Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/041CCE0ACD1B11EFB2181454762E951A.roa
File: 041CCE0ACD1B11EFB2181454762E951A.roa (raw, json)
Hash identifier: Qn+G+bjoyUNfoWI38M73A3O0ZJBfxxQLFyPG6duvvvk=
Subject key identifier: 81:11:8C:79:C1:3B:09:C7:E2:61:90:BA:6F:8C:9F:EC:B8:8C:A0:02
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD43
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/041CCE0ACD1B11EFB2181454762E951A.roa
Signing time: Tue 07 Jan 2025 17:15:39 +0000
ROA not before: Tue 07 Jan 2025 17:15:35 +0000
ROA not after: Mon 13 Dec 2027 17:15:35 +0000
asID: 17561
IP address blocks: 156.241.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64835 (0xfd43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:15:35 2025 GMT
Not After : Dec 13 17:15:35 2027 GMT
Subject: CN=677d613b-4edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d0:17:86:00:44:1f:68:e7:57:2c:72:52:4d:
ae:46:14:f0:31:2f:59:50:63:88:19:f4:8c:ce:a4:
4b:1e:b2:8a:9c:a5:fb:4f:eb:fe:06:61:b9:8a:56:
59:da:91:fa:1f:d4:65:12:87:70:39:31:b9:86:cc:
9f:e3:89:16:9a:c2:c9:90:2a:2c:e7:6b:19:d4:79:
26:5d:18:21:4f:49:48:e0:ac:91:30:7d:52:d8:8d:
ac:a9:0b:32:f0:48:17:ef:a3:a7:8d:03:ea:8a:0d:
48:6b:fb:76:99:9a:3f:02:ad:8f:a0:44:6f:b9:c2:
dd:cf:5f:a4:15:8c:4b:f6:54:7a:d5:88:45:10:be:
e5:c3:be:59:7a:9a:f0:7d:3e:52:74:5e:ff:bf:38:
cd:5d:35:41:75:88:86:47:bf:88:18:a0:64:67:66:
c0:04:3f:fb:39:9f:95:4a:bf:d9:15:d7:cb:6a:40:
97:b3:54:93:e5:9b:8e:80:1e:5e:7d:fa:04:27:53:
2a:58:4b:47:20:25:97:4d:4c:da:f2:08:e8:91:71:
30:07:21:de:3b:b2:49:51:64:85:0e:71:c9:b2:69:
32:3a:ef:1f:3f:aa:51:ed:e0:10:b5:44:de:bb:09:
5b:e3:59:4d:01:d7:c2:bd:01:a1:d8:00:60:19:fd:
4e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:11:8C:79:C1:3B:09:C7:E2:61:90:BA:6F:8C:9F:EC:B8:8C:A0:02
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/041CCE0ACD1B11EFB2181454762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.38.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:4a:2a:61:26:89:55:55:b6:02:45:e7:3c:9c:c6:21:ed:55:
67:9c:e8:23:dc:7e:76:62:a2:95:9f:11:ef:c8:70:97:0c:f6:
f4:bd:2f:59:48:b4:5e:93:be:c9:94:1b:04:9b:5a:df:18:84:
2a:a4:38:3a:37:1a:3f:e1:f5:51:4a:66:df:c5:c1:ce:58:83:
d6:f6:f5:19:06:62:1b:3c:52:83:4d:08:2b:0f:68:f6:79:fd:
6b:00:b8:ad:16:97:71:d8:3b:8d:cc:42:e0:78:a6:b8:2f:77:
fd:7a:8f:38:d9:99:58:87:1b:24:06:ea:ef:10:bd:08:11:73:
25:c4:f6:c8:71:c7:dd:c9:47:c4:02:02:96:dd:fb:dd:a9:e4:
07:d4:28:df:8d:67:40:c9:8c:9c:3a:0c:3b:45:37:b3:25:7c:
41:7b:59:ce:2e:d9:61:02:0b:80:9d:49:e8:ec:2a:84:00:86:
22:cd:76:79:ab:9e:c9:a2:5f:3d:c0:f0:18:a3:da:40:c3:29:
03:df:45:aa:97:75:1a:fd:41:f9:e3:51:1b:80:ac:57:00:e6:
86:89:6b:7b:9b:56:dc:03:87:cc:86:51:4a:aa:e1:88:06:92:
c8:c5:cb:50:61:5d:07:5d:4f:80:e0:76:14:a7:ad:15:02:68:
e3:96:93:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1DMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTcxNTM1WhcNMjcxMjEzMTcxNTM1WjAYMRYw
FAYDVQQDEw02NzdkNjEzYi00ZWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAndAXhgBEH2jnVyxyUk2uRhTwMS9ZUGOIGfSMzqRLHrKKnKX7T+v+BmG5
ilZZ2pH6H9RlEodwOTG5hsyf44kWmsLJkCos52sZ1HkmXRghT0lI4KyRMH1S2I2s
qQsy8EgX76OnjQPqig1Ia/t2mZo/Aq2PoERvucLdz1+kFYxL9lR61YhFEL7lw75Z
eprwfT5SdF7/vzjNXTVBdYiGR7+IGKBkZ2bABD/7OZ+VSr/ZFdfLakCXs1ST5ZuO
gB5effoEJ1MqWEtHICWXTUza8gjokXEwByHeO7JJUWSFDnHJsmkyOu8fP6pR7eAQ
tUTeuwlb41lNAdfCvQGh2ABgGf1OMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIER
jHnBOwnH4mGQum+Mn+y4jKACMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNDFDQ0UwQUNEMUIxMUVGQjIxODE0NTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEmMA0GCSqGSIb3DQEBCwUA
A4IBAQCMSiphJolVVbYCRec8nMYh7VVnnOgj3H52YqKVnxHvyHCXDPb0vS9ZSLRe
k77JlBsEm1rfGIQqpDg6Nxo/4fVRSmbfxcHOWIPW9vUZBmIbPFKDTQgrD2j2ef1r
ALitFpdx2DuNzELgeKa4L3f9eo842ZlYhxskBurvEL0IEXMlxPbIccfdyUfEAgKW
3fvdqeQH1CjfjWdAyYycOgw7RTezJXxBe1nOLtlhAguAnUno7CqEAIYizXZ5q57J
ol89wPAYo9pAwykD30Wql3Ua/UH541EbgKxXAOaGiWt7m1bcA4fMhlFKquGIBpLI
xctQYV0HXU+A4HYUp60VAmjjlpNc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:19 2025 by rpki-client