7c:8a:1f:99:c9:1b:8e:9c:
9c:48:6a:d2:ff:8b:a3:39:78:65:9b:48:2b:fe:c0:
ed:67:96:7e:4c:2e:f6:fb:c8:89:f3:90:e5:6c:7f:
b5:c4:7e:9b:1a:69:e6:5b:b2:93:6b:bb:f7:95:43:
60:5c:fb:72:8c:21:24:b8:8a:d0:be:78:45:0f:8b:
63:be:b1:b5:fa:98:56:26:df:c9:f9:7a:2a:3a:bc:
ee:52:43:54:cb:31:5f:31:a6:5a:ce:66:6e:61:41:
30:8c:4e:83:4b:56:dd:d1:b2:5e:42:e1:a9:c3:cb:
01:3c:1f:1f:f3:c3:84:43:61:8f:9b:12:bb:23:5a:
b4:71:0f:c0:6a:be:4e:0f:b0:b9:e3:ad:26:be:99:
c7:8f:ef:3b:66:93:17:3b:d0:10:e4:f6:f0:3d:5b:
78:ef:e0:1c:e8:27:80:67:1a:4e:5f:69:62:9d:2f:
18:e2:76:c6:b2:45:3a:06:09:2e:9e:2e:49:f8:03:
99:8a:13:09:76:95:91:0f:8b:7a:29:38:db:c7:c6:
15:63:e7:b6:a4:f7:d8:90:66:d2:92:88:98:28:b4:
26:f7:cc:e1:38:a3:dc:58:39:48:95:fa:d5:74:15:
90:b9:cf:b7:9a:63:93:25:5d:f6:cc:9a:75:d0:e4:
88:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:54:05:2A:E4:C2:B3:8E:5D:68:31:3B:93:77:17:32:12:B9:97:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB7BA8F4D17F11EFAAC04DBF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.234.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:5a:a8:d6:7d:73:74:94:23:8e:ea:a7:68:7c:02:fb:c1:0f:
33:a0:6c:e2:60:e4:32:5c:98:64:0a:b6:81:db:da:47:94:cb:
2e:62:94:e9:45:79:48:0f:92:5c:42:d9:df:d0:ec:fb:1b:ac:
da:d6:9d:17:1e:9a:e1:f9:42:77:b3:c3:6a:bd:88:ba:6f:8a:
76:8d:59:e6:4a:f2:48:98:58:99:fe:7c:62:fe:56:1e:51:1c:
c1:45:dc:d0:6d:17:98:5a:ca:34:d4:2d:35:ea:3b:d1:2b:a7:
4d:5b:b0:fd:ce:08:62:79:d1:75:e6:2b:83:20:1a:ce:84:01:
1b:03:7d:4e:d9:3d:0c:2e:a7:1d:4b:fd:fb:b1:e8:a9:cd:71:
53:24:34:69:0f:74:17:2a:ef:c2:79:22:52:d5:68:6a:f4:27:
97:3a:8f:58:57:86:0f:39:dd:03:84:3c:eb:ed:b4:60:e9:26:
56:c1:c8:f5:22:f5:5c:0f:68:6a:02:ac:bb:29:e0:af:bf:41:
07:71:d5:e2:8a:b6:32:ba:38:81:6b:fd:e9:5c:7d:92:ea:29:
50:30:2e:01:3f:6c:5a:4f:81:fa:79:ff:2a:b7:46:82:51:9d:
3f:1f:a2:8c:4f:b8:48:19:d3:43:fc:e0:0a:63:4a:bc:0c:60:
df:9a:c4:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQaWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDcyNzMxWhcNMjUwMjIwMDcyNzMxWjAYMRYw
FAYDVQQDEw02Nzg0YzA2Ni0yOGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmz4IE8ZYfIofmckbjpycSGrS/4ujOXhlm0gr/sDtZ5Z+TC72+8iJ85Dl
bH+1xH6bGmnmW7KTa7v3lUNgXPtyjCEkuIrQvnhFD4tjvrG1+phWJt/J+XoqOrzu
UkNUyzFfMaZazmZuYUEwjE6DS1bd0bJeQuGpw8sBPB8f88OEQ2GPmxK7I1q0cQ/A
ar5OD7C5460mvpnHj+87ZpMXO9AQ5PbwPVt47+Ac6CeAZxpOX2linS8Y4nbGskU6
Bgkuni5J+AOZihMJdpWRD4t6KTjbx8YVY+e2pPfYkGbSkoiYKLQm98zhOKPcWDlI
lfrVdBWQuc+3mmOTJV32zJp10OSIoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLNU
BSrkwrOOXWgxO5N3FzISuZdHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQjdCQThGNEQxN0YxMUVGQUFDMDREQkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP3qMA0GCSqGSIb3DQEBCwUA
A4IBAQAfWqjWfXN0lCOO6qdofAL7wQ8zoGziYOQyXJhkCraB29pHlMsuYpTpRXlI
D5JcQtnf0Oz7G6za1p0XHprh+UJ3s8NqvYi6b4p2jVnmSvJImFiZ/nxi/lYeURzB
RdzQbReYWso01C016jvRK6dNW7D9zghiedF15iuDIBrOhAEbA31O2T0MLqcdS/37
seipzXFTJDRpD3QXKu/CeSJS1Whq9CeXOo9YV4YPOd0DhDzr7bRg6SZWwcj1IvVc
D2hqAqy7KeCvv0EHcdXiirYyujiBa/3pXH2S6ilQMC4BP2xaT4H6ef8qt0aCUZ0/
H6KMT7hIGdND/OAKY0q8DGDfmsSp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:00 2025 by rpki-client