Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0EE0AB04CD2511EF824EA691762E951A.roa
File: 0EE0AB04CD2511EF824EA691762E951A.roa (raw, json)
Hash identifier: xZd1m9pTYjnW5kXQu2qi2K3M5kZGITqtXx9IRDNw3Ls=
Subject key identifier: A8:28:20:CE:10:FA:F5:3C:4E:55:4E:34:46:0C:82:9E:04:2B:3F:28
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD93
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0EE0AB04CD2511EF824EA691762E951A.roa
Signing time: Tue 07 Jan 2025 18:27:32 +0000
ROA not before: Tue 07 Jan 2025 18:27:28 +0000
ROA not after: Sat 13 Dec 2025 18:27:28 +0000
asID: 984
IP address blocks: 156.241.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64915 (0xfd93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 18:27:28 2025 GMT
Not After : Dec 13 18:27:28 2025 GMT
Subject: CN=677d7214-8094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:84:54:0b:5b:cd:4d:41:07:42:38:b9:62:4a:
ff:eb:e0:ae:24:b3:59:2d:f3:fe:01:a1:46:50:34:
98:e7:cc:76:c1:57:96:54:c3:8c:63:d3:95:ca:42:
67:86:55:66:64:bd:ce:8d:b8:d2:97:98:25:f8:7f:
12:69:ce:02:ba:78:3d:8c:8d:c5:90:03:de:68:d7:
a0:50:c0:a9:43:8d:66:cc:53:70:c3:37:57:5d:06:
cf:ad:7e:48:b4:3d:05:6d:e6:0c:24:98:6f:4b:9b:
9d:9e:65:6c:ce:c7:ee:ff:ad:e7:90:2c:22:fe:1a:
88:68:7b:b6:68:2e:14:d0:dd:0b:b3:cb:6d:27:78:
49:0a:77:60:0b:7d:6e:72:24:00:ff:0e:99:bf:e2:
88:73:46:0e:65:a3:bc:b0:e1:4f:9e:49:1c:f4:10:
dd:41:11:35:16:f8:0c:9e:27:c6:b2:33:b0:04:41:
8b:9e:e8:66:f3:21:d2:45:d3:97:4b:05:83:e6:c9:
56:de:44:00:1b:38:e2:3d:92:da:94:c4:1d:d9:6d:
fa:4f:ff:36:da:45:93:cd:09:9e:e1:c3:c8:b0:d8:
9d:26:60:79:e0:ec:d9:9c:e8:0e:49:86:ac:06:df:
78:34:bb:73:bb:c1:a5:4a:da:79:4b:be:e8:ea:ad:
18:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:28:20:CE:10:FA:F5:3C:4E:55:4E:34:46:0C:82:9E:04:2B:3F:28
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0EE0AB04CD2511EF824EA691762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.212.0/24
Signature Algorithm: sha256WithRSAEncryption
58:58:db:01:58:68:89:19:35:21:a9:19:81:b3:e7:01:4f:47:
a5:e8:78:06:26:5b:65:f2:c0:34:2a:9d:37:da:c9:85:49:ca:
35:db:11:56:51:ef:7a:06:0a:57:dc:d5:e2:bb:1a:6d:e1:56:
60:14:44:5f:a1:5f:5f:c8:28:b3:61:11:a2:f0:ea:ec:63:2d:
90:e9:b7:b8:2f:5e:3f:60:fc:ba:c3:4f:27:be:92:aa:93:4d:
a8:9b:15:fd:09:ca:ae:02:b4:9e:37:34:88:a6:0b:72:89:8e:
49:21:8d:f4:47:ef:59:76:34:5e:21:c2:fd:19:a1:e2:e4:94:
f6:68:69:09:dc:c6:fc:9e:6d:55:77:53:d0:da:2a:b6:a5:6d:
1c:12:af:af:f2:6e:0f:96:72:f4:5a:d4:aa:ea:c1:23:7c:7b:
9e:c8:02:6a:d7:d3:c4:d6:69:49:ae:ce:3e:bc:ea:0d:5e:8e:
87:61:05:e1:3d:41:5a:c8:1c:fb:80:74:be:3e:ee:c5:01:98:
0b:99:07:58:87:8e:b7:50:01:30:db:b8:09:95:5d:e6:23:41:
d2:c3:ef:91:58:92:e7:bd:79:01:5e:34:44:32:2d:67:9a:dc:
9a:ae:6b:ff:44:f8:7c:ff:5f:e0:29:db:4a:83:9a:73:a6:07:
60:1d:c1:fa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP2TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTgyNzI4WhcNMjUxMjEzMTgyNzI4WjAYMRYw
FAYDVQQDEw02NzdkNzIxNC04MDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8YRUC1vNTUEHQji5Ykr/6+CuJLNZLfP+AaFGUDSY58x2wVeWVMOMY9OV
ykJnhlVmZL3OjbjSl5gl+H8Sac4Cung9jI3FkAPeaNegUMCpQ41mzFNwwzdXXQbP
rX5ItD0FbeYMJJhvS5udnmVszsfu/63nkCwi/hqIaHu2aC4U0N0Ls8ttJ3hJCndg
C31uciQA/w6Zv+KIc0YOZaO8sOFPnkkc9BDdQRE1FvgMnifGsjOwBEGLnuhm8yHS
RdOXSwWD5slW3kQAGzjiPZLalMQd2W36T/822kWTzQme4cPIsNidJmB54OzZnOgO
SYasBt94NLtzu8GlStp5S77o6q0YLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKgo
IM4Q+vU8TlVONEYMgp4EKz8oMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRUUwQUIwNENEMjUxMUVGODI0RUE2OTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHUMA0GCSqGSIb3DQEBCwUA
A4IBAQBYWNsBWGiJGTUhqRmBs+cBT0el6HgGJltl8sA0Kp032smFSco12xFWUe96
BgpX3NXiuxpt4VZgFERfoV9fyCizYRGi8OrsYy2Q6be4L14/YPy6w08nvpKqk02o
mxX9CcquArSeNzSIpgtyiY5JIY30R+9ZdjReIcL9GaHi5JT2aGkJ3Mb8nm1Vd1PQ
2iq2pW0cEq+v8m4PlnL0WtSq6sEjfHueyAJq19PE1mlJrs4+vOoNXo6HYQXhPUFa
yBz7gHS+Pu7FAZgLmQdYh463UAEw27gJlV3mI0HSw++RWJLnvXkBXjREMi1nmtya
rmv/RPh8/1/gKdtKg5pzpgdgHcH6
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:17 2025 by rpki-client