Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE653C28CD8411EFB9075084762E951A.roa
File: DE653C28CD8411EFB9075084762E951A.roa (raw, json)
Hash identifier: 0J+WoibxcPRc9AKhfrsqR2uKjBQoz70kfrZ7Cxvi3OQ=
Subject key identifier: E6:7F:BD:65:71:12:6B:BA:5D:C6:09:55:61:78:E1:FB:D3:B4:4A:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010021
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE653C28CD8411EFB9075084762E951A.roa
Signing time: Wed 08 Jan 2025 05:53:22 +0000
ROA not before: Wed 08 Jan 2025 05:53:19 +0000
ROA not after: Mon 13 Dec 2027 05:53:19 +0000
asID: 17561
IP address blocks: 156.252.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65569 (0x10021)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:53:19 2025 GMT
Not After : Dec 13 05:53:19 2027 GMT
Subject: CN=677e12d2-4565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:7a:16:de:9d:a4:10:b6:cf:c2:66:d7:98:
57:8d:2a:dd:a9:4a:3f:35:eb:ca:d2:d6:60:a0:9e:
d5:81:f1:d0:0f:02:32:49:22:10:d0:61:9d:d3:60:
93:8b:81:0f:e9:62:b6:69:b0:e2:36:61:a5:78:94:
53:d2:c8:57:be:2e:58:cb:34:63:f7:0d:67:55:94:
8b:5a:9c:ef:1f:d5:8f:15:38:a7:0d:12:40:49:c7:
c0:81:65:f3:4f:76:57:89:b4:21:7a:e1:8e:1e:f2:
12:24:9d:d8:f0:13:1c:fb:8d:c4:2c:1d:c0:01:d1:
ba:e4:85:cb:12:36:f6:b4:c9:b7:d2:de:59:5a:dc:
5c:ae:ec:75:c9:2d:d5:cc:c3:a8:61:9a:19:6f:f0:
be:83:80:10:79:c5:0a:7c:d2:b6:af:7a:17:5a:0d:
4d:27:4f:d6:f5:bc:e4:71:dc:29:9e:0b:ff:94:42:
6d:6e:52:06:1f:6e:31:c8:26:4f:ae:1b:28:d7:65:
9a:02:88:eb:07:57:db:db:1a:f6:31:4d:9a:5c:26:
c3:8e:07:fc:43:dd:a3:70:9d:e6:1b:5a:6d:94:d8:
27:ae:08:57:a4:60:e7:28:02:de:cb:d8:fb:29:c7:
5b:38:41:7d:d7:12:b3:be:a6:c3:62:9e:c8:02:9d:
07:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7F:BD:65:71:12:6B:BA:5D:C6:09:55:61:78:E1:FB:D3:B4:4A:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE653C28CD8411EFB9075084762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.28.0/24
Signature Algorithm: sha256WithRSAEncryption
16:55:38:58:bc:5c:ec:5a:28:30:88:5c:74:ce:52:6f:7b:b0:
a3:23:cf:24:e9:17:a6:18:6d:cb:e0:4e:c0:e7:c4:31:44:23:
71:bd:d0:40:82:c7:c8:10:e4:14:33:8b:90:18:c3:53:01:ab:
65:90:e7:57:1d:0c:52:62:56:fc:2b:76:60:d2:99:42:d4:2c:
91:81:bb:b6:4b:8a:13:69:bf:6a:91:9f:13:97:bc:da:9a:23:
1d:48:1d:56:8c:e1:cb:6e:d0:71:59:28:a9:94:df:4e:7a:21:
6c:2e:0d:1f:40:b2:0d:0c:1b:e3:b1:c7:06:32:e6:83:23:52:
7b:ce:51:b5:c3:a3:f6:1a:cf:6a:c2:09:6d:b2:2a:31:dd:9a:
32:1a:fb:a5:e3:09:49:af:e6:ac:f5:f6:63:35:7b:11:48:ec:
72:a3:69:93:38:91:9f:b0:12:df:c5:ff:c8:44:97:f5:6f:f9:
48:ad:57:d1:56:41:7f:0c:db:99:79:1b:55:7a:40:41:ca:04:
cc:0d:76:51:1c:fa:86:b8:af:e0:3a:85:1d:6c:d8:ad:0d:c4:
ad:4b:53:ed:04:f5:62:d7:e8:ba:79:ff:db:6b:98:4f:0a:d7:
09:b4:c5:30:19:67:87:17:80:47:10:12:10:c9:ac:c3:ca:8e:
45:bf:74:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQAhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDU1MzE5WhcNMjcxMjEzMDU1MzE5WjAYMRYw
FAYDVQQDEw02NzdlMTJkMi00NTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtx96Ft6dpBC2z8Jm15hXjSrdqUo/NevK0tZgoJ7VgfHQDwIySSIQ0GGd
02CTi4EP6WK2abDiNmGleJRT0shXvi5YyzRj9w1nVZSLWpzvH9WPFTinDRJAScfA
gWXzT3ZXibQheuGOHvISJJ3Y8BMc+43ELB3AAdG65IXLEjb2tMm30t5ZWtxcrux1
yS3VzMOoYZoZb/C+g4AQecUKfNK2r3oXWg1NJ0/W9bzkcdwpngv/lEJtblIGH24x
yCZPrhso12WaAojrB1fb2xr2MU2aXCbDjgf8Q92jcJ3mG1ptlNgnrghXpGDnKALe
y9j7KcdbOEF91xKzvqbDYp7IAp0HEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOZ/
vWVxEmu6XcYJVWF44fvTtEplMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERTY1M0MyOENEODQxMUVGQjkwNzUwODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwcMA0GCSqGSIb3DQEBCwUA
A4IBAQAWVThYvFzsWigwiFx0zlJve7CjI88k6RemGG3L4E7A58QxRCNxvdBAgsfI
EOQUM4uQGMNTAatlkOdXHQxSYlb8K3Zg0plC1CyRgbu2S4oTab9qkZ8Tl7zamiMd
SB1WjOHLbtBxWSiplN9OeiFsLg0fQLINDBvjsccGMuaDI1J7zlG1w6P2Gs9qwglt
siox3ZoyGvul4wlJr+as9fZjNXsRSOxyo2mTOJGfsBLfxf/IRJf1b/lIrVfRVkF/
DNuZeRtVekBBygTMDXZRHPqGuK/gOoUdbNitDcStS1PtBPVi1+i6ef/ba5hPCtcJ
tMUwGWeHF4BHEBIQyazDyo5Fv3Sc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:07 2025 by rpki-client