Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0BB2D5E4CD3C11EF82671EA2762E951A.roa
File: 0BB2D5E4CD3C11EF82671EA2762E951A.roa (raw, json)
Hash identifier: Mzyb0jCYtReG7kKPhqDG+stH0eKUmR2F1JTvXX0GKJw=
Subject key identifier: AB:61:4E:68:09:16:B3:57:D9:3B:5C:FF:CF:EA:31:09:67:4A:5F:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE49
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0BB2D5E4CD3C11EF82671EA2762E951A.roa
Signing time: Tue 07 Jan 2025 21:12:05 +0000
ROA not before: Tue 07 Jan 2025 21:12:01 +0000
ROA not after: Sat 13 Dec 2025 21:12:01 +0000
asID: 984
IP address blocks: 156.243.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65097 (0xfe49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:12:01 2025 GMT
Not After : Dec 13 21:12:01 2025 GMT
Subject: CN=677d98a5-f528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:65:17:42:cb:90:d1:b8:08:39:8f:aa:9f:a7:
3f:c8:f8:aa:8a:60:d8:8d:0e:06:1f:e4:ed:f4:50:
ad:8f:34:d0:9e:90:be:42:0a:63:11:b9:52:d7:6f:
37:25:7a:61:5b:39:75:c4:5c:cc:80:5b:02:f6:b5:
1a:b6:65:eb:f0:a6:1c:13:58:c4:66:50:6a:66:dd:
1e:ce:ee:86:52:c9:2f:08:70:48:cb:14:16:4d:79:
98:51:52:1c:fe:bd:b9:b7:85:06:33:df:ca:7f:11:
f4:b0:61:1e:9d:70:70:11:66:9c:9d:b2:79:ee:8b:
65:9d:bc:52:21:91:c3:a4:ea:67:b7:69:91:e3:14:
8d:70:49:cd:27:2a:dd:44:df:cc:e3:ac:a8:61:ef:
62:3e:12:52:b7:b6:75:60:89:5e:2c:a9:76:fe:d4:
7b:b5:57:d9:60:cc:6a:56:ff:a1:a9:5f:cc:9c:93:
ad:5a:25:0e:6b:23:8f:ed:2a:a3:6c:40:ed:7e:eb:
79:20:e9:d8:dd:c0:c3:51:84:77:df:94:34:56:a2:
4b:1b:a4:37:8e:df:01:56:1d:46:b0:c6:14:8c:8e:
a5:5e:8d:5b:f6:94:a6:a2:6a:dc:40:5c:e4:79:ca:
a7:89:81:91:4a:34:ca:da:8f:26:a8:c2:10:7e:b8:
46:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:61:4E:68:09:16:B3:57:D9:3B:5C:FF:CF:EA:31:09:67:4A:5F:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0BB2D5E4CD3C11EF82671EA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.77.0/24
Signature Algorithm: sha256WithRSAEncryption
03:3f:b4:84:ed:9d:36:63:46:80:42:67:7b:5d:56:ad:28:50:
b8:95:a4:60:f2:5e:69:f2:e3:15:8b:68:d9:41:72:f5:5c:7b:
91:a5:0a:bd:41:1f:fe:68:0d:8d:35:d4:70:ee:a5:b9:ce:58:
09:db:41:68:50:62:73:70:63:ff:0a:2b:72:a6:7d:e0:a8:81:
74:6b:cd:c4:d6:92:74:c2:31:55:17:0f:cb:f1:48:e7:e9:ba:
07:db:02:33:4c:ac:d2:9d:85:69:be:77:56:b0:36:18:f0:20:
d3:31:6a:37:69:e3:e8:9f:a3:69:63:91:a7:19:9b:1e:2e:b1:
d8:e1:98:35:4a:c7:84:19:ec:cd:bb:65:4c:ea:d8:7d:47:51:
b0:39:6d:67:33:a9:a8:66:e4:5d:32:7d:16:0f:f4:c5:fa:48:
89:2a:86:b0:e5:5c:87:90:a8:1c:a0:dc:35:2a:58:86:08:39:
31:f9:4c:83:f8:ba:ba:91:9c:14:7c:12:92:fb:c7:b2:17:71:
bd:25:0c:84:56:81:f0:16:f3:a4:72:7c:26:2c:be:df:ba:b4:
12:9f:2b:99:c5:43:24:3b:18:d3:11:33:01:57:2e:60:43:56:
83:e4:28:00:f9:d7:2b:36:e3:18:27:dd:46:97:3b:7e:c6:36:
b9:67:11:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP5JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjExMjAxWhcNMjUxMjEzMjExMjAxWjAYMRYw
FAYDVQQDEw02NzdkOThhNS1mNTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGUXQsuQ0bgIOY+qn6c/yPiqimDYjQ4GH+Tt9FCtjzTQnpC+QgpjEblS
1283JXphWzl1xFzMgFsC9rUatmXr8KYcE1jEZlBqZt0ezu6GUskvCHBIyxQWTXmY
UVIc/r25t4UGM9/KfxH0sGEenXBwEWacnbJ57otlnbxSIZHDpOpnt2mR4xSNcEnN
JyrdRN/M46yoYe9iPhJSt7Z1YIleLKl2/tR7tVfZYMxqVv+hqV/MnJOtWiUOayOP
7SqjbEDtfut5IOnY3cDDUYR335Q0VqJLG6Q3jt8BVh1GsMYUjI6lXo1b9pSmomrc
QFzkecqniYGRSjTK2o8mqMIQfrhGGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKth
TmgJFrNX2Ttc/8/qMQlnSl+hMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQkIyRDVFNENEM0MxMUVGODI2NzFFQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNNMA0GCSqGSIb3DQEBCwUA
A4IBAQADP7SE7Z02Y0aAQmd7XVatKFC4laRg8l5p8uMVi2jZQXL1XHuRpQq9QR/+
aA2NNdRw7qW5zlgJ20FoUGJzcGP/Citypn3gqIF0a83E1pJ0wjFVFw/L8Ujn6boH
2wIzTKzSnYVpvndWsDYY8CDTMWo3aePon6NpY5GnGZseLrHY4Zg1SseEGezNu2VM
6th9R1GwOW1nM6moZuRdMn0WD/TF+kiJKoaw5VyHkKgcoNw1KliGCDkx+UyD+Lq6
kZwUfBKS+8eyF3G9JQyEVoHwFvOkcnwmLL7furQSnyuZxUMkOxjTETMBVy5gQ1aD
5CgA+dcrNuMYJ91Glzt+xja5ZxFS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:23 2025 by rpki-client