Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10054D18CD2611EFBF1DCD97762E951A.roa
File: 10054D18CD2611EFBF1DCD97762E951A.roa (raw, json)
Hash identifier: CigaCYuBh3vTQfJC7Vsdk5ID1vngZt78eILOlOS9398=
Subject key identifier: 4D:74:6F:C7:9A:8A:F4:B9:0B:12:71:A3:22:CF:3E:87:FF:27:E1:6E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD9B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10054D18CD2611EFBF1DCD97762E951A.roa
Signing time: Tue 07 Jan 2025 18:34:43 +0000
ROA not before: Tue 07 Jan 2025 18:34:40 +0000
ROA not after: Sat 13 Dec 2025 18:34:40 +0000
asID: 984
IP address blocks: 156.241.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64923 (0xfd9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 18:34:40 2025 GMT
Not After : Dec 13 18:34:40 2025 GMT
Subject: CN=677d73c3-483c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:97:70:33:16:fb:b2:85:5d:1a:2c:b6:e0:f0:
2c:78:33:64:1e:2a:d0:25:d7:75:ab:6f:a8:49:b5:
17:ba:53:d6:9b:24:f5:af:5f:42:fe:85:3a:75:61:
84:9f:3b:7f:be:f4:1e:fb:04:e2:37:6d:e0:da:a0:
2d:8d:18:46:ad:94:cc:69:d1:09:d8:5a:07:f3:1b:
a1:9a:62:0e:e1:1b:16:64:49:ce:cd:0b:e1:fe:98:
55:39:3d:32:96:73:6c:96:73:ab:32:9f:f8:db:a3:
86:49:dc:dd:e9:85:bc:0e:82:06:86:9a:61:e4:b6:
19:ef:30:56:a4:67:30:f5:89:cc:ab:11:47:b9:de:
a5:c8:03:eb:b0:f9:5e:da:55:78:21:d8:30:82:e7:
56:6a:9a:63:f3:5c:8a:9b:26:6a:07:ca:45:f2:9f:
1f:73:8c:0b:7c:85:06:9f:07:16:f5:0a:f9:6a:ef:
1d:c2:92:5c:cd:1e:3d:9e:3d:21:b7:27:f3:9c:6c:
53:91:11:a9:1a:f0:f3:4e:bc:a0:fa:1a:4d:f7:1e:
de:41:3c:e0:11:e0:9e:42:43:fd:1b:24:b9:5b:e3:
34:05:00:6c:36:ae:b4:1d:ed:8b:c4:70:cc:bd:8c:
6b:a3:da:6d:a2:77:4d:7e:b8:44:ea:10:2b:44:ab:
18:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:74:6F:C7:9A:8A:F4:B9:0B:12:71:A3:22:CF:3E:87:FF:27:E1:6E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10054D18CD2611EFBF1DCD97762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.216.0/24
Signature Algorithm: sha256WithRSAEncryption
24:1b:58:5b:0f:63:94:09:05:db:7a:35:a4:a7:53:08:09:ff:
cc:b7:23:5f:d5:6b:5a:95:c4:0b:55:52:7a:5f:8e:80:4a:10:
87:21:c8:61:61:35:4d:81:40:f9:4c:57:ed:d1:05:af:23:17:
1a:b5:a7:c4:9b:6d:c1:ff:5d:05:40:22:53:7a:83:9f:08:3c:
12:ab:bc:a5:4f:3d:1a:19:a3:ac:6b:62:ce:51:90:bb:62:a0:
08:02:83:fa:26:19:09:8e:6e:ea:48:d8:b2:d4:60:b0:3a:c7:
4e:bf:39:ce:76:87:a5:be:c6:50:38:32:6a:1e:86:9e:04:c9:
a2:42:7b:99:90:5f:c2:ac:7b:aa:e5:fa:04:a4:f1:97:8c:d8:
23:be:37:0d:9c:29:a2:b2:ba:3d:0d:6c:1b:14:29:73:de:5e:
41:0e:bd:54:03:84:37:bc:5a:6a:84:c5:18:2a:63:42:8f:7a:
86:78:ca:0e:6b:73:d0:7c:fa:1d:ae:c3:6b:e6:43:c2:40:63:
b7:06:03:1f:5f:ec:f8:e3:a7:33:cc:13:88:2c:ac:a8:3e:de:
da:93:5e:16:ba:87:5b:da:14:34:0f:40:3f:47:64:78:69:75:
35:d0:d3:f8:db:4d:32:36:e9:6c:9c:e5:71:d8:87:39:50:f3:
50:ac:49:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP2bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTgzNDQwWhcNMjUxMjEzMTgzNDQwWjAYMRYw
FAYDVQQDEw02NzdkNzNjMy00ODNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3pdwMxb7soVdGiy24PAseDNkHirQJdd1q2+oSbUXulPWmyT1r19C/oU6
dWGEnzt/vvQe+wTiN23g2qAtjRhGrZTMadEJ2FoH8xuhmmIO4RsWZEnOzQvh/phV
OT0ylnNslnOrMp/426OGSdzd6YW8DoIGhpph5LYZ7zBWpGcw9YnMqxFHud6lyAPr
sPle2lV4IdgwgudWappj81yKmyZqB8pF8p8fc4wLfIUGnwcW9Qr5au8dwpJczR49
nj0htyfznGxTkRGpGvDzTryg+hpN9x7eQTzgEeCeQkP9GyS5W+M0BQBsNq60He2L
xHDMvYxro9ptondNfrhE6hArRKsYkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE10
b8eaivS5CxJxoyLPPof/J+FuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMDA1NEQxOENEMjYxMUVGQkYxRENEOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHYMA0GCSqGSIb3DQEBCwUA
A4IBAQAkG1hbD2OUCQXbejWkp1MICf/MtyNf1WtalcQLVVJ6X46AShCHIchhYTVN
gUD5TFft0QWvIxcatafEm23B/10FQCJTeoOfCDwSq7ylTz0aGaOsa2LOUZC7YqAI
AoP6JhkJjm7qSNiy1GCwOsdOvznOdoelvsZQODJqHoaeBMmiQnuZkF/CrHuq5foE
pPGXjNgjvjcNnCmisro9DWwbFClz3l5BDr1UA4Q3vFpqhMUYKmNCj3qGeMoOa3PQ
fPodrsNr5kPCQGO3BgMfX+z446czzBOILKyoPt7ak14Wuodb2hQ0D0A/R2R4aXU1
0NP4200yNulsnOVx2Ic5UPNQrElQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:39 2025 by rpki-client