Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDE47A34CC9411EFBB3B2C72762E951A.roa
File: DDE47A34CC9411EFBB3B2C72762E951A.roa (raw, json)
Hash identifier: fiQ+rG9WX/cQKKDBLrZ2A9scU0evfj6HGuAcbVM2XfU=
Subject key identifier: 8C:53:76:C6:BD:3B:E8:36:83:CD:DC:67:75:2A:45:D0:90:4F:DA:02
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F92C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDE47A34CC9411EFBB3B2C72762E951A.roa
Signing time: Tue 07 Jan 2025 01:15:22 +0000
ROA not before: Tue 07 Jan 2025 01:15:18 +0000
ROA not after: Mon 13 Dec 2027 01:15:18 +0000
asID: 17561
IP address blocks: 156.227.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63788 (0xf92c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 01:15:18 2025 GMT
Not After : Dec 13 01:15:18 2027 GMT
Subject: CN=677c802a-3300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ac:71:d3:58:f1:d5:65:34:21:2f:ec:2c:e8:
c3:68:0f:53:b2:52:25:6c:e8:c9:ff:32:6c:11:88:
d9:2d:02:04:67:93:05:d7:62:d6:ec:ff:f2:01:c6:
ce:4e:e5:0f:8c:e6:81:9f:db:bb:80:fe:54:d7:51:
20:83:4f:cd:23:e9:a5:8e:c6:ad:ad:7c:c7:59:b0:
82:37:e2:c6:41:1e:9f:ab:a3:df:00:70:9b:27:84:
ce:76:47:6c:f6:3b:d5:82:aa:08:15:16:bf:b4:78:
9c:5e:f8:09:4f:7c:17:79:b1:8a:71:03:b6:b5:a5:
64:52:27:86:76:15:c1:b9:91:c7:ee:d9:ad:04:1c:
3f:85:f7:b0:35:02:c2:36:f4:ab:06:17:22:07:17:
f4:c7:35:06:23:c1:d2:44:b3:95:45:8e:ee:7e:1a:
30:ad:c5:97:64:50:86:44:fc:40:ad:59:89:90:90:
2b:fa:62:d6:a0:17:a9:69:73:cc:d4:c1:8a:7c:d6:
e6:a1:71:66:c0:42:ba:78:3c:5b:50:2d:7a:08:b8:
1f:57:7c:11:4a:78:fd:81:64:e0:2d:32:90:e3:ff:
57:58:0d:b2:97:7c:a4:f0:5e:a7:53:0e:f1:44:95:
e0:78:24:4f:ea:0a:6e:89:da:74:db:90:57:34:3f:
c2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:53:76:C6:BD:3B:E8:36:83:CD:DC:67:75:2A:45:D0:90:4F:DA:02
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDE47A34CC9411EFBB3B2C72762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.75.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:cf:de:35:1d:88:ad:80:fa:8a:86:a1:5a:96:b2:bf:86:94:
a7:1b:69:83:60:af:41:b8:da:ed:10:37:fd:5b:43:55:b4:7f:
83:33:94:0f:58:e3:39:45:60:4e:dc:94:ee:e0:fc:02:3c:4d:
45:13:4e:0b:4a:d1:5d:ef:99:aa:1d:05:74:20:49:d0:91:a4:
20:35:2c:8d:d0:f1:f7:ea:a5:2c:69:59:dd:7d:06:da:57:17:
44:cb:0c:77:8a:3f:cd:f1:f1:94:15:47:2e:25:1c:8a:82:6a:
9f:2b:50:4d:4b:65:95:95:df:60:3b:a6:58:fc:c1:a1:ca:8c:
88:f2:2a:9d:6e:4e:e8:04:a2:39:00:68:63:ce:d2:9d:01:b0:
95:a1:20:b5:d3:e6:4f:27:84:48:ec:14:74:4d:89:e9:93:d3:
9e:cf:9a:03:2b:3a:b2:03:91:1a:35:6f:45:a9:bb:b7:8d:e9:
c2:e1:fe:9b:f3:e5:8b:cf:1a:9a:bb:89:16:0e:94:f5:22:00:
8d:06:8b:4c:28:0a:a3:b3:7d:56:53:fb:1f:89:86:87:c2:8e:
47:2f:26:12:33:56:46:3e:93:48:3e:5f:9f:be:97:2d:89:8f:
04:aa:c4:c0:9b:a1:9a:3f:81:b3:6e:16:cd:90:61:5f:84:b7:
04:34:9c:ed
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPksMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDExNTE4WhcNMjcxMjEzMDExNTE4WjAYMRYw
FAYDVQQDEw02NzdjODAyYS0zMzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1Kxx01jx1WU0IS/sLOjDaA9TslIlbOjJ/zJsEYjZLQIEZ5MF12LW7P/y
AcbOTuUPjOaBn9u7gP5U11Egg0/NI+mljsatrXzHWbCCN+LGQR6fq6PfAHCbJ4TO
dkds9jvVgqoIFRa/tHicXvgJT3wXebGKcQO2taVkUieGdhXBuZHH7tmtBBw/hfew
NQLCNvSrBhciBxf0xzUGI8HSRLOVRY7ufhowrcWXZFCGRPxArVmJkJAr+mLWoBep
aXPM1MGKfNbmoXFmwEK6eDxbUC16CLgfV3wRSnj9gWTgLTKQ4/9XWA2yl3yk8F6n
Uw7xRJXgeCRP6gpuidp025BXND/CowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIxT
dsa9O+g2g83cZ3UqRdCQT9oCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EREU0N0EzNENDOTQxMUVGQkIzQjJDNzI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONLMA0GCSqGSIb3DQEBCwUA
A4IBAQBvz941HYitgPqKhqFalrK/hpSnG2mDYK9BuNrtEDf9W0NVtH+DM5QPWOM5
RWBO3JTu4PwCPE1FE04LStFd75mqHQV0IEnQkaQgNSyN0PH36qUsaVndfQbaVxdE
ywx3ij/N8fGUFUcuJRyKgmqfK1BNS2WVld9gO6ZY/MGhyoyI8iqdbk7oBKI5AGhj
ztKdAbCVoSC10+ZPJ4RI7BR0TYnpk9Oez5oDKzqyA5EaNW9Fqbu3jenC4f6b8+WL
zxqau4kWDpT1IgCNBotMKAqjs31WU/sfiYaHwo5HLyYSM1ZGPpNIPl+fvpctiY8E
qsTAm6GaP4GzbhbNkGFfhLcENJzt
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:23 2025 by rpki-client