Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EEEC2224CF2C11EFB2F22C93762E951A.roa
File: EEEC2224CF2C11EFB2F22C93762E951A.roa (raw, json)
Hash identifier: u8d7h5ULpPfWkEKAY9LrnXVf/y3PiOItzD7oFe0ahqw=
Subject key identifier: 2E:2F:F2:69:5D:99:1B:9B:04:2D:8A:F8:F4:70:B0:A9:8F:16:9A:98
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010519
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EEEC2224CF2C11EFB2F22C93762E951A.roa
Signing time: Fri 10 Jan 2025 08:28:57 +0000
ROA not before: Fri 10 Jan 2025 08:28:53 +0000
ROA not after: Sat 22 Mar 2025 08:28:53 +0000
asID: 135097
IP address blocks: 156.250.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66841 (0x10519)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 08:28:53 2025 GMT
Not After : Mar 22 08:28:53 2025 GMT
Subject: CN=6780da48-3c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a8:21:fd:80:4b:57:fb:5e:4a:c8:35:1f:65:
e9:ea:5b:43:1f:6f:44:75:b6:7c:3e:71:79:6f:29:
30:fa:06:da:44:67:b0:5b:60:30:d5:a7:94:9b:2f:
71:c6:0b:15:f5:67:f3:ba:13:24:69:09:14:0c:06:
6b:35:d3:77:3c:fb:77:2e:b0:28:90:b8:4b:49:e6:
6f:e8:b2:52:70:c0:30:c0:87:19:75:03:c2:65:4a:
26:17:85:41:2b:f3:33:6d:2f:43:5d:84:2f:b5:f3:
0e:8b:fb:12:f7:12:2d:1c:f4:ac:6e:7e:de:c8:9b:
c2:ef:14:6a:6c:96:8e:a7:b1:88:d8:ee:2f:09:b5:
82:08:42:25:ef:82:ee:15:5b:56:30:39:d3:b0:6a:
2c:7c:2d:dc:b4:ef:5a:5d:51:ac:e1:68:d1:6c:49:
de:e7:2a:e5:12:1c:37:12:4c:65:b1:18:a1:fb:41:
fb:d4:d4:d0:56:1c:fa:75:b4:83:be:4a:a2:7e:ec:
da:5e:33:d5:44:9a:a7:e6:30:3b:36:00:eb:6c:d6:
64:17:9e:5f:1d:aa:be:c1:b1:f4:a8:06:6e:97:9f:
a2:49:f3:79:c7:15:f7:51:6a:54:cf:80:88:79:d0:
17:35:a9:6a:ea:fc:25:8a:5f:22:3e:32:c8:18:73:
4f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:2F:F2:69:5D:99:1B:9B:04:2D:8A:F8:F4:70:B0:A9:8F:16:9A:98
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EEEC2224CF2C11EFB2F22C93762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.16.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:d4:d7:ea:c8:d3:ce:95:00:35:6f:25:5c:70:14:85:dd:8d:
3a:dd:5f:36:e6:bf:4f:de:97:ea:ff:95:51:5c:ef:97:6e:ff:
5c:b6:ec:46:cd:fa:2a:4d:4f:32:62:ad:36:0c:e8:b2:15:be:
51:26:f2:60:e6:9d:be:4c:f7:7e:67:c8:9b:2c:0d:a7:7a:7c:
f6:00:18:dc:4f:be:d0:cc:87:7f:24:f5:e4:fc:ed:8a:5f:0b:
e1:b5:51:52:b5:12:cd:4a:b1:e1:62:02:69:b6:c7:23:63:c5:
ac:67:c4:ef:41:e7:7c:01:ca:2f:6f:76:8e:c2:d3:78:a6:55:
94:ad:6f:74:50:d1:dc:ba:c5:fd:df:8b:c4:c0:8f:eb:d2:c9:
e8:b7:4a:ca:54:2d:7a:40:89:cd:34:3d:99:25:5b:8e:e8:a2:
ab:a6:d9:2c:27:5f:7a:46:c1:70:0e:a2:62:98:0b:1a:bc:6f:
26:b7:53:95:bf:5a:cd:f5:06:b6:96:a2:c8:ed:05:ff:c9:b0:
f5:00:12:58:00:92:05:c7:a0:76:9f:bd:50:77:69:e7:9c:35:
d4:1c:13:a9:d3:d9:45:ff:bc:18:7a:db:7f:de:ba:fb:1a:0d:
bc:a4:a1:51:32:8a:dc:ec:0a:63:43:7e:23:70:98:43:e8:4e:
36:e0:c8:b4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQUZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDgyODUzWhcNMjUwMzIyMDgyODUzWjAYMRYw
FAYDVQQDEw02NzgwZGE0OC0zYzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr6gh/YBLV/teSsg1H2Xp6ltDH29EdbZ8PnF5bykw+gbaRGewW2Aw1aeU
my9xxgsV9WfzuhMkaQkUDAZrNdN3PPt3LrAokLhLSeZv6LJScMAwwIcZdQPCZUom
F4VBK/MzbS9DXYQvtfMOi/sS9xItHPSsbn7eyJvC7xRqbJaOp7GI2O4vCbWCCEIl
74LuFVtWMDnTsGosfC3ctO9aXVGs4WjRbEne5yrlEhw3EkxlsRih+0H71NTQVhz6
dbSDvkqifuzaXjPVRJqn5jA7NgDrbNZkF55fHaq+wbH0qAZul5+iSfN5xxX3UWpU
z4CIedAXNalq6vwlil8iPjLIGHNPJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC4v
8mldmRubBC2K+PRwsKmPFpqYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRUVDMjIyNENGMkMxMUVGQjJGMjJDOTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPoQMA0GCSqGSIb3DQEBCwUA
A4IBAQCa1NfqyNPOlQA1byVccBSF3Y063V825r9P3pfq/5VRXO+Xbv9ctuxGzfoq
TU8yYq02DOiyFb5RJvJg5p2+TPd+Z8ibLA2nenz2ABjcT77QzId/JPXk/O2KXwvh
tVFStRLNSrHhYgJptscjY8WsZ8TvQed8Acovb3aOwtN4plWUrW90UNHcusX934vE
wI/r0snot0rKVC16QInNND2ZJVuO6KKrptksJ196RsFwDqJimAsavG8mt1OVv1rN
9Qa2lqLI7QX/ybD1ABJYAJIFx6B2n71Qd2nnnDXUHBOp09lF/7wYett/3rr7Gg28
pKFRMorc7ApjQ34jcJhD6E424Mi0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:40 2025 by rpki-client