Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/041B042ECD3B11EFB8008B9B762E951A.roa
File: 041B042ECD3B11EFB8008B9B762E951A.roa (raw, json)
Hash identifier: 3dzN9cfw29YSgXCz2qGjr//sQk7bcFSZLZnz7+yTfEw=
Subject key identifier: AC:BA:E5:2D:A5:9D:E2:6B:22:99:81:60:6C:44:A5:84:FB:94:81:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE41
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/041B042ECD3B11EFB8008B9B762E951A.roa
Signing time: Tue 07 Jan 2025 21:04:43 +0000
ROA not before: Tue 07 Jan 2025 21:04:39 +0000
ROA not after: Sat 13 Dec 2025 21:04:39 +0000
asID: 984
IP address blocks: 156.243.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65089 (0xfe41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:04:39 2025 GMT
Not After : Dec 13 21:04:39 2025 GMT
Subject: CN=677d96eb-29d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d0:a6:8f:16:cf:15:b0:75:7c:82:4a:16:3c:
bb:27:4f:70:9f:cc:02:ba:4b:ad:df:3b:9a:e1:21:
93:80:08:fd:be:f5:68:d3:8c:aa:31:72:4a:42:c6:
0d:47:ac:06:2c:a1:99:f3:cd:4b:d9:2d:59:af:76:
4b:59:ec:75:be:e4:18:46:32:44:cd:12:df:37:dd:
9b:92:1b:cf:f1:60:6d:04:99:44:8a:bc:c6:c8:8a:
0d:c6:a6:71:c8:15:9e:63:9c:3c:5a:87:ca:36:6c:
a8:89:94:bc:33:9e:36:15:bf:1e:2d:72:ae:00:ed:
03:a8:6f:2d:e3:d2:ca:eb:3d:c5:82:6e:a0:28:08:
f7:01:50:81:01:a2:3b:b6:81:b7:f9:e0:ad:41:ea:
8f:9a:84:84:7d:03:51:fc:94:0a:00:78:ff:d5:f4:
1e:d9:20:00:f4:92:99:78:a8:60:88:f7:43:40:42:
e0:25:cd:f7:39:14:ee:2c:87:50:16:7a:b0:48:ae:
17:ba:14:69:7b:45:af:1f:9c:8f:26:5a:4d:fb:a2:
a3:ee:ec:57:62:66:82:9f:9a:ac:62:1a:89:bf:e4:
98:5d:6f:0e:5e:28:18:a0:d9:73:cb:f1:3b:93:b1:
76:9d:81:4f:ff:0f:6f:ec:af:22:d5:6c:19:4f:e0:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:BA:E5:2D:A5:9D:E2:6B:22:99:81:60:6C:44:A5:84:FB:94:81:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/041B042ECD3B11EFB8008B9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.73.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:be:e4:e6:f0:40:55:0b:b4:b0:ae:0f:18:d4:f9:42:a5:72:
74:9e:f8:b0:94:1e:fa:2e:45:3b:9b:54:85:7f:8b:0f:c9:70:
b0:5b:ac:d8:3b:c7:15:93:4f:12:d1:c5:bc:a1:d4:f6:68:0b:
2a:24:01:a5:9a:dd:4d:5d:94:84:cc:70:5d:22:b1:30:5e:1a:
8a:f6:10:78:ff:12:2d:9e:e9:05:f6:8e:12:e7:06:1a:6d:5e:
52:65:3a:35:9d:b7:c3:48:86:27:48:6f:d7:eb:8a:b6:73:5a:
06:9b:7c:35:43:0d:de:d8:1a:4b:8b:54:d6:08:cc:94:83:c2:
f5:19:dd:e1:61:4b:65:48:72:1e:a7:0e:2e:67:1f:72:0c:ce:
50:68:38:fc:2b:ae:07:09:6d:5b:dd:ec:66:7c:3c:b9:6f:5e:
5a:3e:5e:d2:58:84:f5:71:a6:11:5e:5a:9a:0e:9e:2a:43:44:
8a:0c:60:fd:14:4b:82:52:73:4c:01:eb:eb:93:9d:f2:d8:91:
a9:59:f9:1f:9d:af:7b:7f:b6:cd:1a:03:bc:a6:08:26:2a:d7:
53:ea:31:3b:1b:b8:7a:cb:2f:48:24:01:a8:8c:8e:2d:9e:97:
a7:f9:56:36:a5:28:df:1b:ac:64:38:41:74:fc:15:b8:69:69:
07:64:a8:17
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP5BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjEwNDM5WhcNMjUxMjEzMjEwNDM5WjAYMRYw
FAYDVQQDEw02NzdkOTZlYi0yOWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0NCmjxbPFbB1fIJKFjy7J09wn8wCukut3zua4SGTgAj9vvVo04yqMXJK
QsYNR6wGLKGZ881L2S1Zr3ZLWex1vuQYRjJEzRLfN92bkhvP8WBtBJlEirzGyIoN
xqZxyBWeY5w8WofKNmyoiZS8M542Fb8eLXKuAO0DqG8t49LK6z3Fgm6gKAj3AVCB
AaI7toG3+eCtQeqPmoSEfQNR/JQKAHj/1fQe2SAA9JKZeKhgiPdDQELgJc33ORTu
LIdQFnqwSK4XuhRpe0WvH5yPJlpN+6Kj7uxXYmaCn5qsYhqJv+SYXW8OXigYoNlz
y/E7k7F2nYFP/w9v7K8i1WwZT+CiJQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKy6
5S2lneJrIpmBYGxEpYT7lIERMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNDFCMDQyRUNEM0IxMUVGQjgwMDhCOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNJMA0GCSqGSIb3DQEBCwUA
A4IBAQBdvuTm8EBVC7Swrg8Y1PlCpXJ0nviwlB76LkU7m1SFf4sPyXCwW6zYO8cV
k08S0cW8odT2aAsqJAGlmt1NXZSEzHBdIrEwXhqK9hB4/xItnukF9o4S5wYabV5S
ZTo1nbfDSIYnSG/X64q2c1oGm3w1Qw3e2BpLi1TWCMyUg8L1Gd3hYUtlSHIepw4u
Zx9yDM5QaDj8K64HCW1b3exmfDy5b15aPl7SWIT1caYRXlqaDp4qQ0SKDGD9FEuC
UnNMAevrk53y2JGpWfkfna97f7bNGgO8pggmKtdT6jE7G7h6yy9IJAGojI4tnpen
+VY2pSjfG6xkOEF0/BW4aWkHZKgX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:14 2025 by rpki-client