Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E06C6AAEC95711EF8965FE65762E951A.roa
File: E06C6AAEC95711EF8965FE65762E951A.roa (raw, json)
Hash identifier: BrGRNFlzk6BLLfZrZdgLiidmlwHAbB4T8mYIGiaoCpk=
Subject key identifier: 36:4B:28:56:A7:65:C8:61:68:FA:E4:56:5E:8F:D7:01:D7:9A:14:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F408
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E06C6AAEC95711EF8965FE65762E951A.roa
Signing time: Thu 02 Jan 2025 22:21:14 +0000
ROA not before: Thu 02 Jan 2025 22:21:10 +0000
ROA not after: Mon 13 Dec 2027 22:21:10 +0000
asID: 17561
IP address blocks: 156.226.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62472 (0xf408)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:21:10 2025 GMT
Not After : Dec 13 22:21:10 2027 GMT
Subject: CN=6777115a-1505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:15:ce:92:47:ae:c7:ff:fd:5e:6f:a8:0c:0c:
9f:ac:85:61:20:b9:cb:60:5c:a0:cb:fa:15:f9:66:
c2:15:f2:27:81:5e:7b:06:18:05:ac:ae:93:2a:20:
e1:17:c9:c0:d2:fb:d6:38:d8:03:bb:23:f3:62:e6:
13:35:30:dd:d7:07:b6:d1:49:13:4e:2f:3f:6a:0b:
a2:ff:ee:1f:df:8b:a7:3c:61:9c:4a:df:d1:d7:96:
4a:4a:73:66:f5:c2:fd:72:da:be:38:0c:aa:29:22:
9c:94:55:ec:42:77:c5:71:3f:66:0b:86:31:41:a6:
38:57:16:ac:ef:f6:5e:1f:14:dc:12:cd:8a:75:44:
31:5f:c8:95:b7:a1:35:58:8e:67:a7:b7:9d:41:43:
f0:7c:00:e3:96:e1:cb:e4:d5:bd:4a:ea:26:f3:5f:
a7:08:11:18:00:c0:64:0f:55:9f:57:c0:09:12:84:
8f:27:77:61:00:bf:c5:1f:6d:12:22:20:2c:7c:5b:
c5:93:de:98:30:68:40:08:f6:cb:5a:0e:43:3f:b0:
3f:f1:96:6d:50:7f:e8:c4:a2:37:13:4e:24:e2:17:
f4:5d:61:d3:93:26:21:cf:8d:ee:2b:f5:20:6d:34:
54:ec:29:41:c0:27:a6:3f:98:1b:79:23:40:df:5b:
b0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4B:28:56:A7:65:C8:61:68:FA:E4:56:5E:8F:D7:01:D7:9A:14:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E06C6AAEC95711EF8965FE65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.157.0/24
Signature Algorithm: sha256WithRSAEncryption
83:66:fb:1c:c2:fe:51:f1:35:76:c1:dd:fd:a7:21:a2:27:23:
cb:d9:e7:81:93:0f:a8:53:98:81:4c:9f:a0:3c:a6:be:79:d8:
1e:d3:31:d3:12:e5:76:30:f8:27:17:e6:11:4f:d3:5a:51:fe:
a9:ba:69:d4:9b:fe:a6:ec:ea:03:12:fe:34:f2:df:2b:ea:92:
33:d6:95:03:24:86:68:81:fc:b6:4a:b9:14:1a:0a:7e:ce:67:
b7:58:95:7e:0f:c8:30:0b:9f:54:99:0b:0a:f9:44:40:89:05:
fa:d4:9b:f6:c6:99:29:1d:f9:5e:3f:24:3d:1a:b1:2d:82:8c:
e1:d0:a2:45:b3:3b:13:87:9f:a0:61:60:40:64:88:eb:94:da:
3f:0b:3d:53:7c:85:84:77:4b:2d:3f:d8:ac:bd:4b:6e:11:4b:
c5:29:41:f0:82:9b:2f:96:54:62:21:76:f4:1f:95:16:6e:3e:
5c:9b:a6:ff:1b:e8:c4:b1:c3:e6:e1:f8:4f:bf:55:5d:c7:69:
f0:2c:41:2f:ff:90:85:fb:f4:6d:78:fe:96:2b:aa:f9:13:da:
3e:87:cc:25:f9:3c:a3:1d:a5:50:56:33:2b:8f:25:f4:8c:bd:
d2:52:9b:11:b6:cd:d7:f9:92:65:00:66:f4:e0:71:f5:f7:a2:
8d:56:4b:c3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPQIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjIyMTEwWhcNMjcxMjEzMjIyMTEwWjAYMRYw
FAYDVQQDEw02Nzc3MTE1YS0xNTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvxXOkkeux//9Xm+oDAyfrIVhILnLYFygy/oV+WbCFfIngV57BhgFrK6T
KiDhF8nA0vvWONgDuyPzYuYTNTDd1we20UkTTi8/agui/+4f34unPGGcSt/R15ZK
SnNm9cL9ctq+OAyqKSKclFXsQnfFcT9mC4YxQaY4Vxas7/ZeHxTcEs2KdUQxX8iV
t6E1WI5np7edQUPwfADjluHL5NW9Suom81+nCBEYAMBkD1WfV8AJEoSPJ3dhAL/F
H20SIiAsfFvFk96YMGhACPbLWg5DP7A/8ZZtUH/oxKI3E04k4hf0XWHTkyYhz43u
K/UgbTRU7ClBwCemP5gbeSNA31uw5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDZL
KFanZchhaPrkVl6P1wHXmhSLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMDZDNkFBRUM5NTcxMUVGODk2NUZFNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKdMA0GCSqGSIb3DQEBCwUA
A4IBAQCDZvscwv5R8TV2wd39pyGiJyPL2eeBkw+oU5iBTJ+gPKa+edge0zHTEuV2
MPgnF+YRT9NaUf6pumnUm/6m7OoDEv408t8r6pIz1pUDJIZogfy2SrkUGgp+zme3
WJV+D8gwC59UmQsK+URAiQX61Jv2xpkpHflePyQ9GrEtgozh0KJFszsTh5+gYWBA
ZIjrlNo/Cz1TfIWEd0stP9isvUtuEUvFKUHwgpsvllRiIXb0H5UWbj5cm6b/G+jE
scPm4fhPv1Vdx2nwLEEv/5CF+/RteP6WK6r5E9o+h8wl+TyjHaVQVjMrjyX0jL3S
UpsRts3X+ZJlAGb04HH196KNVkvD
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:21 2025 by rpki-client