Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFD0C69CD30411EF9745FC67762E951A.roa
File: DFD0C69CD30411EF9745FC67762E951A.roa (raw, json)
Hash identifier: W9Ve0WtGcT3rbW51Axwct+qGVC+YbX10WgnMUk3DnxQ=
Subject key identifier: B0:AD:7D:4D:68:00:97:CB:73:2A:24:7D:85:23:AD:97:80:16:9F:2E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010807
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFD0C69CD30411EF9745FC67762E951A.roa
Signing time: Wed 15 Jan 2025 05:52:16 +0000
ROA not before: Wed 15 Jan 2025 05:52:12 +0000
ROA not after: Mon 03 Jan 2028 05:52:12 +0000
asID: 17561
IP address blocks: 156.254.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67591 (0x10807)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 05:52:12 2025 GMT
Not After : Jan 3 05:52:12 2028 GMT
Subject: CN=67874d10-dccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2f:d4:e6:0a:4d:d2:79:6e:20:3e:51:3b:dd:
69:39:32:f4:58:40:20:be:70:8c:dd:30:41:09:ef:
c1:51:ba:f6:e3:65:43:c0:be:8c:1a:60:f4:58:4c:
c5:3c:25:c9:b5:71:67:1d:3b:ff:2a:4d:f8:0a:f6:
75:b8:91:29:4f:d5:4a:59:cb:83:5e:e0:f6:0e:b0:
a3:71:bf:95:69:92:f2:06:12:e7:55:a3:af:8a:eb:
d0:ed:42:e4:04:f9:10:15:4a:a7:81:69:04:f7:d6:
bf:c0:28:c4:52:f0:d6:e6:14:8c:92:e3:cd:66:5f:
98:28:f2:fc:b3:51:3b:4a:c3:27:cc:b1:cc:b6:aa:
35:eb:f3:a5:97:07:27:40:78:ea:05:24:cf:48:53:
42:f3:f5:d3:e7:82:2a:eb:d8:24:22:8d:0a:fa:94:
1f:f4:18:ef:04:28:f3:3a:f6:77:58:41:25:84:ce:
5d:de:d1:6c:01:19:63:90:bb:fa:50:e1:53:e4:56:
00:29:06:3d:b2:af:06:63:a7:ba:3d:a2:a5:3a:35:
6e:5f:90:e2:7e:cd:ef:8a:6e:60:e5:36:85:42:59:
9f:eb:a1:e4:dd:1e:11:cd:ee:6a:22:cf:b5:c0:87:
3d:45:c1:97:44:59:a4:74:0e:32:6d:23:06:2f:13:
dc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AD:7D:4D:68:00:97:CB:73:2A:24:7D:85:23:AD:97:80:16:9F:2E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFD0C69CD30411EF9745FC67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.46.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:3b:b1:02:42:ad:a4:af:80:4c:4f:b0:3b:e8:9b:5c:b2:73:
fb:55:2a:33:98:d3:1a:3d:05:86:2e:2c:81:90:3d:27:26:92:
21:6e:6b:5e:58:06:87:0e:70:7d:96:32:91:9d:de:44:e9:85:
2d:83:99:e3:d4:d8:f8:2a:d1:38:71:b0:91:0b:b2:2f:75:23:
c2:54:b9:2b:d3:35:36:0e:84:ed:fb:b7:15:42:d4:b9:42:34:
6b:a4:99:3b:67:88:02:ae:ea:cb:8e:33:47:63:2a:13:9a:f9:
84:e6:27:1f:34:0e:67:ba:83:01:2d:34:27:4f:04:9a:23:5e:
9a:39:16:dc:6c:ee:0c:91:69:41:89:bb:93:29:b5:25:6b:57:
b0:65:ed:92:fd:fe:af:97:36:fc:66:dc:d7:bc:6c:80:cd:c7:
b7:2b:30:77:0e:6a:0b:1c:56:b4:d2:69:38:1a:ec:76:5a:4f:
28:de:75:a8:98:52:a8:94:bd:4f:a3:e5:73:1a:db:b3:29:88:
24:4b:76:7f:84:3e:0d:3b:50:a7:5b:a0:e9:23:8c:87:41:ef:
48:77:ba:3b:0a:c0:f6:a2:9c:b3:6f:20:fe:df:7d:80:44:94:
3c:27:75:47:e2:fb:94:46:fe:af:0f:aa:05:6c:ed:95:49:10:
38:0a:10:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQgHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDU1MjEyWhcNMjgwMTAzMDU1MjEyWjAYMRYw
FAYDVQQDEw02Nzg3NGQxMC1kY2NjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuC/U5gpN0nluID5RO91pOTL0WEAgvnCM3TBBCe/BUbr242VDwL6MGmD0
WEzFPCXJtXFnHTv/Kk34CvZ1uJEpT9VKWcuDXuD2DrCjcb+VaZLyBhLnVaOviuvQ
7ULkBPkQFUqngWkE99a/wCjEUvDW5hSMkuPNZl+YKPL8s1E7SsMnzLHMtqo16/Ol
lwcnQHjqBSTPSFNC8/XT54Iq69gkIo0K+pQf9BjvBCjzOvZ3WEElhM5d3tFsARlj
kLv6UOFT5FYAKQY9sq8GY6e6PaKlOjVuX5Difs3vim5g5TaFQlmf66Hk3R4Rze5q
Is+1wIc9RcGXRFmkdA4ybSMGLxPczQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLCt
fU1oAJfLcyokfYUjrZeAFp8uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERkQwQzY5Q0QzMDQxMUVGOTc0NUZDNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4uMA0GCSqGSIb3DQEBCwUA
A4IBAQAKO7ECQq2kr4BMT7A76JtcsnP7VSozmNMaPQWGLiyBkD0nJpIhbmteWAaH
DnB9ljKRnd5E6YUtg5nj1Nj4KtE4cbCRC7IvdSPCVLkr0zU2DoTt+7cVQtS5QjRr
pJk7Z4gCrurLjjNHYyoTmvmE5icfNA5nuoMBLTQnTwSaI16aORbcbO4MkWlBibuT
KbUla1ewZe2S/f6vlzb8ZtzXvGyAzce3KzB3DmoLHFa00mk4Gux2Wk8o3nWomFKo
lL1Po+VzGtuzKYgkS3Z/hD4NO1CnW6DpI4yHQe9Id7o7CsD2opyzbyD+332ARJQ8
J3VH4vuURv6vD6oFbO2VSRA4ChBO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:45 2025 by rpki-client