Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EB0D75D6D31411EFB03FBC4D762E951A.roa
File: EB0D75D6D31411EFB03FBC4D762E951A.roa (raw, json)
Hash identifier: UiFIhbH1KvBhf+YEMpmPZussyr3lDgu4zpOotJT5FnQ=
Subject key identifier: BB:C0:E0:48:2D:37:3E:D6:54:75:54:18:C5:11:87:9D:C9:D1:67:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010865
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EB0D75D6D31411EFB03FBC4D762E951A.roa
Signing time: Wed 15 Jan 2025 07:47:07 +0000
ROA not before: Wed 15 Jan 2025 07:47:03 +0000
ROA not after: Mon 03 Jan 2028 07:47:03 +0000
asID: 17561
IP address blocks: 156.254.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67685 (0x10865)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:47:03 2025 GMT
Not After : Jan 3 07:47:03 2028 GMT
Subject: CN=678767fb-2133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:39:c9:a4:d9:f9:ef:d1:d6:ef:16:42:9b:d5:
21:26:89:84:17:6d:e4:22:02:f9:8e:46:1d:5a:b2:
fb:02:ec:ef:27:9e:48:b8:49:3a:09:ab:98:ae:63:
ff:9c:43:2b:a4:a8:c5:87:c8:d7:92:0b:cc:ad:93:
9b:8f:19:e2:83:59:5f:6d:e0:22:2c:9b:38:05:c5:
1e:f1:c8:dc:41:73:7f:f3:d7:cd:8b:56:ed:b4:f4:
11:72:f4:76:14:ff:3c:a5:95:23:1b:9c:91:94:5c:
be:68:17:b7:c1:ec:47:13:50:32:e1:b2:66:58:09:
92:d3:af:82:08:5e:e0:cb:77:0c:56:e8:21:58:76:
0a:c4:50:eb:b9:54:44:af:f1:56:18:12:8f:ab:2a:
95:62:a8:6d:3e:e7:5c:c6:e6:1e:88:fa:68:ad:87:
2e:60:0f:f2:9b:4e:05:8a:8e:23:55:d9:ef:65:a9:
e5:53:59:7a:57:9f:5d:6f:c0:cb:9d:80:00:7f:9c:
11:d2:3a:33:5b:31:5d:9f:d2:19:c6:a5:1a:ac:69:
3b:fe:78:7c:50:d4:72:21:51:f5:8b:8a:27:27:21:
10:a9:63:79:f8:ea:c0:2f:b5:5a:77:8e:ad:4d:3f:
3c:0e:dc:8f:92:a0:fa:54:53:15:d2:73:bf:07:3d:
dd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C0:E0:48:2D:37:3E:D6:54:75:54:18:C5:11:87:9D:C9:D1:67:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EB0D75D6D31411EFB03FBC4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.72.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:61:37:ed:48:58:aa:ac:b7:02:00:6c:72:84:43:ff:b6:04:
7a:81:cc:89:a3:2a:9c:1c:eb:cf:0c:82:c1:e5:42:94:97:e1:
52:ef:d1:0d:86:dc:ce:e9:5d:2a:81:63:da:ed:7d:6b:9c:a5:
35:b6:85:bb:c4:b4:8a:50:c4:a5:33:03:bd:e6:5a:77:c8:02:
a2:7b:6c:81:90:1f:68:78:0a:ab:b8:cc:be:34:9f:bc:29:61:
c5:f3:c8:fb:4f:cf:82:e4:f7:ff:42:01:5d:31:1e:c8:85:bc:
9b:89:2c:f2:3c:77:44:35:e1:0e:f6:0e:cf:b5:bd:af:49:a4:
83:5f:14:d8:68:03:4f:23:08:4f:5b:86:08:79:e8:b6:f1:5a:
86:37:61:2c:e0:04:3f:5d:e8:37:91:eb:f5:db:07:ae:08:8f:
4f:43:5b:9c:d6:48:6e:ad:25:14:cb:4c:95:8d:68:2c:2e:da:
9a:91:81:db:72:3a:6f:bf:34:bd:5a:48:1a:fd:2a:ff:a7:27:
cf:a3:f5:30:5f:6b:a9:63:7a:45:8a:da:47:3c:0f:da:3f:53:
8b:e4:53:c9:28:ec:d2:34:4f:97:2b:16:8e:2e:f3:02:b0:ea:
75:33:40:b8:41:6c:90:6a:2d:b1:0d:c4:18:29:f0:5e:04:80:
43:1b:39:a1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDc0NzAzWhcNMjgwMTAzMDc0NzAzWjAYMRYw
FAYDVQQDEw02Nzg3NjdmYi0yMTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5jnJpNn579HW7xZCm9UhJomEF23kIgL5jkYdWrL7AuzvJ55IuEk6CauY
rmP/nEMrpKjFh8jXkgvMrZObjxnig1lfbeAiLJs4BcUe8cjcQXN/89fNi1bttPQR
cvR2FP88pZUjG5yRlFy+aBe3wexHE1Ay4bJmWAmS06+CCF7gy3cMVughWHYKxFDr
uVREr/FWGBKPqyqVYqhtPudcxuYeiPporYcuYA/ym04Fio4jVdnvZanlU1l6V59d
b8DLnYAAf5wR0jozWzFdn9IZxqUarGk7/nh8UNRyIVH1i4onJyEQqWN5+OrAL7Va
d46tTT88DtyPkqD6VFMV0nO/Bz3d5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLvA
4EgtNz7WVHVUGMURh53J0Wc/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQjBENzVENkQzMTQxMUVGQjAzRkJDNEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5IMA0GCSqGSIb3DQEBCwUA
A4IBAQCyYTftSFiqrLcCAGxyhEP/tgR6gcyJoyqcHOvPDILB5UKUl+FS79ENhtzO
6V0qgWPa7X1rnKU1toW7xLSKUMSlMwO95lp3yAKie2yBkB9oeAqruMy+NJ+8KWHF
88j7T8+C5Pf/QgFdMR7IhbybiSzyPHdENeEO9g7Ptb2vSaSDXxTYaANPIwhPW4YI
eei28VqGN2Es4AQ/Xeg3kev12weuCI9PQ1uc1khurSUUy0yVjWgsLtqakYHbcjpv
vzS9Wkga/Sr/pyfPo/UwX2upY3pFitpHPA/aP1OL5FPJKOzSNE+XKxaOLvMCsOp1
M0C4QWyQai2xDcQYKfBeBIBDGzmh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:21 2025 by rpki-client