Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFFFC564CDAA11EFA84B6A74762E951A.roa
File: DFFFC564CDAA11EFA84B6A74762E951A.roa (raw, json)
Hash identifier: n5bmBKgwhImYX+dn0fJyhtU9KfnfNzEWBeAUvPznVQs=
Subject key identifier: 75:FF:A2:70:AD:84:34:36:8D:20:F4:22:15:4E:69:EA:F4:F5:4F:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01014F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFFFC564CDAA11EFA84B6A74762E951A.roa
Signing time: Wed 08 Jan 2025 10:25:26 +0000
ROA not before: Wed 08 Jan 2025 10:25:22 +0000
ROA not after: Mon 13 Dec 2027 10:25:22 +0000
asID: 17561
IP address blocks: 156.255.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65871 (0x1014f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:25:22 2025 GMT
Not After : Dec 13 10:25:22 2027 GMT
Subject: CN=677e5296-5998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7e:35:b0:a2:86:35:9c:8a:ab:f3:26:b2:4d:
ee:92:9c:d5:bc:bb:f0:86:2c:82:88:b3:cb:75:a3:
08:fd:5b:fa:b1:f3:67:cf:f3:42:21:7d:20:9a:20:
aa:6e:85:d3:f1:ac:da:0b:32:b4:40:ba:b8:52:37:
ef:60:2d:84:ff:1e:1c:69:a0:c3:ca:98:d3:bf:17:
ba:6f:29:a2:e7:60:46:de:39:9d:d8:63:1e:ed:3d:
ed:74:fd:3d:fa:ee:5c:7b:77:39:7e:64:e4:0d:64:
16:30:1c:1a:12:14:7a:8e:9f:d8:ba:6e:a5:42:7d:
c3:47:ee:68:c0:ae:43:fd:c0:82:c2:df:c0:b1:9a:
6e:df:fe:0a:85:9a:56:ed:bf:28:5c:b1:fa:9b:6d:
c9:a9:ce:39:c1:a5:69:11:e5:17:60:03:9b:c8:a5:
b5:5b:7d:01:a1:8a:81:cd:13:6a:8f:d9:09:2b:f1:
82:53:25:13:a5:68:d3:d4:e8:77:cf:b1:20:d9:8c:
a5:4b:d9:21:93:fb:5c:3c:89:fb:05:a8:a5:2f:4d:
2a:49:40:ce:23:df:10:79:ae:8d:e0:a9:83:2c:f1:
78:0b:f9:42:c8:e1:b5:fd:1a:a2:9e:37:00:bf:91:
ee:ee:00:de:7f:db:21:09:49:d8:a3:de:94:fe:ee:
4b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FF:A2:70:AD:84:34:36:8D:20:F4:22:15:4E:69:EA:F4:F5:4F:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFFFC564CDAA11EFA84B6A74762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.42.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:d4:29:fb:c6:d7:27:d2:99:45:14:f1:6d:41:62:75:16:8c:
03:74:51:81:02:4a:7a:9e:fc:76:f7:68:f1:3c:2d:42:90:0d:
d3:a0:35:d9:b4:17:aa:95:cb:d9:e9:87:65:2f:08:d5:53:af:
54:ea:c8:7e:59:d1:32:4d:bf:8d:5a:df:4b:ad:84:77:b7:ad:
84:7e:6a:2f:4d:06:65:6b:f7:d8:83:3b:3b:94:7a:21:cf:6a:
dd:5a:77:5c:da:d7:bf:e0:6b:cc:1f:4a:c4:1b:ce:37:96:5c:
cb:b0:f6:0d:5e:34:f4:b0:76:3c:2a:cc:6e:62:e0:19:b4:40:
c7:ca:a1:00:b7:eb:c2:68:c7:84:11:58:64:8c:ed:07:8e:d1:
f0:6e:86:48:38:ab:7d:bf:36:3e:7c:47:75:db:0a:98:15:66:
83:ed:de:b3:52:82:c9:c5:aa:1a:68:2b:35:5c:28:fb:1e:78:
2b:31:c2:0c:8d:e3:4d:3e:63:33:ed:c8:33:4e:ce:58:e4:e6:
2d:2a:6d:dc:e6:09:57:b6:2f:3c:0e:25:5f:f0:bc:10:bd:d9:
59:24:cf:ed:b2:be:e7:77:1d:fc:1e:ba:f4:11:f0:7c:a0:e3:
ed:41:8f:44:24:ec:0a:a4:06:97:27:04:7a:52:32:9f:72:4a:
3b:3e:a9:b3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTAyNTIyWhcNMjcxMjEzMTAyNTIyWjAYMRYw
FAYDVQQDEw02NzdlNTI5Ni01OTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2n41sKKGNZyKq/Mmsk3ukpzVvLvwhiyCiLPLdaMI/Vv6sfNnz/NCIX0g
miCqboXT8azaCzK0QLq4UjfvYC2E/x4caaDDypjTvxe6bymi52BG3jmd2GMe7T3t
dP09+u5ce3c5fmTkDWQWMBwaEhR6jp/Yum6lQn3DR+5owK5D/cCCwt/AsZpu3/4K
hZpW7b8oXLH6m23Jqc45waVpEeUXYAObyKW1W30BoYqBzRNqj9kJK/GCUyUTpWjT
1Oh3z7Eg2YylS9khk/tcPIn7BailL00qSUDOI98Qea6N4KmDLPF4C/lCyOG1/Rqi
njcAv5Hu7gDef9shCUnYo96U/u5LCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHX/
onCthDQ2jSD0IhVOaer09U9sMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERkZGQzU2NENEQUExMUVGQTg0QjZBNzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8qMA0GCSqGSIb3DQEBCwUA
A4IBAQCt1Cn7xtcn0plFFPFtQWJ1FowDdFGBAkp6nvx292jxPC1CkA3ToDXZtBeq
lcvZ6YdlLwjVU69U6sh+WdEyTb+NWt9LrYR3t62EfmovTQZla/fYgzs7lHohz2rd
Wndc2te/4GvMH0rEG843llzLsPYNXjT0sHY8KsxuYuAZtEDHyqEAt+vCaMeEEVhk
jO0HjtHwboZIOKt9vzY+fEd12wqYFWaD7d6zUoLJxaoaaCs1XCj7HngrMcIMjeNN
PmMz7cgzTs5Y5OYtKm3c5glXti88DiVf8LwQvdlZJM/tsr7ndx38Hrr0EfB8oOPt
QY9EJOwKpAaXJwR6UjKfcko7Pqmz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:42 2025 by rpki-client