Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14F01CD8CD2911EF83C107AB762E951A.roa
File: 14F01CD8CD2911EF83C107AB762E951A.roa (raw, json)
Hash identifier: dgpCZAyz7qmLtz6G2w3QNO5cpOWWb0VjUNOEJRXBJUg=
Subject key identifier: 7B:A4:EF:D8:3F:27:87:58:33:7E:D4:9A:95:E1:44:4D:55:6D:36:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDB3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14F01CD8CD2911EF83C107AB762E951A.roa
Signing time: Tue 07 Jan 2025 18:56:20 +0000
ROA not before: Tue 07 Jan 2025 18:56:16 +0000
ROA not after: Sat 13 Dec 2025 18:56:16 +0000
asID: 984
IP address blocks: 156.241.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64947 (0xfdb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 18:56:16 2025 GMT
Not After : Dec 13 18:56:16 2025 GMT
Subject: CN=677d78d4-21fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:34:af:29:fa:cd:98:0a:00:34:26:27:c2:34:
87:1f:21:23:24:bf:92:89:a5:82:5d:03:93:4f:d2:
f6:a6:43:ce:c5:20:c9:11:e7:c6:69:73:7d:e3:fd:
51:0d:25:b9:16:92:3a:e7:19:7b:b0:c3:01:c3:92:
8d:d6:b0:a4:ea:56:91:0f:73:d7:47:0d:b1:71:d3:
1f:61:5a:be:9b:24:78:38:6b:35:6c:de:3c:15:8c:
27:53:97:99:ac:92:2b:9f:3c:b1:f6:91:04:ef:1b:
a6:c7:ac:1d:f1:97:3b:8d:b6:1c:1f:f5:e6:d3:b4:
ed:d4:59:f9:a0:62:bd:5b:d6:a8:34:c3:14:48:39:
e6:d6:ba:7d:1e:5b:d9:29:49:ed:0c:cf:62:45:e2:
89:fc:3b:16:a2:8f:7f:73:eb:67:a0:e8:e5:fb:32:
6d:cd:2e:5c:e0:53:40:6c:a3:b4:88:0f:5c:78:ec:
49:22:bb:f5:87:0c:6e:3c:59:26:b9:78:1e:de:62:
65:5f:d5:9f:b0:4a:b1:ad:71:a1:c0:ff:0c:a6:10:
24:f6:3d:d2:be:f9:e6:67:2f:70:bc:7f:46:c2:0d:
d0:95:93:4d:77:3f:37:99:38:f0:1b:c1:4f:af:85:
74:ae:63:58:e8:51:d3:aa:7c:9f:41:9c:ab:4d:e5:
c7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A4:EF:D8:3F:27:87:58:33:7E:D4:9A:95:E1:44:4D:55:6D:36:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14F01CD8CD2911EF83C107AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.229.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:13:fb:84:3f:3a:61:d4:7a:76:c6:df:a8:2a:ad:f3:0c:6e:
87:9a:5b:dd:ac:b4:22:87:b3:85:dd:e7:37:b1:35:b3:03:da:
dc:43:8b:db:c2:dc:d5:72:5c:4a:e9:0c:31:2a:94:89:cf:a3:
4e:27:18:a2:da:56:49:b7:57:1b:ef:b7:c5:60:0c:10:38:bb:
ee:91:2f:9e:52:31:6b:c4:a0:bd:34:69:9b:40:33:49:55:8f:
ed:df:b4:fb:d4:fe:9c:32:3d:63:e0:59:c6:60:fd:5b:53:dd:
5c:5f:d5:27:ef:92:a1:9a:86:2e:33:c5:ab:b4:05:78:4f:c3:
5c:d6:ae:5e:ea:cf:8e:54:65:70:82:c9:0d:4a:15:4b:23:ec:
02:1c:f1:dd:41:56:2e:63:2f:2a:3b:f7:a4:4e:e0:c6:ec:0f:
bd:d1:f3:84:e9:5d:24:4e:15:8b:81:b8:c1:b0:03:ce:a8:3e:
6d:0b:55:ec:07:bd:c3:1f:7b:62:4c:fa:b9:2e:11:d9:ff:d9:
08:09:c5:58:f2:d2:cb:67:99:bd:fa:bd:b1:6b:bf:b4:d2:a4:
5f:4b:2b:d1:0a:24:c0:e0:06:3b:57:ff:43:76:7f:84:53:69:
60:e0:a7:35:9a:b1:e6:3e:0b:48:e4:fe:e6:1a:66:d0:0f:95:
01:e7:c7:93
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP2zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTg1NjE2WhcNMjUxMjEzMTg1NjE2WjAYMRYw
FAYDVQQDEw02NzdkNzhkNC0yMWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7jSvKfrNmAoANCYnwjSHHyEjJL+SiaWCXQOTT9L2pkPOxSDJEefGaXN9
4/1RDSW5FpI65xl7sMMBw5KN1rCk6laRD3PXRw2xcdMfYVq+myR4OGs1bN48FYwn
U5eZrJIrnzyx9pEE7xumx6wd8Zc7jbYcH/Xm07Tt1Fn5oGK9W9aoNMMUSDnm1rp9
HlvZKUntDM9iReKJ/DsWoo9/c+tnoOjl+zJtzS5c4FNAbKO0iA9ceOxJIrv1hwxu
PFkmuXge3mJlX9WfsEqxrXGhwP8MphAk9j3SvvnmZy9wvH9Gwg3QlZNNdz83mTjw
G8FPr4V0rmNY6FHTqnyfQZyrTeXHZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHuk
79g/J4dYM37UmpXhRE1VbTZNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNEYwMUNEOENEMjkxMUVGODNDMTA3QUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHlMA0GCSqGSIb3DQEBCwUA
A4IBAQC4E/uEPzph1Hp2xt+oKq3zDG6HmlvdrLQih7OF3ec3sTWzA9rcQ4vbwtzV
clxK6QwxKpSJz6NOJxii2lZJt1cb77fFYAwQOLvukS+eUjFrxKC9NGmbQDNJVY/t
37T71P6cMj1j4FnGYP1bU91cX9Un75KhmoYuM8WrtAV4T8Nc1q5e6s+OVGVwgskN
ShVLI+wCHPHdQVYuYy8qO/ekTuDG7A+90fOE6V0kThWLgbjBsAPOqD5tC1XsB73D
H3tiTPq5LhHZ/9kICcVY8tLLZ5m9+r2xa7+00qRfSyvRCiTA4AY7V/9Ddn+EU2lg
4Kc1mrHmPgtI5P7mGmbQD5UB58eT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:13 2025 by rpki-client