Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/268717E4CD4211EFB4F6654A762E951A.roa
File: 268717E4CD4211EFB4F6654A762E951A.roa (raw, json)
Hash identifier: 6z9rimYHaEVAJWfiipw0GlfWqzaV1Cymum6ZSPV0H4A=
Subject key identifier: D2:29:60:FE:74:D3:5A:74:EC:ED:41:97:48:D0:E4:EA:F4:2E:81:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE79
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/268717E4CD4211EFB4F6654A762E951A.roa
Signing time: Tue 07 Jan 2025 21:55:47 +0000
ROA not before: Tue 07 Jan 2025 21:55:43 +0000
ROA not after: Sat 13 Dec 2025 21:55:43 +0000
asID: 984
IP address blocks: 156.243.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65145 (0xfe79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:55:43 2025 GMT
Not After : Dec 13 21:55:43 2025 GMT
Subject: CN=677da2e3-5cad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:62:34:f2:9c:bb:45:28:1a:e4:29:b2:8d:2d:
cf:d2:89:c6:2d:9e:d9:de:f2:8e:f4:52:45:ea:3d:
1e:c9:3b:ad:ec:5d:14:93:d0:7f:c1:df:7f:0e:a8:
e5:59:0b:60:10:80:02:08:90:1e:5e:7d:e7:7e:5f:
87:c7:31:95:a6:57:ab:6f:95:40:0d:2d:2c:d2:3b:
4a:6e:a8:b0:f6:4f:14:45:7b:87:ae:a1:dc:51:62:
57:e9:70:ee:ac:c8:c0:a9:06:f5:1a:82:2e:d6:a7:
1f:7f:63:f2:1e:16:cc:a7:1b:02:52:9e:90:67:59:
76:b3:e7:2d:60:80:02:22:ea:3b:b6:71:8b:bb:86:
9e:ec:2d:8d:08:07:c0:83:85:87:0c:89:fd:5c:06:
85:46:6b:10:73:4b:40:47:40:b6:31:ff:bb:38:14:
e2:dd:14:45:d0:50:d2:d7:b1:f6:8c:7e:e9:47:b9:
bf:8d:20:24:7d:0e:f2:73:4f:89:b6:0b:2c:91:a0:
27:29:d1:44:85:52:a4:f1:30:23:63:6e:75:a6:76:
54:20:31:45:44:93:ee:cf:a4:a1:8b:c7:19:35:9e:
50:b6:6c:38:35:6e:29:6e:4a:c1:d7:36:72:bb:e5:
5a:e9:5b:6e:34:2c:7e:84:d6:e5:f6:f7:ef:68:dc:
5c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:29:60:FE:74:D3:5A:74:EC:ED:41:97:48:D0:E4:EA:F4:2E:81:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/268717E4CD4211EFB4F6654A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.103.0/24
Signature Algorithm: sha256WithRSAEncryption
18:94:d0:46:3d:cd:15:16:3d:b2:c3:d7:f1:7a:eb:8e:b9:56:
84:79:e9:0a:3e:7c:05:95:4b:4a:2d:16:ac:35:66:8c:9c:bc:
a6:13:cf:f0:3e:1a:5f:8e:67:4e:04:d0:18:e0:0f:0a:30:ff:
76:56:70:c1:26:95:1b:17:52:51:83:e2:7b:7f:6d:f7:e1:9f:
76:4d:62:15:36:03:2a:a3:6b:80:b6:fb:d3:62:fd:41:a9:38:
96:3f:e0:51:0c:d0:98:d9:fe:ad:18:4a:5d:5a:5c:74:18:c8:
ea:59:8c:1c:6a:08:ca:d3:57:8b:18:6d:a8:17:f6:32:77:66:
a8:27:81:0c:8f:54:68:cd:7f:65:26:f3:0e:0b:d8:a6:11:40:
f0:6f:ae:e9:c2:bb:b9:aa:19:9b:65:05:4d:e4:f5:f4:df:8b:
2c:c8:65:fb:21:63:95:54:64:46:f1:94:ed:d6:76:0a:6b:69:
21:1f:d9:f2:c0:82:1b:ea:e9:f7:73:3c:47:57:e0:3e:6e:a3:
97:95:13:5a:66:a4:cf:44:b5:f6:a9:ed:a4:51:0b:82:26:ea:
55:c9:5a:08:75:a1:ac:86:5b:b2:9e:17:5c:83:14:5b:18:4c:
98:0f:79:c5:1a:52:f2:16:8e:1a:61:69:7c:5e:54:43:da:69:
b7:be:da:d3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP55MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjE1NTQzWhcNMjUxMjEzMjE1NTQzWjAYMRYw
FAYDVQQDEw02NzdkYTJlMy01Y2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtGI08py7RSga5CmyjS3P0onGLZ7Z3vKO9FJF6j0eyTut7F0Uk9B/wd9/
DqjlWQtgEIACCJAeXn3nfl+HxzGVplerb5VADS0s0jtKbqiw9k8URXuHrqHcUWJX
6XDurMjAqQb1GoIu1qcff2PyHhbMpxsCUp6QZ1l2s+ctYIACIuo7tnGLu4ae7C2N
CAfAg4WHDIn9XAaFRmsQc0tAR0C2Mf+7OBTi3RRF0FDS17H2jH7pR7m/jSAkfQ7y
c0+JtgsskaAnKdFEhVKk8TAjY251pnZUIDFFRJPuz6Shi8cZNZ5Qtmw4NW4pbkrB
1zZyu+Va6VtuNCx+hNbl9vfvaNxclQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNIp
YP5001p07O1Bl0jQ5Or0LoEiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNjg3MTdFNENENDIxMUVGQjRGNjY1NEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNnMA0GCSqGSIb3DQEBCwUA
A4IBAQAYlNBGPc0VFj2yw9fxeuuOuVaEeekKPnwFlUtKLRasNWaMnLymE8/wPhpf
jmdOBNAY4A8KMP92VnDBJpUbF1JRg+J7f2334Z92TWIVNgMqo2uAtvvTYv1BqTiW
P+BRDNCY2f6tGEpdWlx0GMjqWYwcagjK01eLGG2oF/Yyd2aoJ4EMj1RozX9lJvMO
C9imEUDwb67pwru5qhmbZQVN5PX034ssyGX7IWOVVGRG8ZTt1nYKa2khH9nywIIb
6un3czxHV+A+bqOXlRNaZqTPRLX2qe2kUQuCJupVyVoIdaGshluynhdcgxRbGEyY
D3nFGlLyFo4aYWl8XlRD2mm3vtrT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:21 2025 by rpki-client