Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BF4043ACCFD11EF88BFB296762E951A.roa
File: 1BF4043ACCFD11EF88BFB296762E951A.roa (raw, json)
Hash identifier: 5MwJbzg+T57sOuEyyxvBrkqfHbmMjBLuqQ6hSwdcQy8=
Subject key identifier: 54:91:B8:4F:77:79:3B:A2:6D:27:8C:9E:FE:E2:9E:67:14:1A:53:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC51
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BF4043ACCFD11EF88BFB296762E951A.roa
Signing time: Tue 07 Jan 2025 13:41:34 +0000
ROA not before: Tue 07 Jan 2025 13:41:30 +0000
ROA not after: Sat 13 Dec 2025 13:41:30 +0000
asID: 984
IP address blocks: 156.238.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64593 (0xfc51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 13:41:30 2025 GMT
Not After : Dec 13 13:41:30 2025 GMT
Subject: CN=677d2f0e-f204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e4:92:07:d9:3f:f5:67:fe:fe:af:82:b5:17:
d8:41:a2:0e:c7:81:0d:12:1d:c4:70:d4:f3:0d:7f:
3f:5a:8a:be:50:c2:82:a0:4d:81:a7:fe:69:ff:9e:
f4:20:d9:bd:23:f5:74:48:9f:22:72:bd:a7:de:59:
41:6e:cb:57:e6:16:ee:8d:fc:f9:b4:91:7e:d5:a7:
c7:c1:c7:5f:e1:66:4b:db:68:55:7a:73:52:7c:b5:
2e:5c:bb:be:19:54:91:9a:87:ca:a6:e6:2d:ce:b8:
1d:88:a2:a4:73:fc:64:96:90:94:72:79:3c:dc:6c:
e8:e2:3d:b5:2f:cd:52:46:ee:d9:e9:81:88:07:8f:
1e:2d:42:8d:f9:5a:04:40:a6:64:ff:e2:bf:e8:09:
b0:22:55:a8:75:db:d7:ef:0a:d3:9a:51:db:7c:27:
97:25:38:2c:c2:62:35:90:99:cb:49:6d:b7:93:47:
4a:80:09:1d:6e:21:6f:db:c0:15:44:e6:f7:69:a5:
16:86:1c:b5:f6:a9:b6:a6:b2:87:ea:06:e7:64:2e:
02:ea:d1:46:18:99:0b:bc:96:85:7e:e7:2f:33:91:
8e:a2:5f:fb:e5:7d:6e:76:8e:40:d7:a0:71:5b:31:
0a:02:70:c6:2a:83:f3:95:f2:66:65:2b:46:b2:f4:
33:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:91:B8:4F:77:79:3B:A2:6D:27:8C:9E:FE:E2:9E:67:14:1A:53:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BF4043ACCFD11EF88BFB296762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.93.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:b5:84:47:5a:fa:c5:9c:1b:48:18:9c:44:fc:22:46:94:e2:
05:f2:e7:dd:7c:76:39:3d:4e:1d:ec:c0:1e:b8:a5:68:86:ff:
b4:e4:94:f3:d7:4c:0e:eb:9c:f5:23:2e:df:b5:77:7d:8d:29:
b4:61:a8:b8:9f:11:0c:37:0c:d1:1d:27:c1:ca:62:87:39:8c:
37:ed:b1:2d:41:29:8c:1b:7e:da:a3:7e:90:04:9e:01:7a:2c:
7e:ce:19:a8:58:b6:e0:5a:73:6f:ab:b5:36:47:43:58:a8:4f:
da:f0:d4:50:3f:4f:1b:74:5b:9d:b1:5e:52:56:f9:f7:26:ca:
54:80:9a:a6:a3:0c:66:0a:af:b6:f0:3a:00:f3:0d:3e:a6:75:
d7:f7:61:36:04:1d:eb:21:fe:2e:8b:3d:67:81:a4:4a:f5:e9:
10:40:06:85:8b:38:fc:81:b9:46:1a:7f:d5:19:c0:08:71:4c:
b2:3d:a0:a7:ae:ef:36:9c:58:6b:fc:d6:ff:e9:ff:cb:9f:81:
5f:7b:d5:3f:8b:b3:7b:54:d7:9c:d9:5a:c6:1c:b7:23:f3:67:
2a:28:ad:a0:9d:fe:3a:c1:fa:7d:f7:c2:f4:27:57:d6:89:55:
ef:fb:7c:79:26:eb:1d:40:de:d1:17:9d:57:f9:52:7c:fb:bf:
a9:59:75:bb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPxRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTM0MTMwWhcNMjUxMjEzMTM0MTMwWjAYMRYw
FAYDVQQDEw02NzdkMmYwZS1mMjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6eSSB9k/9Wf+/q+CtRfYQaIOx4ENEh3EcNTzDX8/Woq+UMKCoE2Bp/5p
/570INm9I/V0SJ8icr2n3llBbstX5hbujfz5tJF+1afHwcdf4WZL22hVenNSfLUu
XLu+GVSRmofKpuYtzrgdiKKkc/xklpCUcnk83Gzo4j21L81SRu7Z6YGIB48eLUKN
+VoEQKZk/+K/6AmwIlWoddvX7wrTmlHbfCeXJTgswmI1kJnLSW23k0dKgAkdbiFv
28AVROb3aaUWhhy19qm2prKH6gbnZC4C6tFGGJkLvJaFfucvM5GOol/75X1udo5A
16BxWzEKAnDGKoPzlfJmZStGsvQzEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFSR
uE93eTuibSeMnv7inmcUGlN4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQkY0MDQzQUNDRkQxMUVGODhCRkIyOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5dMA0GCSqGSIb3DQEBCwUA
A4IBAQCLtYRHWvrFnBtIGJxE/CJGlOIF8ufdfHY5PU4d7MAeuKVohv+05JTz10wO
65z1Iy7ftXd9jSm0Yai4nxEMNwzRHSfBymKHOYw37bEtQSmMG37ao36QBJ4Beix+
zhmoWLbgWnNvq7U2R0NYqE/a8NRQP08bdFudsV5SVvn3JspUgJqmowxmCq+28DoA
8w0+pnXX92E2BB3rIf4uiz1ngaRK9ekQQAaFizj8gblGGn/VGcAIcUyyPaCnru82
nFhr/Nb/6f/Ln4Ffe9U/i7N7VNec2VrGHLcj82cqKK2gnf46wfp998L0J1fWiVXv
+3x5JusdQN7RF51X+VJ8+7+pWXW7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:12 2025 by rpki-client