Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBD1C0B4C94A11EF809A5F93762E951A.roa
File: DBD1C0B4C94A11EF809A5F93762E951A.roa (raw, json)
Hash identifier: Jn1B8YnuLEN4no0FFzkyCC1D4QVwAGPL4nrR9UMlrY4=
Subject key identifier: 59:9D:13:1D:4E:6A:23:BA:4C:26:3F:20:93:2A:DD:49:77:98:06:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F38C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBD1C0B4C94A11EF809A5F93762E951A.roa
Signing time: Thu 02 Jan 2025 20:48:02 +0000
ROA not before: Thu 02 Jan 2025 20:47:59 +0000
ROA not after: Mon 13 Dec 2027 20:47:59 +0000
asID: 17561
IP address blocks: 156.225.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62348 (0xf38c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:47:59 2025 GMT
Not After : Dec 13 20:47:59 2027 GMT
Subject: CN=6776fb82-70cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:91:c6:80:31:9d:42:99:9b:5a:93:3f:63:58:
1f:fd:0b:f7:ba:87:42:63:35:9d:9a:83:cc:da:20:
77:0a:5a:b6:a7:27:19:81:af:bb:0b:34:6b:6d:d1:
9c:84:23:6d:c9:c0:f2:d0:6e:26:1e:18:16:94:0c:
b1:fa:1b:0b:71:c7:f0:34:3c:e3:4a:fa:c7:52:ab:
35:1d:98:65:44:6f:3c:90:70:a8:a0:9b:8e:b4:73:
81:de:34:65:72:fc:f8:af:f7:b1:4c:2f:cb:b6:25:
7b:09:ec:00:38:eb:fc:01:93:de:a3:fc:e8:b6:0c:
6b:cc:d7:a3:bd:af:68:2f:b4:40:28:9f:93:87:25:
06:e6:35:d1:cc:2b:17:3b:dc:a1:a4:87:82:85:fa:
ab:b1:d8:01:0a:77:06:f8:21:5d:37:dd:b1:fa:9a:
84:1e:0a:9d:b1:6c:47:10:db:eb:44:37:56:5b:7e:
bc:1b:09:94:4f:57:d8:33:7c:ac:58:f8:91:51:96:
c1:b1:2e:34:58:21:5e:0c:d8:a2:f9:2a:8b:8a:63:
14:81:b4:7e:3e:1e:45:3c:6a:17:8d:39:6b:a8:04:
b7:df:af:b2:6d:c4:fb:65:33:4e:b7:66:73:30:e9:
b1:49:46:ef:97:aa:14:40:4b:38:f6:27:77:e0:5c:
9a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9D:13:1D:4E:6A:23:BA:4C:26:3F:20:93:2A:DD:49:77:98:06:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBD1C0B4C94A11EF809A5F93762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.129.0/24
Signature Algorithm: sha256WithRSAEncryption
31:c7:e3:1f:1f:b6:33:33:4f:87:67:87:42:d9:64:e3:ce:61:
c8:cc:7f:67:23:49:5b:63:e3:d6:b4:26:27:06:25:fa:19:15:
14:68:e2:d7:ce:53:9a:b9:58:66:3d:c6:6b:69:da:1d:21:5c:
3e:16:7a:ce:9f:f6:64:d3:3b:e4:fb:64:93:eb:29:58:b7:fb:
1e:4c:56:a0:ee:70:b3:f0:2d:71:f6:21:a0:d5:ae:d0:ce:23:
35:f2:a9:4d:bf:ef:b3:b3:30:ec:62:9a:4b:fe:4d:77:c5:e7:
52:0d:21:1c:42:a0:6e:f5:c6:7a:31:9a:52:f8:35:df:41:53:
d3:3a:ac:bd:ee:b0:13:6c:72:dd:2a:03:7b:fc:aa:66:03:46:
5b:0a:c9:2a:66:cd:a2:dd:d3:6c:02:a9:30:fa:ac:ea:8f:7a:
4e:58:29:43:5a:1f:79:a5:e0:cb:9e:4b:36:d9:d2:98:61:f1:
9c:4a:ea:ed:d5:a2:f8:c7:ba:d1:12:5c:57:f1:66:4f:61:cf:
04:66:5a:32:c7:74:c8:12:5a:a8:80:18:39:c7:f1:47:35:3b:
02:6f:e5:27:c5:cc:a0:c8:9a:71:6d:ef:c8:26:a3:4d:cb:84:
15:11:1a:3c:f2:b1:22:b9:6e:98:4b:fe:2a:c6:e5:aa:ec:6a:
fb:bd:35:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPOMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjA0NzU5WhcNMjcxMjEzMjA0NzU5WjAYMRYw
FAYDVQQDEw02Nzc2ZmI4Mi03MGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu5HGgDGdQpmbWpM/Y1gf/Qv3uodCYzWdmoPM2iB3Clq2pycZga+7CzRr
bdGchCNtycDy0G4mHhgWlAyx+hsLccfwNDzjSvrHUqs1HZhlRG88kHCooJuOtHOB
3jRlcvz4r/exTC/LtiV7CewAOOv8AZPeo/zotgxrzNejva9oL7RAKJ+ThyUG5jXR
zCsXO9yhpIeChfqrsdgBCncG+CFdN92x+pqEHgqdsWxHENvrRDdWW368GwmUT1fY
M3ysWPiRUZbBsS40WCFeDNii+SqLimMUgbR+Ph5FPGoXjTlrqAS336+ybcT7ZTNO
t2ZzMOmxSUbvl6oUQEs49id34FyauQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFmd
Ex1OaiO6TCY/IJMq3Ul3mAZdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQkQxQzBCNEM5NEExMUVGODA5QTVGOTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOGBMA0GCSqGSIb3DQEBCwUA
A4IBAQAxx+MfH7YzM0+HZ4dC2WTjzmHIzH9nI0lbY+PWtCYnBiX6GRUUaOLXzlOa
uVhmPcZradodIVw+FnrOn/Zk0zvk+2ST6ylYt/seTFag7nCz8C1x9iGg1a7QziM1
8qlNv++zszDsYppL/k13xedSDSEcQqBu9cZ6MZpS+DXfQVPTOqy97rATbHLdKgN7
/KpmA0ZbCskqZs2i3dNsAqkw+qzqj3pOWClDWh95peDLnks22dKYYfGcSurt1aL4
x7rRElxX8WZPYc8EZloyx3TIElqogBg5x/FHNTsCb+UnxcygyJpxbe/IJqNNy4QV
ERo88rEiuW6YS/4qxuWq7Gr7vTXn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:54 2025 by rpki-client