Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10FC6AB2CCC211EF92CA7BA1762E951A.roa
File: 10FC6AB2CCC211EF92CA7BA1762E951A.roa (raw, json)
Hash identifier: 6rqZCiCvk1dFxmbv8HpTfpoF/Ngar35UQp+m1zt38wc=
Subject key identifier: 09:9E:BC:19:B4:01:9A:E2:65:B2:FF:FE:59:2B:DB:73:0C:0E:1F:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA30
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10FC6AB2CCC211EF92CA7BA1762E951A.roa
Signing time: Tue 07 Jan 2025 06:38:55 +0000
ROA not before: Tue 07 Jan 2025 06:38:52 +0000
ROA not after: Sat 13 Dec 2025 06:38:52 +0000
asID: 984
IP address blocks: 156.233.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64048 (0xfa30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 06:38:52 2025 GMT
Not After : Dec 13 06:38:52 2025 GMT
Subject: CN=677ccbff-031f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b6:2b:95:e8:51:54:87:4b:8c:32:3a:7a:d8:
73:ca:88:cc:32:ed:ae:15:b4:0b:41:fd:61:62:0a:
af:1e:4b:2f:57:e7:e5:4b:ad:0c:8a:63:cc:56:2f:
18:b9:ee:75:08:68:57:8c:bb:08:97:fa:0b:ee:9b:
bf:61:a9:84:bc:40:26:f0:db:cd:0a:02:70:39:9f:
1e:f5:0d:26:18:7d:6b:a7:e4:21:57:df:30:4a:29:
52:71:2c:6b:54:c1:48:c1:40:10:21:de:0d:f3:af:
34:af:76:d9:71:f7:c3:47:8a:a6:65:79:75:46:dc:
cd:ca:0a:6d:26:c9:4b:e0:21:50:47:ba:1b:9c:59:
3a:e7:e1:aa:4e:a0:e4:26:c4:53:43:ce:d3:3f:2f:
1e:ed:c5:ee:87:fa:4a:99:6e:18:09:dc:81:c8:05:
1a:a1:af:76:cb:ff:c9:50:b9:4d:50:44:52:0f:b2:
28:a4:a1:6b:96:50:b8:ad:dc:b7:f6:a6:1c:44:07:
60:f6:be:6c:cd:80:31:81:20:1d:7f:04:6e:fc:7b:
19:42:19:84:92:cb:98:15:75:74:d7:d5:8e:f2:c3:
80:e8:a7:9a:7f:ae:8c:ad:83:c0:39:7c:b1:10:76:
57:c4:34:9a:81:c3:a0:90:68:99:5c:89:e3:8b:29:
33:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9E:BC:19:B4:01:9A:E2:65:B2:FF:FE:59:2B:DB:73:0C:0E:1F:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10FC6AB2CCC211EF92CA7BA1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.45.0/24
Signature Algorithm: sha256WithRSAEncryption
77:67:b5:96:0f:33:18:d4:0d:25:bf:3e:f1:b0:5f:3c:1b:db:
99:a5:ed:a5:62:f1:1c:3b:00:3d:3d:f1:d8:d4:8b:af:6f:19:
94:07:16:be:91:c1:76:89:c1:88:06:93:ad:b8:3f:c5:d8:44:
bb:5f:91:d2:f3:04:14:46:98:53:16:2a:8d:66:18:4d:7d:1d:
2b:e3:aa:be:5c:c3:0b:e4:96:9c:57:3e:c0:1b:b3:28:65:5b:
1b:e1:12:1a:34:61:a5:91:59:d9:09:90:26:ef:9e:2e:87:e0:
16:90:ff:95:50:cf:b8:2b:33:52:2f:e5:81:29:96:0c:d6:3f:
1c:5d:7f:88:3c:c8:81:9e:ee:63:04:8e:23:86:c2:d4:2d:f4:
44:33:06:38:88:58:18:40:a9:0b:b6:37:73:ab:c5:4f:fe:7c:
fa:1a:be:81:f5:b5:ae:9a:da:47:c7:e4:e7:8f:7c:9a:17:00:
43:0d:d2:a2:48:58:46:2b:50:47:c1:98:21:39:e4:f0:7f:ec:
e6:0a:29:bb:3e:4a:76:af:93:03:93:2e:58:bb:7a:92:e3:a3:
d0:1c:9f:9d:f1:f9:19:b0:30:77:1e:08:64:84:3e:f8:94:81:
d2:52:16:47:d2:99:c0:3f:f7:72:a7:a1:66:04:be:f7:2b:98:
a8:4b:c0:45
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPowMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDYzODUyWhcNMjUxMjEzMDYzODUyWjAYMRYw
FAYDVQQDEw02NzdjY2JmZi0wMzFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqbYrlehRVIdLjDI6ethzyojMMu2uFbQLQf1hYgqvHksvV+flS60MimPM
Vi8Yue51CGhXjLsIl/oL7pu/YamEvEAm8NvNCgJwOZ8e9Q0mGH1rp+QhV98wSilS
cSxrVMFIwUAQId4N8680r3bZcffDR4qmZXl1RtzNygptJslL4CFQR7obnFk65+Gq
TqDkJsRTQ87TPy8e7cXuh/pKmW4YCdyByAUaoa92y//JULlNUERSD7IopKFrllC4
rdy39qYcRAdg9r5szYAxgSAdfwRu/HsZQhmEksuYFXV019WO8sOA6Keaf66MrYPA
OXyxEHZXxDSagcOgkGiZXInjiykz0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAme
vBm0AZriZbL//lkr23MMDh9dMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMEZDNkFCMkNDQzIxMUVGOTJDQTdCQTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOktMA0GCSqGSIb3DQEBCwUA
A4IBAQB3Z7WWDzMY1A0lvz7xsF88G9uZpe2lYvEcOwA9PfHY1IuvbxmUBxa+kcF2
icGIBpOtuD/F2ES7X5HS8wQURphTFiqNZhhNfR0r46q+XMML5JacVz7AG7MoZVsb
4RIaNGGlkVnZCZAm754uh+AWkP+VUM+4KzNSL+WBKZYM1j8cXX+IPMiBnu5jBI4j
hsLULfREMwY4iFgYQKkLtjdzq8VP/nz6Gr6B9bWumtpHx+Tnj3yaFwBDDdKiSFhG
K1BHwZghOeTwf+zmCim7Pkp2r5MDky5Yu3qS46PQHJ+d8fkZsDB3HghkhD74lIHS
UhZH0pnAP/dyp6FmBL73K5ioS8BF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:12 2025 by rpki-client