Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03C11DF0CD1E11EF8E2B7E65762E951A.roa
File: 03C11DF0CD1E11EF8E2B7E65762E951A.roa (raw, json)
Hash identifier: xY9f5Rcx27u/XuuKKyoj7Q702inPvJGxg6K7aRh9n+Y=
Subject key identifier: CE:32:07:B4:9C:09:61:DE:C6:FE:A1:66:93:38:56:0F:8F:26:FC:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD5B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03C11DF0CD1E11EF8E2B7E65762E951A.roa
Signing time: Tue 07 Jan 2025 17:37:07 +0000
ROA not before: Tue 07 Jan 2025 17:37:03 +0000
ROA not after: Mon 13 Dec 2027 17:37:03 +0000
asID: 17561
IP address blocks: 156.241.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64859 (0xfd5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:37:03 2025 GMT
Not After : Dec 13 17:37:03 2027 GMT
Subject: CN=677d6643-1902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:26:2d:47:6b:20:ad:01:cd:e5:66:5b:b7:
9a:70:ce:a0:f2:90:5d:fe:c1:94:55:85:07:c5:a5:
22:74:28:79:fe:47:42:c6:d9:af:e9:cd:90:9b:7c:
fb:b0:61:3a:cc:60:ef:a9:de:20:d3:10:6b:1b:9c:
fc:d7:84:a2:43:19:ca:04:e3:fa:6a:48:21:57:48:
30:45:9e:7d:b6:27:8a:fc:7d:99:39:9a:57:0a:a0:
78:45:64:e2:51:c0:02:cf:ab:eb:d4:69:65:06:af:
db:81:31:4e:5d:7d:93:f8:dc:d6:39:ae:38:bc:ae:
40:66:05:74:a3:28:5d:ee:44:5d:32:0d:cd:44:3c:
75:ab:a2:eb:25:da:c8:12:7d:c4:21:12:e3:40:8c:
47:e2:24:3d:42:72:eb:e6:b0:e9:1d:74:a4:4d:cb:
03:d3:98:6c:fb:c6:7b:01:87:c3:d9:4d:9e:47:d8:
9b:0a:48:12:c0:0a:b3:c4:63:cb:36:d6:2a:19:c8:
b1:99:da:d9:f4:fe:94:2f:88:fc:05:d4:2e:29:33:
51:19:71:70:f9:a7:42:bc:8f:3b:f4:b2:68:3b:ea:
a8:97:b0:c3:66:51:ec:4c:08:fe:d4:b5:fb:68:13:
cd:d8:b0:3f:fb:d9:1f:b5:e0:7b:8e:7d:61:c7:f1:
db:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:32:07:B4:9C:09:61:DE:C6:FE:A1:66:93:38:56:0F:8F:26:FC:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03C11DF0CD1E11EF8E2B7E65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.54.0/24
Signature Algorithm: sha256WithRSAEncryption
12:f0:40:14:dd:0d:0a:d1:93:ec:22:12:df:2f:ab:f6:fa:57:
87:c0:5c:51:df:c7:65:bf:b8:91:1f:cf:bb:b0:57:57:4c:79:
a6:8e:3e:ca:cc:2d:3d:5c:11:65:c3:63:96:19:c0:fe:82:e5:
5b:69:a2:76:b1:74:4c:c9:b5:27:cc:09:38:cc:5f:92:d7:fc:
a3:e4:89:a2:47:57:aa:9c:85:94:6f:91:14:d3:c6:d9:65:4d:
6c:17:da:32:9a:c9:21:55:ae:ce:f9:b9:66:b1:76:40:f5:a5:
4a:06:c8:80:33:b6:78:b5:e2:96:31:a4:1d:57:21:91:17:7c:
4f:a7:a0:c5:5a:8f:2f:62:77:a8:3e:a5:41:ba:db:97:96:c3:
c5:b2:5c:fb:d7:99:f1:ef:84:68:7b:70:87:2e:44:cc:1d:af:
6a:3c:36:bb:53:24:85:4d:6b:ee:87:fc:d7:df:1e:92:07:a4:
58:01:78:98:dc:7f:e5:e4:3a:6d:9e:22:a9:b1:1b:e5:3d:0a:
85:ab:d6:f2:fb:ec:74:82:b1:97:b8:c4:67:84:65:4b:70:dd:
17:57:9d:39:bb:c2:05:9b:e0:c6:26:ac:25:0a:b2:d4:af:7b:
e3:88:9d:8f:fb:d2:70:62:c9:06:a4:6f:8b:9a:2d:f8:b6:12:
33:55:c0:4b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTczNzAzWhcNMjcxMjEzMTczNzAzWjAYMRYw
FAYDVQQDEw02NzdkNjY0My0xOTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqAMmLUdrIK0BzeVmW7eacM6g8pBd/sGUVYUHxaUidCh5/kdCxtmv6c2Q
m3z7sGE6zGDvqd4g0xBrG5z814SiQxnKBOP6akghV0gwRZ59tieK/H2ZOZpXCqB4
RWTiUcACz6vr1GllBq/bgTFOXX2T+NzWOa44vK5AZgV0oyhd7kRdMg3NRDx1q6Lr
JdrIEn3EIRLjQIxH4iQ9QnLr5rDpHXSkTcsD05hs+8Z7AYfD2U2eR9ibCkgSwAqz
xGPLNtYqGcixmdrZ9P6UL4j8BdQuKTNRGXFw+adCvI879LJoO+qol7DDZlHsTAj+
1LX7aBPN2LA/+9kfteB7jn1hx/HbkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM4y
B7ScCWHexv6hZpM4Vg+PJvwzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wM0MxMURGMENEMUUxMUVGOEUyQjdFNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPE2MA0GCSqGSIb3DQEBCwUA
A4IBAQAS8EAU3Q0K0ZPsIhLfL6v2+leHwFxR38dlv7iRH8+7sFdXTHmmjj7KzC09
XBFlw2OWGcD+guVbaaJ2sXRMybUnzAk4zF+S1/yj5ImiR1eqnIWUb5EU08bZZU1s
F9oymskhVa7O+blmsXZA9aVKBsiAM7Z4teKWMaQdVyGRF3xPp6DFWo8vYneoPqVB
utuXlsPFslz715nx74Roe3CHLkTMHa9qPDa7UySFTWvuh/zX3x6SB6RYAXiY3H/l
5DptniKpsRvlPQqFq9by++x0grGXuMRnhGVLcN0XV505u8IFm+DGJqwlCrLUr3vj
iJ2P+9JwYskGpG+Lmi34thIzVcBL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:47 2025 by rpki-client