Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE8BD7AEC98511EF8C9773A0762E951A.roa
File: EE8BD7AEC98511EF8C9773A0762E951A.roa (raw, json)
Hash identifier: 37ifwo1O4bNhIVRlAOLe2XQwhw3W4JHFeYmtYjiDTLc=
Subject key identifier: B1:52:6D:83:C2:3D:8D:C5:38:9C:8A:60:92:40:6E:36:8D:E0:B8:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F57D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE8BD7AEC98511EF8C9773A0762E951A.roa
Signing time: Fri 03 Jan 2025 03:50:54 +0000
ROA not before: Fri 03 Jan 2025 03:50:51 +0000
ROA not after: Sat 13 Dec 2025 03:50:51 +0000
asID: 984
IP address blocks: 156.232.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62845 (0xf57d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:50:51 2025 GMT
Not After : Dec 13 03:50:51 2025 GMT
Subject: CN=67775e9e-5dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b0:f5:ad:3e:97:92:b2:bf:8b:c7:34:f7:24:
21:68:3d:3c:7e:86:66:6b:12:59:5d:7c:93:f4:6f:
82:36:4e:ad:9b:84:ba:cb:4d:f9:65:dc:2d:0e:ad:
c4:69:23:6a:d2:e6:0f:90:19:eb:99:10:3b:44:db:
65:c2:c3:a1:63:05:66:d0:80:15:7c:9e:68:5a:95:
af:02:b2:b4:a9:1e:9b:5a:9a:20:86:63:f2:56:dd:
c4:98:37:d6:52:9a:ce:33:45:5f:31:97:e5:ff:1b:
d4:9b:a6:89:fc:29:1f:d2:e7:36:1f:fb:09:d3:f7:
92:cf:db:50:99:08:c1:ef:15:5f:b4:ba:32:27:c4:
ef:6b:13:cc:16:83:76:db:35:2f:ce:6b:01:2c:29:
0d:a7:48:77:93:78:78:b4:14:37:e3:2c:fb:48:65:
64:c1:74:a2:04:a4:e8:9d:28:d2:49:70:22:4a:f1:
0c:81:ea:c9:9d:20:af:5d:6b:1c:b1:0a:1c:6a:e2:
4b:bb:26:4a:24:ac:ea:a3:96:f4:ac:d6:9e:9d:72:
6c:cb:f3:24:04:30:9b:38:9b:37:92:2b:18:e9:86:
17:e5:da:b6:bd:0c:b3:1e:30:e9:2b:6e:72:5c:55:
d0:c2:25:cd:ef:8a:58:7a:17:68:19:ce:53:d1:17:
0a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:52:6D:83:C2:3D:8D:C5:38:9C:8A:60:92:40:6E:36:8D:E0:B8:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE8BD7AEC98511EF8C9773A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.75.0/24
Signature Algorithm: sha256WithRSAEncryption
38:10:1d:d7:12:43:bf:e8:54:61:0d:06:a2:9d:4b:59:07:46:
ad:c6:60:b3:88:2b:e5:83:9d:19:9b:dc:61:ab:00:1f:c7:2a:
05:20:2e:1e:65:7a:f4:4b:64:52:86:55:f0:a4:42:f0:51:ec:
07:7d:fd:ea:5b:7b:9b:52:15:e1:04:44:53:e9:bb:63:23:5f:
6c:65:c1:54:8e:d3:3d:d1:db:29:72:63:41:ec:ab:96:28:37:
0a:58:61:eb:cd:8a:1d:f6:b1:e8:73:53:36:57:03:2c:09:23:
55:c9:e0:8a:2f:7c:52:f6:46:d3:02:d4:5e:0f:55:57:9f:2b:
63:58:95:30:47:96:7d:8f:10:25:8b:45:07:29:f3:0b:6d:36:
c0:55:eb:6f:f0:86:4a:b7:ab:c2:c7:79:1e:26:19:ad:1c:68:
43:5e:26:6b:d5:a0:5d:77:18:c4:03:50:8e:19:e3:af:ce:9d:
6c:d8:ca:fa:19:bf:c2:5e:ea:5f:af:e9:4c:74:79:9b:db:46:
3a:6f:82:e2:88:aa:2e:58:51:7e:a7:5a:dd:b1:de:f1:10:fd:
49:b9:b0:ce:e0:1b:a2:52:71:d8:e7:ed:6f:79:c0:43:d2:ed:
c3:7b:89:cc:55:69:cd:24:14:9c:9d:4c:cd:79:e3:37:5d:34:
78:da:9b:25
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPV9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDM1MDUxWhcNMjUxMjEzMDM1MDUxWjAYMRYw
FAYDVQQDEw02Nzc3NWU5ZS01ZGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArLD1rT6XkrK/i8c09yQhaD08foZmaxJZXXyT9G+CNk6tm4S6y035Zdwt
Dq3EaSNq0uYPkBnrmRA7RNtlwsOhYwVm0IAVfJ5oWpWvArK0qR6bWpoghmPyVt3E
mDfWUprOM0VfMZfl/xvUm6aJ/Ckf0uc2H/sJ0/eSz9tQmQjB7xVftLoyJ8TvaxPM
FoN22zUvzmsBLCkNp0h3k3h4tBQ34yz7SGVkwXSiBKTonSjSSXAiSvEMgerJnSCv
XWscsQocauJLuyZKJKzqo5b0rNaenXJsy/MkBDCbOJs3kisY6YYX5dq2vQyzHjDp
K25yXFXQwiXN74pYehdoGc5T0RcK5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLFS
bYPCPY3FOJyKYJJAbjaN4Lg9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRThCRDdBRUM5ODUxMUVGOEM5NzczQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhLMA0GCSqGSIb3DQEBCwUA
A4IBAQA4EB3XEkO/6FRhDQainUtZB0atxmCziCvlg50Zm9xhqwAfxyoFIC4eZXr0
S2RShlXwpELwUewHff3qW3ubUhXhBERT6btjI19sZcFUjtM90dspcmNB7KuWKDcK
WGHrzYod9rHoc1M2VwMsCSNVyeCKL3xS9kbTAtReD1VXnytjWJUwR5Z9jxAli0UH
KfMLbTbAVetv8IZKt6vCx3keJhmtHGhDXiZr1aBddxjEA1COGeOvzp1s2Mr6Gb/C
Xupfr+lMdHmb20Y6b4LiiKouWFF+p1rdsd7xEP1JubDO4BuiUnHY5+1vecBD0u3D
e4nMVWnNJBScnUzNeeM3XTR42psl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:27 2025 by rpki-client