Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07382A5ECD2411EF9254F88C762E951A.roa
File: 07382A5ECD2411EF9254F88C762E951A.roa (raw, json)
Hash identifier: 4e5/NqTY34wZhvmOJ6vxAUrpSbQCSMzXVnHHR0yZK9k=
Subject key identifier: B0:AA:C3:63:56:F7:24:F9:1D:04:40:13:3D:0A:DE:E7:A8:1F:AD:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD8B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07382A5ECD2411EF9254F88C762E951A.roa
Signing time: Tue 07 Jan 2025 18:20:10 +0000
ROA not before: Tue 07 Jan 2025 18:20:06 +0000
ROA not after: Sat 13 Dec 2025 18:20:06 +0000
asID: 984
IP address blocks: 156.241.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64907 (0xfd8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 18:20:06 2025 GMT
Not After : Dec 13 18:20:06 2025 GMT
Subject: CN=677d705a-9c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:6b:51:12:68:a9:4b:3c:25:13:0f:af:6e:4c:
1f:67:5c:30:32:ca:19:11:f9:22:32:5a:0b:b9:4f:
bb:41:43:04:08:7c:dd:0d:90:9e:40:46:dd:d7:ff:
33:22:92:a9:f8:a6:48:e6:47:11:6c:50:f5:60:25:
b1:fd:29:40:e4:18:79:e1:1b:1c:ef:65:00:6f:c8:
ed:d0:f5:76:f6:b4:b5:c8:09:27:19:54:3b:9e:66:
fb:1e:1a:68:ed:20:52:ce:a0:4d:db:92:98:ff:78:
20:d1:39:16:84:68:7f:21:c7:1c:33:3a:73:78:4b:
f3:52:b2:47:06:a9:ea:5b:e4:9b:bd:c6:ec:a9:95:
99:e1:b2:d4:b1:e6:8d:f3:26:01:52:6a:bb:dc:9a:
4b:41:07:99:62:84:66:0b:08:00:3c:47:1a:c4:ec:
18:23:e3:24:bb:0f:a7:17:24:d1:b9:e6:9a:c7:69:
08:ae:c1:75:8a:31:6f:03:8c:5e:52:47:6b:d4:66:
6b:b3:f4:cf:b3:93:3f:7f:63:e6:35:4c:71:24:f4:
b0:5b:50:9d:c7:19:11:46:b6:35:16:97:df:09:2b:
8c:5b:91:6f:62:7d:27:c2:12:af:b2:fe:49:3b:14:
32:d8:0f:fc:68:5a:23:3e:b0:96:45:fb:24:2c:33:
bb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AA:C3:63:56:F7:24:F9:1D:04:40:13:3D:0A:DE:E7:A8:1F:AD:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07382A5ECD2411EF9254F88C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.208.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:64:aa:f2:54:e6:d2:d8:83:56:b6:20:88:c5:3a:56:31:5b:
fd:e3:5c:fb:dc:3a:52:1c:b2:bb:ec:73:78:bd:ac:31:fa:11:
39:77:74:03:11:e9:90:0c:39:bf:84:1e:f5:9b:d2:7d:dc:2a:
2b:68:47:23:73:31:92:36:35:4c:31:29:4b:ec:84:e5:66:c4:
a3:a6:a6:1d:84:4a:ee:f6:68:21:e8:50:74:77:b0:2c:02:93:
09:56:d3:c8:d4:9c:2d:38:43:e6:fa:64:7c:b8:3f:ce:71:77:
03:e1:2e:00:8d:10:82:d0:5b:27:82:13:fe:f0:a6:73:42:19:
5a:9b:a7:9e:e2:28:31:e4:e2:59:b8:3d:c5:7e:3f:84:30:98:
1d:e4:ab:d1:1a:07:f3:44:2f:ac:1c:d1:af:19:3e:e2:27:9c:
4d:12:86:e4:66:c5:ac:fd:74:43:61:79:63:74:f4:5b:aa:bf:
39:e0:3b:4b:10:31:10:7a:e4:18:db:69:3f:78:ba:ba:28:cf:
62:49:b5:e5:e9:2b:12:57:e4:89:99:06:05:dc:c4:83:cb:45:
72:e6:25:66:7a:93:92:d7:ab:f4:1b:86:a5:db:17:02:d4:8a:
4d:5f:d9:10:f5:11:92:2f:e1:21:a7:6e:49:59:1b:25:82:26:
4e:dd:0a:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP2LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTgyMDA2WhcNMjUxMjEzMTgyMDA2WjAYMRYw
FAYDVQQDEw02NzdkNzA1YS05YzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA52tREmipSzwlEw+vbkwfZ1wwMsoZEfkiMloLuU+7QUMECHzdDZCeQEbd
1/8zIpKp+KZI5kcRbFD1YCWx/SlA5Bh54Rsc72UAb8jt0PV29rS1yAknGVQ7nmb7
Hhpo7SBSzqBN25KY/3gg0TkWhGh/IcccMzpzeEvzUrJHBqnqW+SbvcbsqZWZ4bLU
seaN8yYBUmq73JpLQQeZYoRmCwgAPEcaxOwYI+Mkuw+nFyTRueaax2kIrsF1ijFv
A4xeUkdr1GZrs/TPs5M/f2PmNUxxJPSwW1CdxxkRRrY1FpffCSuMW5FvYn0nwhKv
sv5JOxQy2A/8aFojPrCWRfskLDO7DwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLCq
w2NW9yT5HQRAEz0K3ueoH63LMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNzM4MkE1RUNEMjQxMUVGOTI1NEY4OEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHQMA0GCSqGSIb3DQEBCwUA
A4IBAQC7ZKryVObS2INWtiCIxTpWMVv941z73DpSHLK77HN4vawx+hE5d3QDEemQ
DDm/hB71m9J93CoraEcjczGSNjVMMSlL7ITlZsSjpqYdhEru9mgh6FB0d7AsApMJ
VtPI1JwtOEPm+mR8uD/OcXcD4S4AjRCC0FsnghP+8KZzQhlam6ee4igx5OJZuD3F
fj+EMJgd5KvRGgfzRC+sHNGvGT7iJ5xNEobkZsWs/XRDYXljdPRbqr854DtLEDEQ
euQY22k/eLq6KM9iSbXl6SsSV+SJmQYF3MSDy0Vy5iVmepOS16v0G4al2xcC1IpN
X9kQ9RGSL+Ehp25JWRslgiZO3Qrh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:22 2025 by rpki-client