Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFF7BEC8D2FF11EF9A42B749762E951A.roa
File: DFF7BEC8D2FF11EF9A42B749762E951A.roa (raw, json)
Hash identifier: 9Sh1TpoxsAVe7c6wdgXVQhKYpviEm9KZhu3w/40Fbhc=
Subject key identifier: 5A:C1:B2:6E:21:00:E1:14:E6:3B:C0:34:18:C4:4F:B0:59:D6:46:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFF7BEC8D2FF11EF9A42B749762E951A.roa
Signing time: Wed 15 Jan 2025 05:16:29 +0000
ROA not before: Wed 15 Jan 2025 05:16:25 +0000
ROA not after: Mon 03 Jan 2028 05:16:25 +0000
asID: 17561
IP address blocks: 156.254.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67557 (0x107e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 05:16:25 2025 GMT
Not After : Jan 3 05:16:25 2028 GMT
Subject: CN=678744ad-a5ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8b:99:78:bd:a8:91:b9:a2:5e:e1:b6:ed:13:
21:dc:f3:67:d7:6f:de:fe:92:84:ab:a8:e6:04:a0:
94:2c:84:c1:f0:d2:a8:3c:64:e7:0c:0d:68:fd:ec:
45:48:73:2a:27:be:de:6f:37:f1:5d:03:46:6a:70:
29:aa:32:56:28:9e:3b:42:59:ff:54:60:6e:7b:ea:
a7:b5:64:a5:f4:fb:06:b1:53:81:91:cd:2f:36:ec:
26:da:1b:a6:0f:17:bf:89:73:8d:5e:2d:3e:e6:eb:
cb:6f:5d:03:6f:3a:e0:92:32:da:b5:18:6a:87:88:
67:ae:0f:73:0f:0d:16:86:3a:93:2c:15:b5:5a:28:
ed:e3:d9:d0:81:0b:bb:dc:9a:7b:d1:04:d5:86:58:
1f:5a:af:c4:ac:46:57:92:55:b7:10:46:17:08:bb:
7e:a2:fe:f7:44:84:c0:35:1f:e1:98:ed:e0:42:4f:
15:3f:2e:31:93:26:6f:42:0b:40:1b:72:64:16:2d:
6b:30:27:84:2a:80:cc:97:0c:9e:31:0e:7c:9f:68:
01:8d:1e:31:eb:9d:08:9d:6e:98:6d:50:a0:36:e6:
b1:d3:0e:60:45:fc:bb:b2:85:b2:8d:8e:ef:4a:0f:
05:6b:e7:09:29:89:aa:01:af:22:f7:e0:89:50:9e:
b7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C1:B2:6E:21:00:E1:14:E6:3B:C0:34:18:C4:4F:B0:59:D6:46:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFF7BEC8D2FF11EF9A42B749762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.29.0/24
Signature Algorithm: sha256WithRSAEncryption
45:0d:61:b3:52:a2:7f:62:93:56:8b:aa:c5:36:06:19:fb:df:
b3:42:69:5c:8e:c4:ea:ac:be:16:2e:47:f4:55:07:cc:54:8c:
ba:b2:8a:3b:9e:23:c9:df:50:74:9f:1c:ef:c0:2c:11:26:19:
b8:37:81:06:e9:c9:bb:76:1f:70:07:1a:13:fa:1f:c3:f5:21:
a4:ec:f0:a3:1c:24:8c:9b:8b:78:05:96:09:18:17:c9:ba:93:
6e:8a:c2:17:33:73:14:5b:ce:54:4c:34:85:2b:d9:47:8c:9d:
a5:cd:ae:1f:8a:5e:68:1e:44:93:75:5f:5e:13:d5:99:0c:3f:
6b:20:b2:81:3a:26:78:9f:2c:c5:a3:81:89:5f:81:a9:c2:53:
1d:0b:10:a8:86:67:f5:72:e5:fe:e6:39:35:52:1d:75:37:42:
17:d9:a8:1c:db:46:6d:92:c3:8b:70:1c:07:aa:d3:a8:8c:c9:
cd:50:ae:3a:9e:c0:3e:b3:7a:e4:bd:06:41:47:72:71:0a:da:
d4:96:4b:e5:bb:b4:2a:05:5b:d6:6c:59:36:87:2d:15:02:5b:
8f:76:00:e7:72:42:49:a8:7c:06:6f:e0:96:c2:b6:a3:44:5e:
83:a5:5c:f4:10:07:03:68:92:48:03:38:31:3e:13:60:86:64:
00:2f:3f:11
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQflMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDUxNjI1WhcNMjgwMTAzMDUxNjI1WjAYMRYw
FAYDVQQDEw02Nzg3NDRhZC1hNWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArYuZeL2okbmiXuG27RMh3PNn12/e/pKEq6jmBKCULITB8NKoPGTnDA1o
/exFSHMqJ77ebzfxXQNGanApqjJWKJ47Qln/VGBue+qntWSl9PsGsVOBkc0vNuwm
2humDxe/iXONXi0+5uvLb10DbzrgkjLatRhqh4hnrg9zDw0WhjqTLBW1Wijt49nQ
gQu73Jp70QTVhlgfWq/ErEZXklW3EEYXCLt+ov73RITANR/hmO3gQk8VPy4xkyZv
QgtAG3JkFi1rMCeEKoDMlwyeMQ58n2gBjR4x650InW6YbVCgNuax0w5gRfy7soWy
jY7vSg8Fa+cJKYmqAa8i9+CJUJ63zQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFrB
sm4hAOEU5jvANBjET7BZ1kZlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERkY3QkVDOEQyRkYxMUVGOUE0MkI3NDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4dMA0GCSqGSIb3DQEBCwUA
A4IBAQBFDWGzUqJ/YpNWi6rFNgYZ+9+zQmlcjsTqrL4WLkf0VQfMVIy6soo7niPJ
31B0nxzvwCwRJhm4N4EG6cm7dh9wBxoT+h/D9SGk7PCjHCSMm4t4BZYJGBfJupNu
isIXM3MUW85UTDSFK9lHjJ2lza4fil5oHkSTdV9eE9WZDD9rILKBOiZ4nyzFo4GJ
X4GpwlMdCxCohmf1cuX+5jk1Uh11N0IX2agc20ZtksOLcBwHqtOojMnNUK46nsA+
s3rkvQZBR3JxCtrUlkvlu7QqBVvWbFk2hy0VAluPdgDnckJJqHwGb+CWwrajRF6D
pVz0EAcDaJJIAzgxPhNghmQALz8R
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:57 2025 by rpki-client