Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00F698E0CD1C11EFB4B07F5A762E951A.roa
File: 00F698E0CD1C11EFB4B07F5A762E951A.roa (raw, json)
Hash identifier: T6fmhvL5vMLz13go5ja+ZThcF6ymB9P+IgR6acZSCfc=
Subject key identifier: CC:30:96:11:C0:F5:2B:C3:54:B3:1F:06:37:A4:CC:16:41:C7:32:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD4B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00F698E0CD1C11EFB4B07F5A762E951A.roa
Signing time: Tue 07 Jan 2025 17:22:43 +0000
ROA not before: Tue 07 Jan 2025 17:22:39 +0000
ROA not after: Mon 13 Dec 2027 17:22:39 +0000
asID: 17561
IP address blocks: 156.241.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64843 (0xfd4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:22:39 2025 GMT
Not After : Dec 13 17:22:39 2027 GMT
Subject: CN=677d62e3-4c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:15:59:56:bc:e8:c9:10:7d:3f:11:e5:fe:f6:
39:a9:e8:48:3f:7c:31:8b:f2:4b:6f:76:9d:c5:5b:
5a:46:0f:7c:c9:d1:15:1e:be:8f:e6:e1:bd:fb:98:
9c:b2:05:88:45:15:65:43:f0:c5:d5:21:e9:58:b7:
4d:04:04:42:29:65:36:38:46:45:e2:35:21:64:fd:
62:d0:27:dc:af:ef:62:bf:73:ed:45:f9:94:0b:32:
98:4f:12:06:66:21:21:13:08:06:e5:a9:93:9d:ea:
40:13:75:69:62:00:7c:70:fa:32:9b:0c:9a:8b:65:
96:67:1d:a6:85:48:f8:20:fc:ea:be:93:51:75:89:
b5:7f:9c:f5:3a:ea:3a:6c:64:e8:04:59:97:76:7a:
ed:81:3e:6e:d2:39:96:ab:81:68:e4:bc:d9:36:bd:
3d:7d:82:2a:dd:de:5c:0a:0c:9c:44:7f:71:6b:eb:
c0:5e:02:d7:5d:6d:d2:70:8a:03:fc:06:1c:a6:cb:
2f:23:80:13:94:e6:39:73:23:05:b7:27:c5:6b:cb:
cb:fc:3a:07:26:0c:ea:a3:72:2e:e8:c7:7d:f4:65:
f8:48:9a:7b:65:e3:b2:51:b4:a1:e4:95:f6:b2:f4:
91:d7:7f:e4:bd:56:11:ea:52:3e:8f:04:a6:1c:e5:
af:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:30:96:11:C0:F5:2B:C3:54:B3:1F:06:37:A4:CC:16:41:C7:32:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00F698E0CD1C11EFB4B07F5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.43.0/24
Signature Algorithm: sha256WithRSAEncryption
61:fe:2c:53:9e:57:4b:ea:58:10:5f:8a:52:74:b1:4f:07:c5:
5c:84:a5:fe:c1:87:31:26:01:de:b6:a9:8d:82:ac:7a:01:b1:
91:fb:78:ca:01:c2:8c:2e:19:dd:7e:fb:ea:e7:f6:e7:ab:c5:
01:91:8b:6c:c9:d9:6d:61:fa:c4:b1:c6:bc:ed:c4:02:ef:07:
b9:a8:96:89:86:d3:42:56:e0:1d:14:f1:78:e0:c8:58:e9:65:
8d:12:ef:04:37:58:66:91:68:c9:d7:8d:30:6b:13:30:fa:05:
e7:46:9b:71:c8:66:67:f0:79:72:c0:6a:e8:fa:2b:f7:09:eb:
30:2b:b4:03:4c:a8:2b:58:46:ea:f9:88:f8:c9:e9:8d:27:80:
a6:ee:03:cc:3c:28:55:c4:88:7d:ed:7c:e0:8b:d2:f6:90:c7:
33:c1:e2:29:54:33:88:78:95:8c:69:3a:1c:0d:36:d0:fc:09:
b7:4b:54:d9:e9:fc:eb:19:3c:90:fd:f1:f9:71:03:80:5a:0e:
4e:ca:4e:46:bf:23:5e:1e:3b:0c:d6:b6:fd:1d:2a:63:97:15:
fb:16:13:6b:11:c2:f7:69:f5:12:f2:19:6e:7c:79:8c:60:be:
05:46:db:13:1b:36:14:dd:cd:19:bc:89:e6:01:99:54:dd:48:
c4:14:fb:51
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTcyMjM5WhcNMjcxMjEzMTcyMjM5WjAYMRYw
FAYDVQQDEw02NzdkNjJlMy00YzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuxVZVrzoyRB9PxHl/vY5qehIP3wxi/JLb3adxVtaRg98ydEVHr6P5uG9
+5icsgWIRRVlQ/DF1SHpWLdNBARCKWU2OEZF4jUhZP1i0Cfcr+9iv3PtRfmUCzKY
TxIGZiEhEwgG5amTnepAE3VpYgB8cPoymwyai2WWZx2mhUj4IPzqvpNRdYm1f5z1
Ouo6bGToBFmXdnrtgT5u0jmWq4Fo5LzZNr09fYIq3d5cCgycRH9xa+vAXgLXXW3S
cIoD/AYcpssvI4ATlOY5cyMFtyfFa8vL/DoHJgzqo3Iu6Md99GX4SJp7ZeOyUbSh
5JX2svSR13/kvVYR6lI+jwSmHOWv7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMww
lhHA9SvDVLMfBjekzBZBxzKmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMEY2OThFMENEMUMxMUVGQjRCMDdGNUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPErMA0GCSqGSIb3DQEBCwUA
A4IBAQBh/ixTnldL6lgQX4pSdLFPB8VchKX+wYcxJgHetqmNgqx6AbGR+3jKAcKM
Lhndfvvq5/bnq8UBkYtsydltYfrEsca87cQC7we5qJaJhtNCVuAdFPF44MhY6WWN
Eu8EN1hmkWjJ140waxMw+gXnRptxyGZn8HlywGro+iv3CeswK7QDTKgrWEbq+Yj4
yemNJ4Cm7gPMPChVxIh97Xzgi9L2kMczweIpVDOIeJWMaTocDTbQ/Am3S1TZ6fzr
GTyQ/fH5cQOAWg5Oyk5GvyNeHjsM1rb9HSpjlxX7FhNrEcL3afUS8hlufHmMYL4F
RtsTGzYU3c0ZvInmAZlU3UjEFPtR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:48 2025 by rpki-client