Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24703B62CD4111EFA98AB143762E951A.roa
File: 24703B62CD4111EFA98AB143762E951A.roa (raw, json)
Hash identifier: yIJs4mOLjrVCaU8XhnzacFIwaushrI1iI7NVoJ6jwMA=
Subject key identifier: 18:7E:09:06:15:D3:11:3A:F6:38:C3:4E:29:2F:6E:D5:36:A4:FB:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE71
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24703B62CD4111EFA98AB143762E951A.roa
Signing time: Tue 07 Jan 2025 21:48:34 +0000
ROA not before: Tue 07 Jan 2025 21:48:30 +0000
ROA not after: Sat 13 Dec 2025 21:48:30 +0000
asID: 984
IP address blocks: 156.243.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65137 (0xfe71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:48:30 2025 GMT
Not After : Dec 13 21:48:30 2025 GMT
Subject: CN=677da132-f9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e4:bb:fe:30:83:7b:41:a1:74:ef:40:37:aa:
f1:fc:11:fc:5b:19:e5:f9:62:ef:c1:92:c4:46:7e:
c3:d2:e4:74:92:17:3b:f6:28:74:c4:50:7c:2b:c2:
fc:f3:6f:28:bf:6d:dd:2d:9b:33:35:07:0e:4c:ce:
53:8d:6b:4b:9a:26:63:38:21:7c:a2:9d:a1:18:0d:
be:88:a4:42:90:84:6f:7b:ca:b7:b6:c1:1e:63:e2:
60:69:11:8c:dc:bc:b5:cd:e3:07:7a:b2:75:04:82:
50:cb:c6:57:40:97:62:df:33:34:fb:02:2a:74:b1:
73:13:36:cf:e5:7a:d3:b0:ce:68:ec:db:9b:60:02:
26:86:34:51:25:1e:85:f0:e5:97:00:28:cd:60:73:
86:4f:6a:20:fb:25:5e:00:f4:16:68:7b:7c:59:1f:
9f:da:38:6d:1a:b7:10:a0:66:2d:d9:a1:5a:85:d9:
90:bc:3a:d3:a9:64:41:d9:8b:05:76:da:32:90:04:
37:08:86:46:6a:11:f3:42:bc:1a:4a:d6:c8:63:74:
0a:ff:94:7c:31:02:d7:10:01:90:ef:2b:1a:72:fa:
17:f1:32:bf:0b:38:23:5e:fb:0f:91:e3:b9:8d:c8:
11:0d:44:b7:0d:3e:64:61:22:a0:0a:b4:44:aa:b6:
5a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7E:09:06:15:D3:11:3A:F6:38:C3:4E:29:2F:6E:D5:36:A4:FB:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24703B62CD4111EFA98AB143762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.97.0/24
Signature Algorithm: sha256WithRSAEncryption
56:22:4c:a2:23:fc:37:0b:d7:38:3e:58:4b:f7:1e:cf:11:69:
fd:f5:e5:4b:93:57:3a:16:51:ff:0e:bf:77:2b:15:9a:f5:56:
dd:8e:5e:b8:b1:ba:66:58:e4:74:a9:a3:39:98:f0:0b:94:a3:
cb:b2:98:30:5b:10:ee:00:ea:cc:7c:a4:81:cb:77:f7:2e:72:
c1:3f:fa:a0:a1:cf:44:1b:31:69:de:19:96:25:ef:13:a9:b6:
f1:51:37:3c:f1:7f:9e:b0:57:b1:f9:91:61:82:b2:43:51:1e:
4d:f0:db:de:93:df:80:cf:f1:79:25:73:65:b4:6d:08:28:d8:
0c:b3:17:bc:2b:19:fb:44:9b:b7:b9:15:13:b6:d1:c3:13:3d:
86:f0:e8:c4:49:e1:7b:21:43:59:c7:b9:2f:28:3c:a7:af:5d:
ef:ad:5e:e1:39:07:4c:89:0b:6c:1b:dc:fe:e9:46:ae:9d:68:
d7:21:23:7f:a9:84:fc:85:12:96:e3:12:92:a7:77:24:e4:02:
3d:eb:82:5e:48:2f:6e:42:76:ec:7c:06:e7:24:5f:bf:ae:e7:
38:04:67:08:f0:f4:43:60:3c:53:42:2d:e3:b9:4c:38:b5:e9:
b5:05:a0:54:ef:fc:4a:26:d0:5d:e2:07:bc:fa:5b:0d:75:a1:
08:72:ae:42
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP5xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjE0ODMwWhcNMjUxMjEzMjE0ODMwWjAYMRYw
FAYDVQQDEw02NzdkYTEzMi1mOWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwOS7/jCDe0GhdO9AN6rx/BH8Wxnl+WLvwZLERn7D0uR0khc79ih0xFB8
K8L8828ov23dLZszNQcOTM5TjWtLmiZjOCF8op2hGA2+iKRCkIRve8q3tsEeY+Jg
aRGM3Ly1zeMHerJ1BIJQy8ZXQJdi3zM0+wIqdLFzEzbP5XrTsM5o7NubYAImhjRR
JR6F8OWXACjNYHOGT2og+yVeAPQWaHt8WR+f2jhtGrcQoGYt2aFahdmQvDrTqWRB
2YsFdtoykAQ3CIZGahHzQrwaStbIY3QK/5R8MQLXEAGQ7ysacvoX8TK/CzgjXvsP
keO5jcgRDUS3DT5kYSKgCrREqrZa5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBh+
CQYV0xE69jjDTikvbtU2pPs4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNDcwM0I2MkNENDExMUVGQTk4QUIxNDM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNhMA0GCSqGSIb3DQEBCwUA
A4IBAQBWIkyiI/w3C9c4PlhL9x7PEWn99eVLk1c6FlH/Dr93KxWa9Vbdjl64sbpm
WOR0qaM5mPALlKPLspgwWxDuAOrMfKSBy3f3LnLBP/qgoc9EGzFp3hmWJe8Tqbbx
UTc88X+esFex+ZFhgrJDUR5N8Nvek9+Az/F5JXNltG0IKNgMsxe8Kxn7RJu3uRUT
ttHDEz2G8OjESeF7IUNZx7kvKDynr13vrV7hOQdMiQtsG9z+6UaunWjXISN/qYT8
hRKW4xKSp3ck5AI964JeSC9uQnbsfAbnJF+/ruc4BGcI8PRDYDxTQi3juUw4tem1
BaBU7/xKJtBd4ge8+lsNdaEIcq5C
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:01 2025 by rpki-client