Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC832E7ED2F711EFAEC45096762E951A.roa
File: DC832E7ED2F711EFAEC45096762E951A.roa (raw, json)
Hash identifier: fGc0hPvGZ5yWTjEc1eIUtAkpERELsa/djTbRu74bB5A=
Subject key identifier: 83:E3:21:7F:03:E4:C1:26:8E:B0:07:A2:DC:00:64:76:E3:9C:96:D0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107AF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC832E7ED2F711EFAEC45096762E951A.roa
Signing time: Wed 15 Jan 2025 04:19:07 +0000
ROA not before: Wed 15 Jan 2025 04:19:03 +0000
ROA not after: Mon 03 Jan 2028 04:19:03 +0000
asID: 17561
IP address blocks: 156.254.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67503 (0x107af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:19:03 2025 GMT
Not After : Jan 3 04:19:03 2028 GMT
Subject: CN=6787373b-7a08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:95:89:6a:46:8c:3f:e4:26:9b:52:7b:36:4d:
ae:dc:6c:55:86:e0:8b:c2:c3:99:df:b4:23:d9:b0:
fe:17:95:ca:ae:9b:c8:01:60:37:26:d6:46:5b:5e:
87:fa:9b:23:a0:3f:44:27:ca:b6:54:bf:eb:90:62:
a1:04:fd:63:aa:0d:8d:fd:e0:06:21:68:28:a5:41:
c1:60:6f:22:ab:2e:3c:ac:63:64:06:07:6d:d0:b2:
52:c3:28:cb:df:13:47:0c:ff:23:4e:db:0d:88:25:
69:09:d9:df:8e:9a:c2:e0:b7:ab:f0:38:f7:20:64:
43:77:99:bb:2a:2f:88:37:f7:75:45:15:4a:0f:12:
eb:0d:04:e6:ff:f9:6e:37:77:6e:07:0b:0f:cd:27:
25:cc:e3:ed:65:b2:45:6b:04:a0:0a:b1:da:bc:4e:
c3:66:2d:30:15:9b:22:39:99:8d:e0:0b:c9:b2:86:
45:f5:87:a6:82:1c:0c:6e:80:a6:d6:87:a8:ac:14:
7f:78:bf:97:93:c1:bb:df:0b:b0:60:7d:b4:c6:71:
b2:06:8a:93:44:9a:45:0d:f1:bb:ba:cc:68:aa:2f:
1a:9d:be:18:5c:f1:86:f5:8b:42:2a:c2:ff:c1:4d:
c8:18:3e:e1:a4:49:08:75:95:56:b9:83:3c:d9:0b:
11:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E3:21:7F:03:E4:C1:26:8E:B0:07:A2:DC:00:64:76:E3:9C:96:D0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC832E7ED2F711EFAEC45096762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.2.0/24
Signature Algorithm: sha256WithRSAEncryption
50:32:85:15:54:f9:e4:2e:75:61:bd:ff:ab:6e:0e:81:b3:44:
ad:96:b2:ff:07:7c:ce:94:7a:0c:40:0c:d5:a6:20:31:ea:60:
f9:86:a3:53:c1:dd:0d:85:b8:68:f3:37:22:35:db:02:77:c6:
4d:25:7f:06:fa:44:3b:34:7c:87:86:40:b0:dc:a7:16:01:66:
92:b3:b7:36:fe:8c:b3:4c:b7:e3:6a:c6:e9:95:35:34:a1:dc:
c8:e7:24:29:7c:90:61:a6:ea:e1:7b:be:66:e6:1a:69:98:d2:
62:33:97:b8:42:9a:a6:88:4b:d9:5d:48:4b:77:45:b8:55:33:
49:4d:63:d5:03:72:d6:0c:3c:91:e8:bd:1c:cc:90:d7:15:a7:
d0:98:39:6d:8b:3e:47:38:96:c7:95:45:db:82:4a:70:52:0f:
51:09:3f:da:b2:c8:a5:a1:16:e4:09:1c:28:20:32:9b:54:56:
4b:e4:d8:74:92:46:74:69:df:b0:a5:5c:c7:9d:c9:7a:e8:7e:
b2:14:a1:5f:44:9a:59:04:f4:18:f6:83:6c:ca:ba:67:c3:7c:
b2:29:b5:bf:07:eb:b1:e8:b7:38:ee:a6:ca:b0:e7:c2:f5:ae:
27:ae:18:39:2d:d0:9a:84:a7:af:e4:12:6f:45:bd:a2:88:08:
8b:59:e3:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQevMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQxOTAzWhcNMjgwMTAzMDQxOTAzWjAYMRYw
FAYDVQQDEw02Nzg3MzczYi03YTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqZWJakaMP+Qmm1J7Nk2u3GxVhuCLwsOZ37Qj2bD+F5XKrpvIAWA3JtZG
W16H+psjoD9EJ8q2VL/rkGKhBP1jqg2N/eAGIWgopUHBYG8iqy48rGNkBgdt0LJS
wyjL3xNHDP8jTtsNiCVpCdnfjprC4Ler8Dj3IGRDd5m7Ki+IN/d1RRVKDxLrDQTm
//luN3duBwsPzSclzOPtZbJFawSgCrHavE7DZi0wFZsiOZmN4AvJsoZF9YemghwM
boCm1oeorBR/eL+Xk8G73wuwYH20xnGyBoqTRJpFDfG7usxoqi8anb4YXPGG9YtC
KsL/wU3IGD7hpEkIdZVWuYM82QsRPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIPj
IX8D5MEmjrAHotwAZHbjnJbQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQzgzMkU3RUQyRjcxMUVGQUVDNDUwOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4CMA0GCSqGSIb3DQEBCwUA
A4IBAQBQMoUVVPnkLnVhvf+rbg6Bs0StlrL/B3zOlHoMQAzVpiAx6mD5hqNTwd0N
hbho8zciNdsCd8ZNJX8G+kQ7NHyHhkCw3KcWAWaSs7c2/oyzTLfjasbplTU0odzI
5yQpfJBhpurhe75m5hppmNJiM5e4QpqmiEvZXUhLd0W4VTNJTWPVA3LWDDyR6L0c
zJDXFafQmDltiz5HOJbHlUXbgkpwUg9RCT/assiloRbkCRwoIDKbVFZL5Nh0kkZ0
ad+wpVzHncl66H6yFKFfRJpZBPQY9oNsyrpnw3yyKbW/B+ux6Lc47qbKsOfC9a4n
rhg5LdCahKev5BJvRb2iiAiLWeP2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:23 2025 by rpki-client