Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E5E9D7FACF2E11EF857607A0762E951A.roa
File: E5E9D7FACF2E11EF857607A0762E951A.roa (raw, json)
Hash identifier: PIBuBey6BobEzxlfLpTnlJy7AquZFh9OqEjG0sf5Ftw=
Subject key identifier: C8:AF:03:2C:69:93:FA:11:E9:94:B9:16:A7:5D:DE:9C:60:50:55:43
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010525
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E5E9D7FACF2E11EF857607A0762E951A.roa
Signing time: Fri 10 Jan 2025 08:43:01 +0000
ROA not before: Fri 10 Jan 2025 08:42:57 +0000
ROA not after: Sat 22 Mar 2025 08:42:57 +0000
asID: 142286
IP address blocks: 156.250.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66853 (0x10525)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 08:42:57 2025 GMT
Not After : Mar 22 08:42:57 2025 GMT
Subject: CN=6780dd94-a82e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c3:0a:46:64:c7:c3:bc:9b:33:b8:a8:13:b7:
cc:94:51:7e:ca:ca:da:0d:62:b5:16:d3:d0:e7:98:
b9:b1:20:6a:d6:4b:d6:f0:c8:c7:d8:0a:b4:12:94:
62:47:ec:5b:25:77:df:5a:28:19:60:7f:71:95:8d:
f8:9d:83:1f:66:76:03:b1:5c:69:49:07:20:9d:b1:
0d:40:f6:4a:08:0b:45:09:73:bf:d2:74:4c:36:70:
2f:25:4f:f8:91:db:71:09:f5:9d:11:ca:63:69:de:
86:b6:84:8c:0c:ba:d8:c3:7f:5f:38:09:aa:12:a8:
34:a0:ed:c9:4a:99:4d:3b:07:a3:05:c6:40:ba:45:
ae:a5:05:81:74:4f:c3:c8:71:cd:55:ea:67:c0:48:
cb:1e:57:cf:54:8f:31:1a:63:95:b8:b8:b0:73:93:
5a:5b:52:0d:bf:ae:61:8b:f3:38:6e:4a:41:9d:31:
0f:0e:43:5c:36:70:c3:1c:bb:b3:f0:2c:26:4c:09:
16:04:05:02:76:54:49:d2:5b:f1:94:0e:2d:c2:47:
b9:ed:89:ae:38:0e:f1:66:74:17:6a:85:6c:9c:f0:
ab:83:29:e3:a9:dd:aa:bc:69:52:29:a8:4c:ed:f6:
73:c9:fb:a8:23:b5:f4:cc:af:a5:27:9b:f1:99:61:
68:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:AF:03:2C:69:93:FA:11:E9:94:B9:16:A7:5D:DE:9C:60:50:55:43
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E5E9D7FACF2E11EF857607A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.8.0/21
Signature Algorithm: sha256WithRSAEncryption
74:a8:ae:3d:59:c7:24:68:66:6b:47:7f:c0:c5:ae:da:64:0d:
37:59:cb:04:4d:d8:e3:3a:3b:90:0b:12:23:31:b4:98:9d:4c:
5d:00:a8:0f:4a:42:5e:c1:e4:b9:8a:f8:83:2b:c8:41:65:51:
c4:cd:85:0c:53:ae:75:3f:42:58:be:43:eb:78:83:67:3d:16:
54:6f:25:c0:a5:42:52:24:a5:20:4e:bf:95:15:f6:e5:f3:32:
2f:38:71:f2:cb:7b:1a:99:14:fe:d4:0f:c0:da:f3:c5:4f:f5:
df:70:76:d8:f6:0d:bf:e0:56:1c:ef:98:f4:f9:76:c1:a5:19:
ff:ac:81:c4:3f:d8:88:7e:60:09:6c:70:8b:e7:cb:25:45:a1:
da:1d:a7:ab:a5:e6:f5:9c:38:e9:f3:d8:24:41:b0:75:ba:f5:
ad:ef:e6:f0:c1:73:11:68:f8:30:df:fe:1b:79:47:60:52:37:
da:88:e2:14:f4:0d:b8:02:f8:f7:cd:95:b8:f2:f6:d7:be:6c:
03:55:60:c5:5c:e9:46:35:76:8a:77:0d:9e:e0:c1:46:fc:da:
7f:c2:47:2c:eb:fe:ab:57:af:77:1d:7a:5a:c9:b8:4e:71:22:
af:a6:7c:e4:cf:31:05:06:2c:73:ab:e6:bb:6f:ba:3e:ce:c1:
fd:d0:7c:78
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQUlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDg0MjU3WhcNMjUwMzIyMDg0MjU3WjAYMRYw
FAYDVQQDEw02NzgwZGQ5NC1hODJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzcMKRmTHw7ybM7ioE7fMlFF+ysraDWK1FtPQ55i5sSBq1kvW8MjH2Aq0
EpRiR+xbJXffWigZYH9xlY34nYMfZnYDsVxpSQcgnbENQPZKCAtFCXO/0nRMNnAv
JU/4kdtxCfWdEcpjad6GtoSMDLrYw39fOAmqEqg0oO3JSplNOwejBcZAukWupQWB
dE/DyHHNVepnwEjLHlfPVI8xGmOVuLiwc5NaW1INv65hi/M4bkpBnTEPDkNcNnDD
HLuz8CwmTAkWBAUCdlRJ0lvxlA4twke57YmuOA7xZnQXaoVsnPCrgynjqd2qvGlS
KahM7fZzyfuoI7X0zK+lJ5vxmWFo3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMiv
Ayxpk/oR6ZS5Fqdd3pxgUFVDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNUU5RDdGQUNGMkUxMUVGODU3NjA3QTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPoIMA0GCSqGSIb3DQEBCwUA
A4IBAQB0qK49WcckaGZrR3/Axa7aZA03WcsETdjjOjuQCxIjMbSYnUxdAKgPSkJe
weS5iviDK8hBZVHEzYUMU651P0JYvkPreINnPRZUbyXApUJSJKUgTr+VFfbl8zIv
OHHyy3samRT+1A/A2vPFT/XfcHbY9g2/4FYc75j0+XbBpRn/rIHEP9iIfmAJbHCL
58slRaHaHaerpeb1nDjp89gkQbB1uvWt7+bwwXMRaPgw3/4beUdgUjfaiOIU9A24
Avj3zZW48vbXvmwDVWDFXOlGNXaKdw2e4MFG/Np/wkcs6/6rV693HXpaybhOcSKv
pnzkzzEFBixzq+a7b7o+zsH90Hx4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:38 2025 by rpki-client