Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02278966CD2311EFB3E48385762E951A.roa
File: 02278966CD2311EFB3E48385762E951A.roa (raw, json)
Hash identifier: C4WvFhqW5IUjV4ShZL0Lykw/KInTdmnZd2goDGVyx6U=
Subject key identifier: 7F:10:AB:20:2E:76:5F:4C:26:D0:DB:08:55:66:7B:27:97:89:E8:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD83
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02278966CD2311EFB3E48385762E951A.roa
Signing time: Tue 07 Jan 2025 18:12:52 +0000
ROA not before: Tue 07 Jan 2025 18:12:48 +0000
ROA not after: Sat 13 Dec 2025 18:12:48 +0000
asID: 984
IP address blocks: 156.241.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64899 (0xfd83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 18:12:48 2025 GMT
Not After : Dec 13 18:12:48 2025 GMT
Subject: CN=677d6ea3-c3b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6a:20:f6:1e:94:09:e5:a1:2a:24:a8:62:6c:
14:56:e2:fe:d5:dc:2d:f9:c0:20:90:a1:89:89:11:
fd:b5:ca:6b:34:1e:9d:48:d4:f9:f1:f6:7a:80:da:
76:46:88:48:fc:a8:eb:d0:31:82:73:95:9e:09:8f:
5c:ae:21:93:01:6f:e8:b5:43:31:e7:02:32:d3:77:
a0:a7:8e:36:cf:49:14:69:ad:8b:dc:0e:04:fe:c9:
07:65:25:31:25:e6:f6:42:5a:b7:3c:92:8a:ec:a5:
81:ef:e5:9e:2c:ab:c3:7d:e8:da:b3:bb:79:b0:35:
86:58:01:9c:65:26:20:f1:18:fb:fd:08:ed:79:76:
66:11:ae:ea:3f:94:97:1d:c6:e8:f3:80:a5:69:71:
76:91:05:dd:fb:32:6b:e3:ba:b2:22:42:db:8a:4b:
9b:7a:cd:1b:95:df:df:95:64:ae:66:02:cd:d3:4b:
7a:2e:3e:86:ae:52:e5:96:80:a5:97:48:0e:c5:61:
42:8c:21:ee:08:d9:07:ef:82:3a:1c:1d:1c:bf:0c:
fe:88:92:36:16:8f:3b:3a:37:25:da:5e:e6:d9:c4:
5f:17:c8:a7:c5:f2:0c:d4:13:3e:8b:7a:07:b3:b3:
6b:2c:2b:c9:43:85:f7:b6:09:a3:41:20:be:56:5f:
1b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:10:AB:20:2E:76:5F:4C:26:D0:DB:08:55:66:7B:27:97:89:E8:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02278966CD2311EFB3E48385762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.204.0/24
Signature Algorithm: sha256WithRSAEncryption
26:62:44:cf:20:a1:74:69:d9:eb:1a:55:e2:f4:d1:5e:f2:fc:
1b:d1:dc:ca:3f:ab:51:52:af:23:a3:74:e9:55:ec:46:0e:14:
55:ac:5e:eb:13:5f:b7:60:ea:a3:c8:65:f4:a9:bd:85:46:0e:
eb:68:b8:5e:cf:65:dd:1f:12:6d:86:f6:b5:56:f5:7e:64:85:
52:00:9b:a4:59:d4:44:71:15:cf:98:82:de:c9:d4:90:00:90:
f8:ba:27:00:6f:44:96:cb:16:76:40:a8:1f:38:7b:25:6b:51:
d8:8c:f4:31:64:f2:a6:2c:97:0b:f2:c2:7a:04:d2:22:45:c0:
d9:35:34:e3:bb:0f:27:f9:19:a4:75:2b:03:8f:b6:d2:27:cb:
66:76:4c:22:12:cd:3a:e5:56:25:e1:e3:2f:8c:0a:74:30:5f:
a4:d0:6a:0f:58:fa:73:0d:b0:24:04:38:be:75:cb:14:28:79:
0d:bb:9c:10:87:db:9e:c5:c7:e0:98:8c:0d:43:d2:7e:10:84:
77:c6:a3:3e:d4:a8:f2:40:6e:95:f7:63:ba:f0:35:db:e7:37:
9c:57:39:9c:9e:94:e1:3f:d4:bd:6b:5b:00:c6:59:48:0e:a5:
09:8f:04:56:3f:69:a3:5c:56:67:d0:2c:73:b9:7f:01:77:11:
30:4a:9b:5f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP2DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTgxMjQ4WhcNMjUxMjEzMTgxMjQ4WjAYMRYw
FAYDVQQDEw02NzdkNmVhMy1jM2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Gog9h6UCeWhKiSoYmwUVuL+1dwt+cAgkKGJiRH9tcprNB6dSNT58fZ6
gNp2RohI/Kjr0DGCc5WeCY9criGTAW/otUMx5wIy03egp442z0kUaa2L3A4E/skH
ZSUxJeb2Qlq3PJKK7KWB7+WeLKvDfejas7t5sDWGWAGcZSYg8Rj7/QjteXZmEa7q
P5SXHcbo84ClaXF2kQXd+zJr47qyIkLbikubes0bld/flWSuZgLN00t6Lj6GrlLl
loCll0gOxWFCjCHuCNkH74I6HB0cvwz+iJI2Fo87Ojcl2l7m2cRfF8inxfIM1BM+
i3oHs7NrLCvJQ4X3tgmjQSC+Vl8bMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH8Q
qyAudl9MJtDbCFVmeyeXiejlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMjI3ODk2NkNEMjMxMUVGQjNFNDgzODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHMMA0GCSqGSIb3DQEBCwUA
A4IBAQAmYkTPIKF0adnrGlXi9NFe8vwb0dzKP6tRUq8jo3TpVexGDhRVrF7rE1+3
YOqjyGX0qb2FRg7raLhez2XdHxJthva1VvV+ZIVSAJukWdREcRXPmILeydSQAJD4
uicAb0SWyxZ2QKgfOHsla1HYjPQxZPKmLJcL8sJ6BNIiRcDZNTTjuw8n+RmkdSsD
j7bSJ8tmdkwiEs065VYl4eMvjAp0MF+k0GoPWPpzDbAkBDi+dcsUKHkNu5wQh9ue
xcfgmIwNQ9J+EIR3xqM+1KjyQG6V92O68DXb5zecVzmcnpThP9S9a1sAxllIDqUJ
jwRWP2mjXFZn0CxzuX8BdxEwSptf
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:40 2025 by rpki-client