Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1774E338CD7111EF9D6F4B87762E951A.roa
File: 1774E338CD7111EF9D6F4B87762E951A.roa (raw, json)
Hash identifier: iITTG3Z9KdgsMD/RzrlRREpqI9JN3m0fM9z6z/iuxcg=
Subject key identifier: 0F:13:65:6E:52:3B:53:83:CD:7C:05:52:11:C9:9B:F2:FF:5D:87:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF8B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1774E338CD7111EF9D6F4B87762E951A.roa
Signing time: Wed 08 Jan 2025 03:31:48 +0000
ROA not before: Wed 08 Jan 2025 03:31:44 +0000
ROA not after: Sat 13 Dec 2025 03:31:44 +0000
asID: 984
IP address blocks: 156.248.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65419 (0xff8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 03:31:44 2025 GMT
Not After : Dec 13 03:31:44 2025 GMT
Subject: CN=677df1a4-108b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:0b:e9:ad:39:47:85:9b:4e:d7:d4:ac:eb:3f:
05:68:9b:86:47:20:4d:e9:91:cb:db:1c:7d:40:13:
85:db:b3:ed:92:20:29:a3:90:82:f6:01:f8:76:a5:
55:46:d7:90:2d:3a:e1:fb:22:29:db:d7:b0:78:b4:
05:42:c7:ef:4d:e7:5f:bd:3b:cb:ce:dd:af:db:79:
6d:e0:20:df:7c:4f:64:09:b3:52:48:d6:b8:8b:91:
b7:71:fd:bc:e1:b2:d3:dc:6b:c0:48:bf:7c:86:83:
88:64:13:8f:c4:a1:23:f9:0a:0a:de:ba:8d:08:6f:
8a:e5:6a:0a:a2:eb:7b:4a:cd:b0:bd:23:46:3a:07:
61:75:9b:78:20:d0:9c:ec:49:57:3f:99:bc:a1:1e:
08:48:4b:6d:17:36:c8:1b:a8:96:08:8d:ee:df:48:
a5:9b:aa:3b:b4:55:5b:9a:41:06:53:55:ec:d6:6a:
75:84:55:bf:3d:f3:d3:4d:34:d4:d7:75:6f:5b:b0:
b8:e9:68:a0:b6:f1:a3:a4:e1:45:ce:14:20:c6:77:
f5:80:6a:46:6b:83:c6:00:cf:87:ea:5a:7c:e1:a1:
85:4b:fe:40:9c:8a:90:20:ae:34:d8:a1:4c:ea:a1:
61:7f:50:09:78:48:2d:a8:6b:14:bd:67:41:3f:02:
7f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:13:65:6E:52:3B:53:83:CD:7C:05:52:11:C9:9B:F2:FF:5D:87:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1774E338CD7111EF9D6F4B87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.31.0/24
Signature Algorithm: sha256WithRSAEncryption
64:36:5d:3f:c4:ef:67:f2:97:ce:c1:c9:37:89:be:f7:78:cf:
3d:73:a6:05:a4:11:c7:18:d3:32:0a:d5:72:16:fc:94:66:56:
9e:60:fa:9a:4d:dd:7e:c9:72:aa:0a:17:a6:d6:30:18:62:21:
c7:66:ae:d8:53:cc:04:62:e2:bb:36:04:a8:77:dc:e2:84:a3:
8a:9d:8e:38:88:54:3b:9b:e5:6e:6c:03:45:28:c2:75:81:6b:
a5:d9:39:0e:5b:d8:1f:6c:50:96:2a:db:89:a0:ef:bd:8f:78:
5a:9c:fd:8d:92:58:37:bb:bf:d4:fe:db:40:5f:ef:d3:fc:b3:
02:83:b5:e3:71:84:85:f0:a6:09:7e:70:8c:26:94:6f:26:13:
48:0b:4d:d5:fe:06:2e:ef:7f:3e:d5:75:a0:9c:b9:47:3a:72:
57:c7:f1:ad:83:87:80:fd:0c:80:0a:88:10:d2:0d:7e:38:0e:
18:c4:ce:80:ec:fd:bf:b8:12:ff:29:8b:a7:7b:8b:88:87:92:
40:85:10:a0:2d:48:21:ae:7a:85:93:1a:26:9f:cf:4f:80:4a:
70:25:25:63:71:b6:c3:57:45:3e:b0:e4:e3:3f:b3:df:5c:6b:
6b:55:0b:9b:39:72:79:d4:c9:71:1c:8d:03:62:6c:9e:a6:e9:
f0:2c:1a:15
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDMzMTQ0WhcNMjUxMjEzMDMzMTQ0WjAYMRYw
FAYDVQQDEw02NzdkZjFhNC0xMDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6AvprTlHhZtO19Ss6z8FaJuGRyBN6ZHL2xx9QBOF27PtkiApo5CC9gH4
dqVVRteQLTrh+yIp29eweLQFQsfvTedfvTvLzt2v23lt4CDffE9kCbNSSNa4i5G3
cf284bLT3GvASL98hoOIZBOPxKEj+QoK3rqNCG+K5WoKout7Ss2wvSNGOgdhdZt4
INCc7ElXP5m8oR4ISEttFzbIG6iWCI3u30ilm6o7tFVbmkEGU1Xs1mp1hFW/PfPT
TTTU13VvW7C46WigtvGjpOFFzhQgxnf1gGpGa4PGAM+H6lp84aGFS/5AnIqQIK40
2KFM6qFhf1AJeEgtqGsUvWdBPwJ/cwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA8T
ZW5SO1ODzXwFUhHJm/L/XYeLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNzc0RTMzOENENzExMUVGOUQ2RjRCODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPgfMA0GCSqGSIb3DQEBCwUA
A4IBAQBkNl0/xO9n8pfOwck3ib73eM89c6YFpBHHGNMyCtVyFvyUZlaeYPqaTd1+
yXKqChem1jAYYiHHZq7YU8wEYuK7NgSod9zihKOKnY44iFQ7m+VubANFKMJ1gWul
2TkOW9gfbFCWKtuJoO+9j3hanP2Nklg3u7/U/ttAX+/T/LMCg7XjcYSF8KYJfnCM
JpRvJhNIC03V/gYu738+1XWgnLlHOnJXx/Gtg4eA/QyACogQ0g1+OA4YxM6A7P2/
uBL/KYune4uIh5JAhRCgLUghrnqFkxomn89PgEpwJSVjcbbDV0U+sOTjP7PfXGtr
VQubOXJ51MlxHI0DYmyepunwLBoV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:23 2025 by rpki-client