Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/130268DCCF5D11EFB53DD4BE762E951A.roa
File: 130268DCCF5D11EFB53DD4BE762E951A.roa (raw, json)
Hash identifier: v744+xkA3GJP8rRO72Ocg9BnZGcssSUTbX60J/YQgCU=
Subject key identifier: C3:13:55:35:AA:18:0E:BF:04:15:A5:29:33:4E:18:E9:D8:D7:64:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01054F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/130268DCCF5D11EFB53DD4BE762E951A.roa
Signing time: Fri 10 Jan 2025 14:13:33 +0000
ROA not before: Fri 10 Jan 2025 14:13:29 +0000
ROA not after: Wed 10 Dec 2025 14:13:29 +0000
asID: 984
IP address blocks: 156.228.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66895 (0x1054f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 14:13:29 2025 GMT
Not After : Dec 10 14:13:29 2025 GMT
Subject: CN=67812b0d-3e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:49:46:71:53:c9:84:ac:a1:23:b8:ec:b0:1c:
ab:9a:1f:91:7d:e2:33:ae:44:41:6e:03:88:4f:ab:
3c:09:f8:b1:3d:b1:5c:e8:85:61:de:2f:59:87:87:
ca:12:3d:5e:64:82:23:9e:17:56:ba:38:10:1d:93:
37:62:5c:0a:d1:21:cf:cb:67:a3:a4:f9:02:c5:f4:
cb:c6:30:f1:68:25:a6:75:a2:23:4b:52:a0:15:80:
57:43:28:10:ef:b1:d2:ad:98:17:e3:5b:bf:09:f4:
b1:4d:53:c1:88:4d:e7:3b:fb:c7:83:3c:ec:e6:f8:
f8:ca:64:31:53:e6:29:7f:1c:35:cd:7f:42:12:4a:
53:79:6b:b5:b2:89:b4:83:6a:2a:1f:72:a8:30:ac:
58:57:c9:ca:88:2e:66:38:08:3d:01:65:64:5f:3c:
83:e8:32:e9:00:be:5a:27:66:79:dc:68:30:f3:5f:
b9:38:c7:9d:bb:3e:dd:6c:9a:c2:af:21:ca:68:dd:
8a:54:b4:1b:58:be:c0:17:d3:0f:ee:70:72:e9:af:
69:81:ca:6f:ac:a4:72:22:a8:ab:8d:bf:4b:31:08:
fd:7c:d1:9f:63:08:a3:b8:13:ad:d5:df:4b:65:15:
b2:53:0b:a6:57:b2:4f:83:9d:a4:35:1f:b5:51:ac:
e4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:13:55:35:AA:18:0E:BF:04:15:A5:29:33:4E:18:E9:D8:D7:64:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/130268DCCF5D11EFB53DD4BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.252.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:b5:a9:54:e1:23:17:8f:af:79:55:d3:3b:4b:7b:bd:7d:c6:
1e:80:e9:91:3b:c2:50:b3:de:d3:23:fe:86:0b:d0:1c:5a:4e:
1a:fb:9d:2e:6b:f3:c4:05:60:04:42:0d:23:98:40:27:e7:9f:
b1:0b:3f:a3:ad:17:5e:c0:12:45:98:68:58:10:f4:b6:cc:6c:
19:0a:4d:ae:97:7e:74:44:d6:89:82:40:d9:74:ef:93:e9:e1:
e0:1f:9d:ae:1a:16:00:1d:21:d7:df:29:f4:1e:c9:7d:e3:6a:
7f:c9:89:ad:5b:ec:36:61:f3:81:49:b1:50:8f:c0:dd:e6:15:
47:1a:2b:97:04:b5:04:72:99:92:ac:a5:8f:95:f7:7f:31:42:
07:6e:37:5a:fd:be:1c:8c:02:9e:e7:b8:0d:0b:e3:70:e4:20:
d6:3a:1f:ec:90:03:c8:c1:24:b9:5d:e2:39:34:29:a3:4a:f0:
09:5d:2a:a9:cd:4c:a3:e5:ba:a6:54:de:c6:21:7d:e4:fc:81:
9d:f1:44:16:78:65:2c:49:75:e3:5f:b5:bb:73:26:1f:79:e8:
8d:5d:d4:b1:3a:a1:37:8f:92:66:f1:63:e1:24:0e:6f:2f:32:
24:8f:f0:79:77:14:f5:78:19:cc:d8:48:2a:a9:4f:d8:2b:57:
42:27:73:41
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTQxMzI5WhcNMjUxMjEwMTQxMzI5WjAYMRYw
FAYDVQQDEw02NzgxMmIwZC0zZTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwUlGcVPJhKyhI7jssByrmh+RfeIzrkRBbgOIT6s8CfixPbFc6IVh3i9Z
h4fKEj1eZIIjnhdWujgQHZM3YlwK0SHPy2ejpPkCxfTLxjDxaCWmdaIjS1KgFYBX
QygQ77HSrZgX41u/CfSxTVPBiE3nO/vHgzzs5vj4ymQxU+Ypfxw1zX9CEkpTeWu1
som0g2oqH3KoMKxYV8nKiC5mOAg9AWVkXzyD6DLpAL5aJ2Z53Ggw81+5OMeduz7d
bJrCryHKaN2KVLQbWL7AF9MP7nBy6a9pgcpvrKRyIqirjb9LMQj9fNGfYwijuBOt
1d9LZRWyUwumV7JPg52kNR+1UazkTQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMMT
VTWqGA6/BBWlKTNOGOnY12TKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMzAyNjhEQ0NGNUQxMUVGQjUzREQ0QkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOT8MA0GCSqGSIb3DQEBCwUA
A4IBAQCftalU4SMXj695VdM7S3u9fcYegOmRO8JQs97TI/6GC9AcWk4a+50ua/PE
BWAEQg0jmEAn55+xCz+jrRdewBJFmGhYEPS2zGwZCk2ul350RNaJgkDZdO+T6eHg
H52uGhYAHSHX3yn0Hsl942p/yYmtW+w2YfOBSbFQj8Dd5hVHGiuXBLUEcpmSrKWP
lfd/MUIHbjda/b4cjAKe57gNC+Nw5CDWOh/skAPIwSS5XeI5NCmjSvAJXSqpzUyj
5bqmVN7GIX3k/IGd8UQWeGUsSXXjX7W7cyYfeeiNXdSxOqE3j5Jm8WPhJA5vLzIk
j/B5dxT1eBnM2EgqqU/YK1dCJ3NB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:58 2025 by rpki-client