Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6631778B2EF11EF84B8D569762E951A.roa
File: F6631778B2EF11EF84B8D569762E951A.roa (raw, json)
Hash identifier: qazW1Dvyh7dHPnza0+tLkxD8W2xsI3gIlWquv+0IByY=
Subject key identifier: B7:3B:CE:35:DE:4D:70:4E:09:F7:B5:7C:98:E4:2A:0F:B9:1A:B9:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DFD5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6631778B2EF11EF84B8D569762E951A.roa
Signing time: Thu 05 Dec 2024 10:01:57 +0000
ROA not before: Thu 05 Dec 2024 10:01:54 +0000
ROA not after: Sun 30 Nov 2025 10:01:54 +0000
asID: 152450
IP address blocks: 156.253.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57301 (0xdfd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 5 10:01:54 2024 GMT
Not After : Nov 30 10:01:54 2025 GMT
Subject: CN=67517a15-c7dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f6:95:5d:7a:13:02:f3:d4:9b:27:10:d2:37:
bd:a9:fb:e8:58:e3:c7:99:ae:9d:e0:64:aa:05:21:
1a:7e:cb:ab:3d:4b:33:e0:88:ad:7d:7d:02:05:76:
04:f9:15:cc:8e:2a:9d:9e:02:41:b1:61:45:31:c7:
1b:1d:a1:89:4f:11:60:b5:d6:41:de:47:15:d5:82:
f5:38:fc:95:e3:33:d2:c6:c0:aa:aa:b9:cb:59:6a:
88:9e:60:04:50:41:ac:32:b0:f0:c4:a4:06:ea:7e:
fc:11:b5:c3:a8:84:c5:ed:60:7a:70:21:e2:13:b5:
6d:3c:fa:74:bd:cc:3c:7c:4c:b4:82:c1:68:4e:02:
6f:bc:a2:75:84:6f:37:02:17:e6:bb:25:06:17:92:
0a:7f:1e:a3:f3:b9:43:e0:5c:68:fc:19:3b:35:82:
9e:f9:04:ed:5a:78:29:06:42:74:74:c4:1c:f3:24:
7e:03:e8:b7:36:47:09:39:f4:f0:be:ba:01:05:e8:
15:43:6f:4e:30:1c:65:10:af:45:4c:a1:76:9b:7c:
30:ef:78:bf:1d:90:03:26:2f:31:b8:5c:aa:e2:cd:
f6:48:91:4c:bd:97:92:35:04:7d:72:a4:0c:21:0a:
4a:13:2d:b8:a0:09:61:98:49:43:e7:54:bb:87:23:
b4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:3B:CE:35:DE:4D:70:4E:09:F7:B5:7C:98:E4:2A:0F:B9:1A:B9:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6631778B2EF11EF84B8D569762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.8.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:9f:f9:61:bb:cd:a9:af:7b:c4:5e:64:bc:45:02:5e:02:29:
24:23:1f:23:f3:e9:dc:9d:f5:38:be:65:9e:fa:36:3f:07:20:
aa:37:b9:90:86:3b:e6:15:48:b6:1c:a3:66:a4:3a:f8:ea:42:
41:7f:76:8d:49:ce:f3:cc:bc:91:c3:c6:94:90:5f:01:8d:c5:
ce:68:32:a8:b8:be:db:80:66:5d:07:b6:bb:0a:a6:ae:cd:c1:
af:90:6f:4a:9a:a5:f1:cb:b1:0b:52:ff:48:b2:d9:80:de:4b:
16:f9:d7:9b:88:f8:51:1f:29:80:26:2c:0a:71:7a:72:c2:a2:
c5:de:a7:9b:c0:8f:45:fc:f4:9c:a7:b6:c1:98:6d:2a:f7:38:
ee:3c:3c:be:84:e8:5c:6f:d4:88:55:a1:71:9d:b5:6e:e9:21:
83:1d:88:6f:3a:4e:b7:9f:cf:3c:c8:45:54:ce:4a:67:29:ed:
63:f2:94:f3:43:ac:ef:0c:a2:61:26:e6:23:5c:ca:d8:fb:a5:
ee:3d:bd:11:80:19:59:7c:7a:73:78:aa:ae:f7:1f:67:b9:15:
54:9c:73:a0:c6:02:3c:47:df:58:3a:09:90:bf:3d:d7:b2:bd:
f4:b1:6e:ef:4e:84:b9:b8:f4:0c:aa:83:96:33:da:61:71:d6:
13:3a:af:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAN/VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA1MTAwMTU0WhcNMjUxMTMwMTAwMTU0WjAYMRYw
FAYDVQQDEw02NzUxN2ExNS1jN2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx/aVXXoTAvPUmycQ0je9qfvoWOPHma6d4GSqBSEafsurPUsz4IitfX0C
BXYE+RXMjiqdngJBsWFFMccbHaGJTxFgtdZB3kcV1YL1OPyV4zPSxsCqqrnLWWqI
nmAEUEGsMrDwxKQG6n78EbXDqITF7WB6cCHiE7VtPPp0vcw8fEy0gsFoTgJvvKJ1
hG83AhfmuyUGF5IKfx6j87lD4Fxo/Bk7NYKe+QTtWngpBkJ0dMQc8yR+A+i3NkcJ
OfTwvroBBegVQ29OMBxlEK9FTKF2m3ww73i/HZADJi8xuFyq4s32SJFMvZeSNQR9
cqQMIQpKEy24oAlhmElD51S7hyO0QQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLc7
zjXeTXBOCfe1fJjkKg+5GrmaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNjYzMTc3OEIyRUYxMUVGODRCOEQ1Njk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnP0IMA0GCSqGSIb3DQEBCwUA
A4IBAQBvn/lhu82pr3vEXmS8RQJeAikkIx8j8+ncnfU4vmWe+jY/ByCqN7mQhjvm
FUi2HKNmpDr46kJBf3aNSc7zzLyRw8aUkF8BjcXOaDKouL7bgGZdB7a7CqauzcGv
kG9KmqXxy7ELUv9IstmA3ksW+debiPhRHymAJiwKcXpywqLF3qebwI9F/PScp7bB
mG0q9zjuPDy+hOhcb9SIVaFxnbVu6SGDHYhvOk63n888yEVUzkpnKe1j8pTzQ6zv
DKJhJuYjXMrY+6XuPb0RgBlZfHpzeKqu9x9nuRVUnHOgxgI8R99YOgmQvz3Xsr30
sW7vToS5uPQMqoOWM9phcdYTOq9Y
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:25 2025 by rpki-client