Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1500C0FECDA311EFBDF65942762E951A.roa
File: 1500C0FECDA311EFBDF65942762E951A.roa (raw, json)
Hash identifier: f/QhgUHrL5/EPYYUCGB5N+mJHBo1tw7GaBnYU8hwjxk=
Subject key identifier: DD:EA:DB:FA:B6:F6:73:37:14:18:19:5E:4A:9C:21:60:65:D6:08:96
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1500C0FECDA311EFBDF65942762E951A.roa
Signing time: Wed 08 Jan 2025 09:29:39 +0000
ROA not before: Wed 08 Jan 2025 09:29:35 +0000
ROA not after: Tue 16 Dec 2025 09:29:35 +0000
asID: 984
IP address blocks: 156.249.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65787 (0x100fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:29:35 2025 GMT
Not After : Dec 16 09:29:35 2025 GMT
Subject: CN=677e4583-c569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9f:44:9f:1f:cd:00:71:d5:e9:71:51:f5:f7:
be:a0:09:3c:fe:76:14:70:e5:bf:60:3b:8d:d3:56:
a6:1e:54:59:8c:b7:59:bf:ef:db:3b:1d:3c:29:20:
cd:f3:4f:0e:dc:b9:00:97:4a:92:fa:9f:29:dd:6f:
23:a8:2b:6c:59:7d:96:25:d0:ad:f6:d6:5d:8a:c3:
c4:00:e2:73:20:44:38:93:8d:d3:8b:00:f1:6e:8a:
ec:f3:fa:73:64:fd:e0:71:00:c7:16:6b:8c:2f:8d:
52:e7:16:19:9a:99:ab:20:76:71:ee:6d:fd:5b:c4:
2f:78:b4:ba:6c:f6:58:07:1d:5c:d5:5c:7b:19:1a:
7c:19:72:ba:47:b4:ff:0f:dc:c7:cb:13:a3:98:b0:
2a:14:c8:ab:e7:a0:3b:37:1b:79:3d:51:8f:50:8b:
a7:f7:41:75:31:83:5c:e2:6a:06:80:5c:6e:5c:78:
6c:0d:d4:f8:e2:be:d8:02:13:10:75:fa:d4:bf:0c:
b5:e1:0e:9e:e5:7a:5b:83:66:c3:37:b3:4c:ed:24:
09:27:ec:79:83:28:8b:2b:bd:f9:48:8b:c2:b7:b5:
f0:a8:48:55:91:e6:a8:14:bc:f1:9e:f4:e1:a0:bc:
a5:93:98:d9:29:c2:71:57:58:b1:84:82:f8:4d:5c:
d9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:EA:DB:FA:B6:F6:73:37:14:18:19:5E:4A:9C:21:60:65:D6:08:96
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1500C0FECDA311EFBDF65942762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.124.0/24
Signature Algorithm: sha256WithRSAEncryption
08:8b:de:37:dc:53:06:69:fa:fe:b1:b9:db:9a:fa:87:4b:1d:
82:55:c2:23:66:e9:e6:e2:5d:46:8c:a1:08:d1:91:50:41:95:
c3:f0:8b:3d:c2:29:c8:dc:b0:7e:01:53:26:85:a2:4c:82:3b:
b8:c8:e0:10:79:c0:16:86:c8:75:e1:ab:65:2f:18:b8:b4:2b:
27:eb:10:8a:de:21:f1:47:c6:b7:0f:c8:41:e5:b5:c4:32:44:
ad:f1:7f:29:95:8f:d5:1d:01:05:cb:da:dc:4e:87:c0:84:33:
d9:fb:62:42:e2:ec:ff:c7:5e:74:a3:db:4b:69:65:0a:55:97:
7a:33:02:36:bd:be:56:5c:cd:60:7a:f2:05:3f:08:56:cb:4f:
2f:e7:cb:92:3f:42:a7:ea:12:92:3d:94:e8:6a:cd:9e:90:e2:
d7:77:66:41:e7:06:3e:c5:92:6a:b2:73:3c:88:bf:71:55:68:
e9:52:91:23:fb:0f:3e:1a:16:16:71:96:40:3e:a7:32:8a:8e:
77:5f:b7:54:15:69:e1:69:8c:e5:97:31:ff:48:4f:9c:74:8b:
1d:22:12:f2:f4:80:38:1d:f0:b6:e5:61:47:47:ec:45:e1:e1:
53:60:a7:3b:ad:14:38:3a:15:47:92:e2:28:6c:f3:c1:66:7e:
d9:cc:57:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQD7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkyOTM1WhcNMjUxMjE2MDkyOTM1WjAYMRYw
FAYDVQQDEw02NzdlNDU4My1jNTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyJ9Enx/NAHHV6XFR9fe+oAk8/nYUcOW/YDuN01amHlRZjLdZv+/bOx08
KSDN808O3LkAl0qS+p8p3W8jqCtsWX2WJdCt9tZdisPEAOJzIEQ4k43TiwDxbors
8/pzZP3gcQDHFmuML41S5xYZmpmrIHZx7m39W8QveLS6bPZYBx1c1Vx7GRp8GXK6
R7T/D9zHyxOjmLAqFMir56A7Nxt5PVGPUIun90F1MYNc4moGgFxuXHhsDdT44r7Y
AhMQdfrUvwy14Q6e5Xpbg2bDN7NM7SQJJ+x5gyiLK735SIvCt7XwqEhVkeaoFLzx
nvThoLylk5jZKcJxV1ixhIL4TVzZBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN3q
2/q29nM3FBgZXkqcIWBl1giWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNTAwQzBGRUNEQTMxMUVGQkRGNjU5NDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPl8MA0GCSqGSIb3DQEBCwUA
A4IBAQAIi9433FMGafr+sbnbmvqHSx2CVcIjZunm4l1GjKEI0ZFQQZXD8Is9winI
3LB+AVMmhaJMgju4yOAQecAWhsh14atlLxi4tCsn6xCK3iHxR8a3D8hB5bXEMkSt
8X8plY/VHQEFy9rcTofAhDPZ+2JC4uz/x150o9tLaWUKVZd6MwI2vb5WXM1gevIF
PwhWy08v58uSP0Kn6hKSPZToas2ekOLXd2ZB5wY+xZJqsnM8iL9xVWjpUpEj+w8+
GhYWcZZAPqcyio53X7dUFWnhaYzllzH/SE+cdIsdIhLy9IA4HfC25WFHR+xF4eFT
YKc7rRQ4OhVHkuIobPPBZn7ZzFfB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:09 2025 by rpki-client