Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2823A76ED2F811EFA38D6D98762E951A.roa
File: 2823A76ED2F811EFA38D6D98762E951A.roa (raw, json)
Hash identifier: tzCv86ROIxCjXNBvcqjHFpZ+BHcWHJbrcdsJVCuQkhg=
Subject key identifier: F2:38:B1:0E:F4:D5:0D:0B:8F:64:92:AC:5B:78:DC:DC:4D:44:BC:C9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107B1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2823A76ED2F811EFA38D6D98762E951A.roa
Signing time: Wed 15 Jan 2025 04:21:14 +0000
ROA not before: Wed 15 Jan 2025 04:21:10 +0000
ROA not after: Sat 03 Jan 2026 04:21:10 +0000
asID: 984
IP address blocks: 156.254.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67505 (0x107b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:21:10 2025 GMT
Not After : Jan 3 04:21:10 2026 GMT
Subject: CN=678737ba-c388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:76:ce:89:2b:c1:66:c2:3f:05:17:e5:af:12:
c6:65:04:bc:e6:53:75:cc:db:2d:55:43:38:f5:f0:
e5:94:fc:29:45:ae:f1:6f:7d:ed:8d:58:69:89:d9:
6e:5c:47:a1:f1:47:ff:74:03:81:35:94:fe:0e:45:
75:ca:73:90:4b:a6:56:2f:0d:a1:6f:ea:12:02:28:
d2:74:d8:07:4b:95:ff:ac:73:de:a3:28:f8:52:9e:
c7:5f:fd:74:f1:37:0a:ec:43:3c:02:6d:fd:ac:92:
9d:22:37:84:c3:9f:84:23:6a:1f:65:3f:15:09:9c:
80:bf:4c:17:51:80:0b:83:a6:ab:9c:af:e2:71:17:
86:31:99:79:61:e8:cc:20:fe:42:ee:0f:71:ff:91:
ac:63:40:78:98:61:99:a8:39:e4:11:68:cc:84:f2:
5e:97:d5:76:ce:3e:3c:75:6b:13:2e:99:09:a5:fe:
7f:32:d2:9b:3d:bd:ab:83:b4:ac:f2:7a:f2:54:76:
fd:04:53:8f:8c:53:b6:69:e0:ac:c7:fc:8c:ae:01:
79:0a:43:ef:11:ff:cf:97:e9:6d:e8:a0:ad:ba:06:
43:da:0c:f6:7b:0f:0a:37:29:ec:37:5a:73:be:e8:
4b:d4:d2:8f:63:ee:53:89:63:5d:09:f2:33:81:8e:
fe:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:38:B1:0E:F4:D5:0D:0B:8F:64:92:AC:5B:78:DC:DC:4D:44:BC:C9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2823A76ED2F811EFA38D6D98762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.3.0/24
Signature Algorithm: sha256WithRSAEncryption
01:32:a5:76:d0:24:f8:24:86:20:d0:c4:95:89:70:99:50:49:
16:17:23:a0:74:68:c8:7e:26:b9:d5:57:14:59:dc:ab:ff:58:
cf:95:d8:81:e0:f2:fb:c5:51:5a:94:f9:90:54:86:31:ae:b6:
ec:f8:60:59:5d:3e:a1:91:9b:f7:60:5e:8c:84:c9:5f:c2:db:
89:10:e7:78:73:16:d0:cc:04:2b:13:5b:3f:35:a0:67:4b:41:
23:47:51:2b:68:24:ae:d1:4a:6b:64:a9:46:82:eb:d5:b4:ea:
ec:cf:c7:e6:45:e5:a7:a1:27:45:c8:98:ba:e2:0b:ac:9b:13:
0a:e9:d6:65:c9:fd:2f:f4:65:fd:d7:28:d3:af:4c:bd:9f:21:
e1:b5:e2:92:b4:70:1c:3d:61:2c:35:06:62:94:00:ee:4d:bc:
44:87:83:e2:c1:07:99:22:a0:5e:99:97:d2:d1:36:1e:31:9c:
45:51:e7:28:09:c6:23:3b:80:12:71:e7:f8:58:f5:c9:74:95:
49:56:ea:6f:0e:9b:d6:cd:67:0b:dd:c2:52:5a:a1:8d:2d:01:
cc:29:71:3b:d8:a3:c1:07:b0:5e:a9:2f:16:ee:30:08:cd:bc:
74:3b:55:29:12:24:f8:f6:98:d0:9a:75:7e:b4:ac:a6:dc:3c:
95:d1:9b:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQexMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQyMTEwWhcNMjYwMTAzMDQyMTEwWjAYMRYw
FAYDVQQDEw02Nzg3MzdiYS1jMzg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr3bOiSvBZsI/BRflrxLGZQS85lN1zNstVUM49fDllPwpRa7xb33tjVhp
idluXEeh8Uf/dAOBNZT+DkV1ynOQS6ZWLw2hb+oSAijSdNgHS5X/rHPeoyj4Up7H
X/108TcK7EM8Am39rJKdIjeEw5+EI2ofZT8VCZyAv0wXUYALg6arnK/icReGMZl5
YejMIP5C7g9x/5GsY0B4mGGZqDnkEWjMhPJel9V2zj48dWsTLpkJpf5/MtKbPb2r
g7Ss8nryVHb9BFOPjFO2aeCsx/yMrgF5CkPvEf/Pl+lt6KCtugZD2gz2ew8KNyns
N1pzvuhL1NKPY+5TiWNdCfIzgY7+lwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPI4
sQ701Q0Lj2SSrFt43NxNRLzJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODIzQTc2RUQyRjgxMUVGQTM4RDZEOTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4DMA0GCSqGSIb3DQEBCwUA
A4IBAQABMqV20CT4JIYg0MSViXCZUEkWFyOgdGjIfia51VcUWdyr/1jPldiB4PL7
xVFalPmQVIYxrrbs+GBZXT6hkZv3YF6MhMlfwtuJEOd4cxbQzAQrE1s/NaBnS0Ej
R1EraCSu0UprZKlGguvVtOrsz8fmReWnoSdFyJi64gusmxMK6dZlyf0v9GX91yjT
r0y9nyHhteKStHAcPWEsNQZilADuTbxEh4PiwQeZIqBemZfS0TYeMZxFUecoCcYj
O4AScef4WPXJdJVJVupvDpvWzWcL3cJSWqGNLQHMKXE72KPBB7BeqS8W7jAIzbx0
O1UpEiT49pjQmnV+tKym3DyV0ZvE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:19 2025 by rpki-client