Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6AA3580D31111EFB3CE79BA762E951A.roa
File: F6AA3580D31111EFB3CE79BA762E951A.roa (raw, json)
Hash identifier: 7hW1SMGYmAzXsOe5JNoPgb7EPb2v7q2/XwQ/CGUgc6I=
Subject key identifier: 91:39:78:33:F3:79:26:28:96:4E:47:5A:D8:D3:12:EE:EA:1B:F1:2D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010851
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6AA3580D31111EFB3CE79BA762E951A.roa
Signing time: Wed 15 Jan 2025 07:25:58 +0000
ROA not before: Wed 15 Jan 2025 07:25:54 +0000
ROA not after: Mon 03 Jan 2028 07:25:54 +0000
asID: 17561
IP address blocks: 156.254.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67665 (0x10851)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:25:54 2025 GMT
Not After : Jan 3 07:25:54 2028 GMT
Subject: CN=67876306-d12d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6c:7f:ac:4d:b3:18:e5:f8:b1:eb:8c:26:48:
b8:85:66:f8:bf:3d:e7:bd:a9:0c:6a:db:eb:1f:42:
6a:b3:8a:2b:9f:ed:8f:f1:21:19:e9:46:04:31:7b:
c0:51:74:f8:85:22:06:14:70:06:88:5c:fd:39:b4:
af:2e:4a:99:48:0a:69:a8:3d:be:54:64:5a:72:35:
a7:2c:93:10:0e:cf:31:d6:27:38:32:a1:b5:46:69:
72:e7:22:c0:6c:29:fc:dd:66:83:27:18:8e:5b:6c:
4b:fc:34:28:bd:28:e6:ad:f4:d6:83:37:77:ae:ed:
a1:81:ce:d5:87:de:ec:c2:b8:47:ba:01:84:0c:99:
ac:bd:b3:16:e1:83:f8:58:05:a3:9e:9a:7c:3c:c9:
89:09:bf:92:9f:dc:63:f6:50:cf:4d:2d:46:d6:37:
1a:63:c4:6d:24:6d:c8:b4:5a:bc:00:51:57:5b:58:
aa:4c:e8:0c:3c:65:20:62:80:16:8a:ab:31:8f:56:
e5:e7:7c:db:b4:b9:8f:ac:65:ac:fa:10:1d:66:ea:
c7:a5:93:2b:68:e2:5e:f5:00:19:47:e4:da:64:c1:
5c:b5:1a:16:dd:d8:b2:28:8b:ef:17:e3:3c:94:b5:
f6:f7:72:2c:e5:06:97:fa:7f:a5:30:2f:a9:cb:00:
6f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:39:78:33:F3:79:26:28:96:4E:47:5A:D8:D3:12:EE:EA:1B:F1:2D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6AA3580D31111EFB3CE79BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.62.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:91:56:2a:7d:b1:ac:54:48:f7:62:15:53:2c:8e:9c:b3:2e:
15:2d:e7:cc:b0:97:15:11:94:c2:38:55:d3:e6:c9:dc:f9:bf:
4a:11:17:7f:4a:81:b4:b8:2d:41:36:a1:c5:20:0a:79:aa:61:
58:e5:9c:d0:78:44:d6:96:07:14:79:89:68:76:be:b3:0d:bf:
e8:e3:10:3a:92:fd:08:70:90:b8:12:e6:f3:c6:b2:e7:89:7d:
e8:07:58:bc:25:e2:79:ad:68:6a:da:38:0e:60:74:f6:40:f0:
8d:7b:0a:36:3a:05:81:37:07:c0:fc:7e:1e:e3:67:bc:47:5b:
00:5f:a6:9e:67:11:b5:1f:06:78:15:3b:a2:e7:56:d1:e3:52:
2c:e4:36:6f:4a:53:fc:e3:2f:68:ca:36:41:a0:e1:c4:96:2d:
5e:74:1d:f0:52:50:1b:ea:91:4e:b0:75:5b:f4:7a:92:eb:a8:
96:0e:a0:c3:8f:05:77:be:cb:2b:b6:f5:10:b0:5f:54:ca:53:
67:67:df:eb:d2:7f:a3:91:71:28:e2:80:86:9f:ab:c9:59:2c:
90:17:9d:ee:3b:ec:4f:0e:38:d2:2d:37:54:b8:50:45:c8:fc:
e5:9b:29:e8:ea:8f:46:d6:39:5f:d7:c3:88:1c:85:81:0b:ae:
e6:a9:ec:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDcyNTU0WhcNMjgwMTAzMDcyNTU0WjAYMRYw
FAYDVQQDEw02Nzg3NjMwNi1kMTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Gx/rE2zGOX4seuMJki4hWb4vz3nvakMatvrH0Jqs4orn+2P8SEZ6UYE
MXvAUXT4hSIGFHAGiFz9ObSvLkqZSAppqD2+VGRacjWnLJMQDs8x1ic4MqG1Rmly
5yLAbCn83WaDJxiOW2xL/DQovSjmrfTWgzd3ru2hgc7Vh97swrhHugGEDJmsvbMW
4YP4WAWjnpp8PMmJCb+Sn9xj9lDPTS1G1jcaY8RtJG3ItFq8AFFXW1iqTOgMPGUg
YoAWiqsxj1bl53zbtLmPrGWs+hAdZurHpZMraOJe9QAZR+TaZMFctRoW3diyKIvv
F+M8lLX293Is5QaX+n+lMC+pywBvmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJE5
eDPzeSYolk5HWtjTEu7qG/EtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNkFBMzU4MEQzMTExMUVGQjNDRTc5QkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4+MA0GCSqGSIb3DQEBCwUA
A4IBAQCakVYqfbGsVEj3YhVTLI6csy4VLefMsJcVEZTCOFXT5snc+b9KERd/SoG0
uC1BNqHFIAp5qmFY5ZzQeETWlgcUeYlodr6zDb/o4xA6kv0IcJC4EubzxrLniX3o
B1i8JeJ5rWhq2jgOYHT2QPCNewo2OgWBNwfA/H4e42e8R1sAX6aeZxG1HwZ4FTui
51bR41Is5DZvSlP84y9oyjZBoOHEli1edB3wUlAb6pFOsHVb9HqS66iWDqDDjwV3
vssrtvUQsF9UylNnZ9/r0n+jkXEo4oCGn6vJWSyQF53uO+xPDjjSLTdUuFBFyPzl
myno6o9G1jlf18OIHIWBC67mqexP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:24 2025 by rpki-client