Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E406F8A2CD9211EFA1D4BE5C762E951A.roa
File: E406F8A2CD9211EFA1D4BE5C762E951A.roa (raw, json)
Hash identifier: BYeBilNcPN9iSftp3lOPaGsYFkKj0nwDlp542kqXlYw=
Subject key identifier: B3:60:33:43:B8:3C:9D:75:2B:4B:9D:27:E5:DA:F2:55:9C:A5:77:FA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010065
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E406F8A2CD9211EFA1D4BE5C762E951A.roa
Signing time: Wed 08 Jan 2025 07:33:45 +0000
ROA not before: Wed 08 Jan 2025 07:33:41 +0000
ROA not after: Wed 12 Feb 2025 07:33:41 +0000
asID: 20473
IP address blocks: 156.236.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65637 (0x10065)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 07:33:41 2025 GMT
Not After : Feb 12 07:33:41 2025 GMT
Subject: CN=677e2a59-4e9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1f:3c:43:c8:03:83:2d:6e:9a:8e:02:c5:5d:
9a:4c:de:49:1e:6c:e0:de:f7:2e:f2:21:35:30:80:
0c:52:32:06:9a:99:25:c2:44:15:d7:ba:6a:a9:60:
04:08:7f:25:9a:bd:18:ec:9f:cc:c1:a6:76:05:d4:
4d:5a:5f:57:1d:5f:c7:a7:df:48:01:e4:3a:b8:e9:
8f:75:b5:ab:e9:2a:c2:54:c1:10:89:dd:45:9a:7e:
a5:55:09:5b:39:0d:ce:6e:7d:24:08:37:f1:76:3f:
56:12:45:41:a8:c3:21:d1:6a:81:12:9c:84:e7:19:
c7:59:21:ad:d2:70:63:77:f8:ac:9a:e3:af:ee:83:
d7:6b:4a:29:21:c7:bd:3f:70:0b:76:0e:11:99:5c:
e1:8a:57:e6:96:47:b3:36:07:b5:fa:9d:b7:de:d6:
34:d7:48:26:15:3f:d4:30:c1:bd:c1:a9:64:53:f7:
a8:f4:01:a7:a9:d8:d2:95:89:55:da:06:7d:f6:b5:
d5:b2:98:e2:9e:63:66:24:5b:d1:c0:0d:cc:50:6f:
17:44:40:83:69:02:2f:7f:ec:92:34:ef:4e:cc:95:
63:ee:29:6d:67:85:8d:93:d0:b1:dd:bd:45:8f:ea:
cc:31:43:c9:a4:30:4a:4b:13:4b:3f:37:19:a9:ab:
96:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:60:33:43:B8:3C:9D:75:2B:4B:9D:27:E5:DA:F2:55:9C:A5:77:FA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E406F8A2CD9211EFA1D4BE5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.77.0/24
Signature Algorithm: sha256WithRSAEncryption
03:cc:6f:7a:0b:e5:da:7d:13:ef:f7:ce:ed:00:99:1a:25:74:
3e:41:e5:36:b0:54:61:d9:d5:18:7f:d3:f0:cd:09:80:cd:fd:
fa:b9:76:1c:6a:55:ac:9f:58:48:e5:12:b3:58:d3:53:23:4e:
e9:0d:7e:de:bf:84:58:01:e7:9f:c5:52:f5:38:f0:d3:b0:96:
e9:bf:5c:27:50:df:4a:7c:85:8a:2d:53:cb:ca:03:32:d0:fc:
27:92:5f:a9:94:64:43:48:a9:70:f8:cf:1b:7d:6f:a3:ec:23:
c4:45:8c:8a:47:6f:16:da:c1:bd:08:10:9a:0e:d9:be:01:05:
12:c0:fa:ee:0e:b0:1b:36:61:3c:db:0a:6c:79:ea:19:e2:49:
76:15:0d:4b:89:5b:0c:e6:8f:40:bc:cf:f9:19:40:e3:d3:cb:
6b:ff:e2:e5:7c:87:91:42:4f:8f:d5:0d:70:d6:71:10:00:0c:
09:6d:c3:ed:51:59:64:29:72:3e:71:bd:ae:6b:a7:43:6e:a4:
4b:6e:86:3d:1a:54:79:5b:4d:5b:38:97:a5:5f:bf:85:86:b8:
67:35:de:d7:9e:9e:98:40:9d:f4:1b:f3:0e:1c:07:90:b3:57:
25:4a:7d:4a:5c:7f:40:b8:1d:fa:03:d9:33:a0:dd:1b:88:58:
2d:97:8e:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQBlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDczMzQxWhcNMjUwMjEyMDczMzQxWjAYMRYw
FAYDVQQDEw02NzdlMmE1OS00ZTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsB88Q8gDgy1umo4CxV2aTN5JHmzg3vcu8iE1MIAMUjIGmpklwkQV17pq
qWAECH8lmr0Y7J/MwaZ2BdRNWl9XHV/Hp99IAeQ6uOmPdbWr6SrCVMEQid1Fmn6l
VQlbOQ3Obn0kCDfxdj9WEkVBqMMh0WqBEpyE5xnHWSGt0nBjd/ismuOv7oPXa0op
Ice9P3ALdg4RmVzhilfmlkezNge1+p233tY010gmFT/UMMG9walkU/eo9AGnqdjS
lYlV2gZ99rXVspjinmNmJFvRwA3MUG8XRECDaQIvf+ySNO9OzJVj7iltZ4WNk9Cx
3b1Fj+rMMUPJpDBKSxNLPzcZqauWGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLNg
M0O4PJ11K0udJ+Xa8lWcpXf6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNDA2RjhBMkNEOTIxMUVGQTFENEJFNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOxNMA0GCSqGSIb3DQEBCwUA
A4IBAQADzG96C+XafRPv987tAJkaJXQ+QeU2sFRh2dUYf9PwzQmAzf36uXYcalWs
n1hI5RKzWNNTI07pDX7ev4RYAeefxVL1OPDTsJbpv1wnUN9KfIWKLVPLygMy0Pwn
kl+plGRDSKlw+M8bfW+j7CPERYyKR28W2sG9CBCaDtm+AQUSwPruDrAbNmE82wps
eeoZ4kl2FQ1LiVsM5o9AvM/5GUDj08tr/+LlfIeRQk+P1Q1w1nEQAAwJbcPtUVlk
KXI+cb2ua6dDbqRLboY9GlR5W01bOJelX7+FhrhnNd7Xnp6YQJ30G/MOHAeQs1cl
Sn1KXH9AuB36A9kzoN0biFgtl45/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:58 2025 by rpki-client