Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFF2C3C4C95111EFAFDE73BF762E951A.roa
File: FFF2C3C4C95111EFAFDE73BF762E951A.roa (raw, json)
Hash identifier: cC4SOLUyyf98P5drN11BL6N+1aqv2fZKW9QsibYglsU=
Subject key identifier: 69:3B:84:C5:84:CA:2E:68:7F:49:3A:13:11:50:46:84:F5:80:A4:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3D0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFF2C3C4C95111EFAFDE73BF762E951A.roa
Signing time: Thu 02 Jan 2025 21:39:09 +0000
ROA not before: Thu 02 Jan 2025 21:39:06 +0000
ROA not after: Mon 13 Dec 2027 21:39:06 +0000
asID: 17561
IP address blocks: 156.225.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62416 (0xf3d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:39:06 2025 GMT
Not After : Dec 13 21:39:06 2027 GMT
Subject: CN=6777077d-4b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:da:e1:71:15:90:97:58:26:6b:ee:36:1a:4c:
0c:0f:a3:e0:35:3f:7f:42:a5:6e:64:d7:ba:c5:51:
cf:43:44:ad:cb:66:02:e7:48:c8:9b:cc:30:a4:9b:
07:48:0e:92:b5:b6:b8:5c:c7:97:ec:2a:0d:8b:64:
90:ba:d0:6a:0b:4a:52:c0:80:12:ab:79:d7:73:bd:
2f:14:76:16:c4:af:b8:fa:fc:1f:88:1c:b2:73:5d:
a9:ac:ce:e7:36:23:a5:24:1f:29:a0:79:bd:55:47:
d4:be:61:97:e2:79:2e:32:04:c9:42:52:75:3a:46:
23:d1:93:04:34:98:a1:1d:45:c7:e5:61:a6:32:7f:
25:d1:69:ee:59:09:f5:70:6d:3c:65:f4:d6:12:22:
83:c5:21:d3:73:87:d3:96:29:1f:0e:ee:9c:0b:0a:
f1:65:d5:e9:97:ed:d0:e9:f1:18:3e:1f:dd:ed:c4:
64:50:8c:97:af:01:99:58:7f:56:26:08:69:9c:29:
31:79:8a:f9:be:6b:b0:fb:3b:8b:d2:5a:d7:72:4d:
2a:3e:0a:c3:e0:03:d7:d3:94:42:82:b2:78:f9:6e:
3e:2a:45:64:97:92:e1:98:b9:89:0e:68:b1:ab:45:
b5:a8:83:23:7f:b8:16:d2:74:22:7d:af:bd:ee:ce:
39:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:3B:84:C5:84:CA:2E:68:7F:49:3A:13:11:50:46:84:F5:80:A4:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFF2C3C4C95111EFAFDE73BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.191.0/24
Signature Algorithm: sha256WithRSAEncryption
95:6e:73:9e:5e:6c:ac:62:57:9d:22:96:89:53:fd:fb:84:1d:
ee:4a:2e:fe:44:3f:df:00:e4:fe:22:57:5b:16:a6:19:64:aa:
cc:33:bd:bd:af:44:ac:2c:8a:fc:c4:67:82:3b:63:51:1e:de:
13:e3:05:c4:11:79:29:47:a0:88:bf:55:ff:42:2e:4c:38:e9:
c4:16:91:f4:64:8e:6a:4a:6f:bb:18:41:87:57:b0:9c:a4:3c:
29:d3:63:45:7f:73:7f:0f:7c:ee:45:3d:e4:8d:f2:1c:51:86:
12:ea:cb:fe:5c:a2:d1:0b:02:c7:12:fe:7e:e5:70:71:05:4e:
48:ee:de:41:11:a7:f1:0d:67:1e:9c:68:b3:30:46:bd:21:bd:
2b:84:4c:91:20:91:bc:2b:84:29:92:1e:ba:c1:7f:bb:a7:05:
64:d8:97:fe:1f:de:b4:e8:65:3d:cb:43:0f:d8:f3:55:e4:aa:
ed:e6:a4:ad:a9:34:d5:a5:72:75:ca:27:3d:5d:99:b2:3b:28:
aa:a6:fc:34:e4:08:27:05:5a:e0:34:88:74:3b:f1:7b:a4:f7:
ba:6d:da:52:50:9a:ef:ac:01:58:eb:b1:cb:d4:ec:d2:45:fb:
bb:df:49:5e:2b:0e:a3:08:e9:b5:db:3c:ef:61:d2:34:0e:47:
d2:49:95:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPPQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjEzOTA2WhcNMjcxMjEzMjEzOTA2WjAYMRYw
FAYDVQQDEw02Nzc3MDc3ZC00YjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqdrhcRWQl1gma+42GkwMD6PgNT9/QqVuZNe6xVHPQ0Sty2YC50jIm8ww
pJsHSA6Stba4XMeX7CoNi2SQutBqC0pSwIASq3nXc70vFHYWxK+4+vwfiByyc12p
rM7nNiOlJB8poHm9VUfUvmGX4nkuMgTJQlJ1OkYj0ZMENJihHUXH5WGmMn8l0Wnu
WQn1cG08ZfTWEiKDxSHTc4fTlikfDu6cCwrxZdXpl+3Q6fEYPh/d7cRkUIyXrwGZ
WH9WJghpnCkxeYr5vmuw+zuL0lrXck0qPgrD4APX05RCgrJ4+W4+KkVkl5LhmLmJ
Dmixq0W1qIMjf7gW0nQifa+97s45pQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGk7
hMWEyi5of0k6ExFQRoT1gKQMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRkYyQzNDNEM5NTExMUVGQUZERTczQkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOG/MA0GCSqGSIb3DQEBCwUA
A4IBAQCVbnOeXmysYledIpaJU/37hB3uSi7+RD/fAOT+IldbFqYZZKrMM729r0Ss
LIr8xGeCO2NRHt4T4wXEEXkpR6CIv1X/Qi5MOOnEFpH0ZI5qSm+7GEGHV7CcpDwp
02NFf3N/D3zuRT3kjfIcUYYS6sv+XKLRCwLHEv5+5XBxBU5I7t5BEafxDWcenGiz
MEa9Ib0rhEyRIJG8K4Qpkh66wX+7pwVk2Jf+H9606GU9y0MP2PNV5Krt5qStqTTV
pXJ1yic9XZmyOyiqpvw05AgnBVrgNIh0O/F7pPe6bdpSUJrvrAFY67HL1OzSRfu7
30leKw6jCOm12zzvYdI0DkfSSZXx
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:37 2025 by rpki-client