Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F801DCACD0111EFB9720CB0762E951A.roa
File: 0F801DCACD0111EFB9720CB0762E951A.roa (raw, json)
Hash identifier: SrHel+fwgMXwknijaFzV7AWaf18x8FLrqIXkjfeThg8=
Subject key identifier: 8F:74:BD:D1:98:88:3C:19:A6:29:3F:AC:0F:49:7D:6D:9F:02:F2:04
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC71
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F801DCACD0111EFB9720CB0762E951A.roa
Signing time: Tue 07 Jan 2025 14:09:51 +0000
ROA not before: Tue 07 Jan 2025 14:09:47 +0000
ROA not after: Sat 13 Dec 2025 14:09:47 +0000
asID: 984
IP address blocks: 156.238.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64625 (0xfc71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:09:47 2025 GMT
Not After : Dec 13 14:09:47 2025 GMT
Subject: CN=677d35af-39c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ad:40:aa:9c:5a:8e:95:95:60:ca:f7:8c:0e:
3b:d0:78:b4:ee:67:32:2a:ad:c0:4d:f7:59:a9:cd:
44:cd:e3:7f:b0:65:30:31:4f:4f:23:42:c5:74:ba:
0b:c8:88:bb:9c:cb:6f:65:eb:b5:5a:dd:b0:51:18:
8f:12:e6:a9:9f:77:bd:f5:4e:aa:c0:81:57:7f:41:
6e:b2:ca:7c:fe:8b:d1:dd:fa:b6:94:e2:50:41:d3:
3a:c4:39:78:e5:f2:b0:de:9c:51:6e:97:d9:0d:c2:
5e:21:9a:e0:3d:91:ee:a7:67:ce:df:2d:20:5a:f6:
72:ef:98:89:6f:fc:c8:e5:94:16:a9:c9:bb:d8:42:
b7:c9:d6:d9:c7:cd:71:3b:61:6c:20:1d:4e:f8:e5:
60:0a:db:fd:cb:c4:94:44:31:4d:b9:6f:fc:a2:4d:
b1:3b:10:92:5a:c1:c0:90:71:fb:e4:a3:a8:42:a7:
8b:3e:5a:ce:d4:fe:5b:3e:1c:47:51:4a:57:81:ef:
de:41:e9:0d:fc:d8:b6:42:6e:d8:73:84:20:ea:ae:
71:9b:82:b9:3a:23:db:cb:62:ac:b3:32:2d:47:2f:
06:49:08:2c:8e:81:ed:d4:32:6c:47:fd:ad:00:37:
aa:0e:8e:10:0e:38:30:a8:cf:16:f8:11:e7:a1:d8:
eb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:74:BD:D1:98:88:3C:19:A6:29:3F:AC:0F:49:7D:6D:9F:02:F2:04
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F801DCACD0111EFB9720CB0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.115.0/24
Signature Algorithm: sha256WithRSAEncryption
65:f8:09:c1:f9:e6:28:79:24:3e:cd:10:aa:66:0c:08:a0:ea:
b0:1d:de:15:56:09:02:8e:fd:91:75:47:0a:fe:91:8b:76:49:
02:38:4b:2c:a0:e2:28:9e:78:69:2f:05:db:ae:2a:da:2f:91:
b3:f1:4e:8a:37:a3:4b:b5:be:23:3c:65:2e:5e:d8:c5:9b:14:
e2:59:8e:3a:6c:12:5d:a9:d3:36:5a:b2:6c:17:41:b3:8a:8a:
dd:88:11:0a:ea:b8:ac:33:e1:64:b1:13:95:ad:1b:5b:89:02:
ab:15:b5:ff:04:31:a9:b4:7d:7f:ea:bc:3a:7e:d1:0f:26:0f:
c7:72:7d:04:99:8f:c6:56:0e:3b:88:64:28:14:63:90:c5:ae:
b0:a2:22:fd:d1:c2:3d:e7:21:18:31:6c:1f:a0:ef:c6:b2:f1:
af:72:b8:33:32:c2:7b:86:2f:03:2e:95:b0:65:97:70:9f:86:
69:0e:10:80:63:2c:e0:36:b2:92:3a:d9:dc:09:31:bb:e3:f5:
ae:f6:f3:06:49:ec:3d:e4:99:50:b4:80:64:29:dc:8e:e6:b9:
1b:c4:1a:77:a5:f2:c3:4d:b9:bc:f6:88:b3:dd:ba:06:fa:37:
1f:a0:65:9b:14:ee:8b:e4:a6:e1:8d:cd:47:b1:09:45:c9:32:
02:90:2a:a8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPxxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQwOTQ3WhcNMjUxMjEzMTQwOTQ3WjAYMRYw
FAYDVQQDEw02NzdkMzVhZi0zOWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqq1AqpxajpWVYMr3jA470Hi07mcyKq3ATfdZqc1EzeN/sGUwMU9PI0LF
dLoLyIi7nMtvZeu1Wt2wURiPEuapn3e99U6qwIFXf0Fussp8/ovR3fq2lOJQQdM6
xDl45fKw3pxRbpfZDcJeIZrgPZHup2fO3y0gWvZy75iJb/zI5ZQWqcm72EK3ydbZ
x81xO2FsIB1O+OVgCtv9y8SURDFNuW/8ok2xOxCSWsHAkHH75KOoQqeLPlrO1P5b
PhxHUUpXge/eQekN/Ni2Qm7Yc4Qg6q5xm4K5OiPby2KsszItRy8GSQgsjoHt1DJs
R/2tADeqDo4QDjgwqM8W+BHnodjrKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI90
vdGYiDwZpik/rA9JfW2fAvIEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjgwMURDQUNEMDExMUVGQjk3MjBDQjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5zMA0GCSqGSIb3DQEBCwUA
A4IBAQBl+AnB+eYoeSQ+zRCqZgwIoOqwHd4VVgkCjv2RdUcK/pGLdkkCOEssoOIo
nnhpLwXbriraL5Gz8U6KN6NLtb4jPGUuXtjFmxTiWY46bBJdqdM2WrJsF0Gziord
iBEK6risM+FksROVrRtbiQKrFbX/BDGptH1/6rw6ftEPJg/Hcn0EmY/GVg47iGQo
FGOQxa6woiL90cI95yEYMWwfoO/GsvGvcrgzMsJ7hi8DLpWwZZdwn4ZpDhCAYyzg
NrKSOtncCTG74/Wu9vMGSew95JlQtIBkKdyO5rkbxBp3pfLDTbm89oiz3boG+jcf
oGWbFO6L5Kbhjc1HsQlFyTICkCqo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:25 2025 by rpki-client