Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/221FF430CCD611EF9B9D30A2762E951A.roa
File: 221FF430CCD611EF9B9D30A2762E951A.roa (raw, json)
Hash identifier: O0FvPQjAFons3McmPNyKwgsr5s1z1yKSRrqNKdHtM10=
Subject key identifier: 5D:A0:D3:7E:54:94:03:52:99:EF:6A:59:C1:FE:37:61:C1:5A:39:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB05
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/221FF430CCD611EF9B9D30A2762E951A.roa
Signing time: Tue 07 Jan 2025 09:02:34 +0000
ROA not before: Tue 07 Jan 2025 09:02:30 +0000
ROA not after: Thu 24 Dec 2026 09:02:30 +0000
asID: 140595
IP address blocks: 156.249.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64261 (0xfb05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:02:30 2025 GMT
Not After : Dec 24 09:02:30 2026 GMT
Subject: CN=677cedaa-66f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0a:79:b4:ad:2f:ff:89:e9:6f:e7:ef:98:7c:
dc:b4:d3:10:c1:e6:93:ee:b4:2c:6e:c6:04:10:ea:
ff:3c:01:69:1a:e1:6e:e8:10:84:29:7f:03:fd:a7:
7c:51:3a:df:5f:02:10:a2:dc:c7:ed:07:45:10:4b:
7e:de:e0:eb:b9:bc:39:9b:bc:86:c5:7e:fc:7a:6d:
90:02:5a:45:2a:9d:0e:7d:2d:5c:a3:c3:41:af:69:
25:68:08:89:e4:2d:4c:e2:39:9c:4f:d5:89:06:07:
69:40:27:9b:4d:7e:da:ea:37:ef:07:5b:2c:81:1f:
fc:c3:25:ea:d1:1f:15:16:5f:03:04:b4:bf:8d:2d:
9f:c6:9a:6f:70:7f:a5:93:49:b4:89:7e:c3:e5:7e:
5b:8c:c4:5a:be:52:1b:05:6a:d1:e6:9d:d3:cc:2c:
99:d5:da:a3:f6:3f:61:aa:c6:03:b1:8f:ba:45:73:
53:de:6e:c1:dc:ad:40:3e:cf:8a:a3:86:2e:d1:6a:
9c:4c:b6:a6:e1:f0:3b:d9:39:9c:ed:58:ad:41:0f:
41:37:70:56:f4:83:14:13:b3:c9:e7:20:74:7f:1e:
f1:68:dc:ef:f5:b9:1a:1d:96:c0:21:de:45:ee:d2:
ac:c3:2a:af:bc:ac:e7:27:2c:eb:60:c6:c0:78:10:
b3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A0:D3:7E:54:94:03:52:99:EF:6A:59:C1:FE:37:61:C1:5A:39:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/221FF430CCD611EF9B9D30A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.115.0/24
Signature Algorithm: sha256WithRSAEncryption
96:96:55:00:3d:bf:f4:41:53:ac:c1:01:3b:68:af:c8:45:d2:
97:87:a7:90:02:9a:c6:e3:19:ad:0d:6d:9b:c7:51:c0:c5:1c:
60:95:66:f3:e5:a8:7b:d6:fd:e4:d2:25:6f:bd:02:b4:f5:2a:
8e:6a:a2:b1:91:4f:bf:83:e9:bf:2d:a8:5a:31:25:e8:62:d6:
c5:e6:95:7c:9d:2c:e2:c5:92:a1:73:17:8c:56:c9:4f:e8:ea:
53:0b:41:3d:eb:33:e6:77:9a:04:6c:0f:79:1e:85:84:d3:7f:
a6:15:79:90:d5:80:7f:e4:37:a6:a3:d6:eb:18:3b:0f:61:35:
c1:9c:36:8e:eb:ce:f0:7a:6c:9e:6f:fa:b8:39:92:3f:7b:97:
79:ee:6b:8f:8a:15:96:ca:d3:01:88:8c:4e:25:66:af:14:b1:
b5:05:73:c7:ef:93:a0:17:43:2c:8b:bb:c2:8b:73:a8:60:f3:
c6:0b:70:98:38:d5:65:c9:f8:4b:e3:e3:b3:ff:bd:9d:1d:0c:
1a:c6:5a:bc:cc:db:f8:b7:1a:e9:fe:0c:a9:80:f7:ea:8f:88:
fa:bf:0e:f6:96:0f:f7:01:6a:e0:29:cc:5d:39:2b:f6:e7:7a:
e9:ac:07:7e:14:55:de:f8:da:88:61:95:21:cd:81:69:f5:90:
06:e3:66:e9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPsFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkwMjMwWhcNMjYxMjI0MDkwMjMwWjAYMRYw
FAYDVQQDEw02NzdjZWRhYS02NmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1wp5tK0v/4npb+fvmHzctNMQweaT7rQsbsYEEOr/PAFpGuFu6BCEKX8D
/ad8UTrfXwIQotzH7QdFEEt+3uDrubw5m7yGxX78em2QAlpFKp0OfS1co8NBr2kl
aAiJ5C1M4jmcT9WJBgdpQCebTX7a6jfvB1ssgR/8wyXq0R8VFl8DBLS/jS2fxppv
cH+lk0m0iX7D5X5bjMRavlIbBWrR5p3TzCyZ1dqj9j9hqsYDsY+6RXNT3m7B3K1A
Ps+Ko4Yu0WqcTLam4fA72Tmc7VitQQ9BN3BW9IMUE7PJ5yB0fx7xaNzv9bkaHZbA
Id5F7tKswyqvvKznJyzrYMbAeBCzUQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF2g
035UlANSme9qWcH+N2HBWjndMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMjFGRjQzMENDRDYxMUVGOUI5RDMwQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlzMA0GCSqGSIb3DQEBCwUA
A4IBAQCWllUAPb/0QVOswQE7aK/IRdKXh6eQAprG4xmtDW2bx1HAxRxglWbz5ah7
1v3k0iVvvQK09SqOaqKxkU+/g+m/LahaMSXoYtbF5pV8nSzixZKhcxeMVslP6OpT
C0E96zPmd5oEbA95HoWE03+mFXmQ1YB/5Demo9brGDsPYTXBnDaO687wemyeb/q4
OZI/e5d57muPihWWytMBiIxOJWavFLG1BXPH75OgF0Msi7vCi3OoYPPGC3CYONVl
yfhL4+Oz/72dHQwaxlq8zNv4txrp/gypgPfqj4j6vw72lg/3AWrgKcxdOSv253rp
rAd+FFXe+NqIYZUhzYFp9ZAG42bp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:42 2025 by rpki-client