Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CAEF7CEC99011EF8C29B460762E951A.roa
File: 1CAEF7CEC99011EF8C29B460762E951A.roa (raw, json)
Hash identifier: PNWY++dsqZpwz5LXk+lhFGR1fgYmUYiKcPZb2HMxkIo=
Subject key identifier: 18:85:81:78:4F:BB:E9:E0:06:2C:22:F4:5F:C2:C0:AF:88:2C:AA:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5DB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CAEF7CEC99011EF8C29B460762E951A.roa
Signing time: Fri 03 Jan 2025 05:03:46 +0000
ROA not before: Fri 03 Jan 2025 05:03:43 +0000
ROA not after: Sat 13 Dec 2025 05:03:43 +0000
asID: 984
IP address blocks: 156.233.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62939 (0xf5db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:03:43 2025 GMT
Not After : Dec 13 05:03:43 2025 GMT
Subject: CN=67776fb2-1442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:31:b7:b7:7a:a7:4b:07:be:b8:7e:35:a2:e1:
6d:78:05:d3:8c:ff:ee:e8:33:22:73:0c:1c:30:86:
45:89:05:3e:28:15:c1:10:e3:8f:24:5e:a7:69:82:
c5:2d:83:14:00:75:c1:94:0a:f3:fe:d9:bd:66:76:
9e:ac:81:82:3e:79:1f:30:f5:7c:ff:81:65:cc:7d:
86:2d:96:75:e3:3b:aa:ee:e9:91:a5:ed:89:d6:69:
b9:42:f5:bb:7d:d8:f2:16:22:2b:ed:c8:b2:1c:a1:
51:b0:b6:26:24:3a:41:79:97:80:b1:89:f7:8e:20:
dc:96:91:5a:21:84:1c:fa:3b:23:b5:03:b9:a7:fe:
02:2d:44:ed:f7:ca:94:ed:05:ad:ec:da:14:67:af:
e7:45:49:d5:b1:e0:71:f3:8c:8e:11:a2:18:b5:ac:
71:f2:65:c2:2e:0e:8f:60:53:c9:f1:62:f5:1b:ab:
cf:33:0a:53:f0:c5:bb:57:b2:f6:46:f7:2e:75:89:
47:2c:8c:a5:32:0c:5b:6c:17:ec:0f:80:55:53:42:
3b:15:ac:ad:35:e4:55:a8:cc:62:a9:d5:5a:38:3f:
0b:8a:73:03:e6:d9:33:9a:0f:e5:d8:a7:52:9e:b3:
66:19:04:57:f3:a4:0b:e3:91:b2:ab:02:63:92:92:
3b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:85:81:78:4F:BB:E9:E0:06:2C:22:F4:5F:C2:C0:AF:88:2C:AA:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1CAEF7CEC99011EF8C29B460762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.79.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:c0:81:28:3d:47:ec:64:7c:ab:66:42:3e:94:d7:da:ed:fe:
29:3e:34:a8:25:1d:6c:ab:f6:64:8e:54:b3:21:e3:11:a2:58:
10:ba:dd:a3:fd:fa:b5:c7:a2:a9:27:c7:74:99:ac:06:46:2e:
0e:35:a7:3b:0b:77:29:92:7b:f1:26:11:a1:9c:ef:13:d8:14:
4b:a3:8e:56:d0:64:e9:2f:34:be:d7:23:27:10:fc:f4:da:06:
20:7f:03:b3:94:ce:10:09:f0:4e:b6:b6:c0:70:b9:69:a5:63:
4d:5d:09:90:bf:89:f3:69:b6:ef:d1:91:db:6b:09:c2:bf:f5:
6f:7d:86:bf:b4:5d:9e:37:6c:06:87:e7:16:51:8c:a9:96:f7:
f2:c5:db:72:6f:3c:2e:e5:20:ae:85:e6:7f:37:6f:3d:3c:58:
1b:38:2c:65:07:35:61:a0:67:b9:0f:4a:e6:73:57:57:18:d9:
fb:21:d3:f4:4c:fd:f9:65:e4:46:46:40:70:a8:25:fe:31:6c:
86:44:75:3f:dd:50:1a:88:6b:f3:e0:80:8b:7a:f1:30:68:a4:
f9:73:22:67:78:97:86:6a:4f:3a:92:13:27:51:ea:22:ab:12:
f5:95:14:9b:46:9c:d0:6e:9a:cc:08:09:85:e3:37:bf:3f:06:
5d:be:42:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPXbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUwMzQzWhcNMjUxMjEzMDUwMzQzWjAYMRYw
FAYDVQQDEw02Nzc3NmZiMi0xNDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8DG3t3qnSwe+uH41ouFteAXTjP/u6DMicwwcMIZFiQU+KBXBEOOPJF6n
aYLFLYMUAHXBlArz/tm9ZnaerIGCPnkfMPV8/4FlzH2GLZZ14zuq7umRpe2J1mm5
QvW7fdjyFiIr7ciyHKFRsLYmJDpBeZeAsYn3jiDclpFaIYQc+jsjtQO5p/4CLUTt
98qU7QWt7NoUZ6/nRUnVseBx84yOEaIYtaxx8mXCLg6PYFPJ8WL1G6vPMwpT8MW7
V7L2RvcudYlHLIylMgxbbBfsD4BVU0I7FaytNeRVqMxiqdVaOD8LinMD5tkzmg/l
2KdSnrNmGQRX86QL45GyqwJjkpI7vQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBiF
gXhPu+ngBiwi9F/CwK+ILKr7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQ0FFRjdDRUM5OTAxMUVGOEMyOUI0NjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlPMA0GCSqGSIb3DQEBCwUA
A4IBAQA+wIEoPUfsZHyrZkI+lNfa7f4pPjSoJR1sq/ZkjlSzIeMRolgQut2j/fq1
x6KpJ8d0mawGRi4ONac7C3cpknvxJhGhnO8T2BRLo45W0GTpLzS+1yMnEPz02gYg
fwOzlM4QCfBOtrbAcLlppWNNXQmQv4nzabbv0ZHbawnCv/VvfYa/tF2eN2wGh+cW
UYyplvfyxdtybzwu5SCuheZ/N289PFgbOCxlBzVhoGe5D0rmc1dXGNn7IdP0TP35
ZeRGRkBwqCX+MWyGRHU/3VAaiGvz4ICLevEwaKT5cyJneJeGak86khMnUeoiqxL1
lRSbRpzQbprMCAmF4ze/PwZdvkIP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:34 2025 by rpki-client