Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/301CF5A6CDA311EFB3589044762E951A.roa
File: 301CF5A6CDA311EFB3589044762E951A.roa (raw, json)
Hash identifier: z+t3iKKl3YU8k5eNZ69SNL4Ju3INtjrOs+cO13RbSfA=
Subject key identifier: 7A:7D:9D:1C:7A:B0:7C:CC:60:7C:49:5F:4D:A2:A1:DD:1C:52:E8:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100FD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/301CF5A6CDA311EFB3589044762E951A.roa
Signing time: Wed 08 Jan 2025 09:30:24 +0000
ROA not before: Wed 08 Jan 2025 09:30:21 +0000
ROA not after: Sat 13 Dec 2025 09:30:21 +0000
asID: 984
IP address blocks: 156.253.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65789 (0x100fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:30:21 2025 GMT
Not After : Dec 13 09:30:21 2025 GMT
Subject: CN=677e45b0-21e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:96:4d:0a:4f:d8:4d:a5:e8:a5:78:a0:83:0d:
31:8e:73:7b:1f:8e:23:94:c0:8c:2f:24:c8:ab:91:
98:c9:d5:6c:61:d4:29:05:56:7f:7b:74:18:e2:d1:
06:0a:20:0c:15:a4:c4:51:94:52:d4:b1:e0:0d:25:
6d:35:eb:33:c1:1c:a2:c3:64:88:bb:05:85:bc:44:
23:2d:7a:fb:b5:9e:99:ea:1d:7b:f8:ee:a9:5d:5f:
3f:4c:cf:6e:63:d1:17:17:9f:69:4f:09:fc:03:52:
ec:81:83:15:88:33:85:b7:d5:33:99:e1:8a:b3:31:
b3:b9:f5:6e:8b:38:f0:4c:6c:0b:34:d4:c4:89:db:
83:72:44:02:38:66:08:e5:7a:db:8b:6d:67:d6:21:
83:86:bc:59:af:32:3f:ee:6a:71:c8:d7:75:bf:12:
0b:5b:4f:4f:0b:48:ab:43:f3:5e:00:d6:ed:db:1c:
ab:05:e4:58:ef:d7:c8:29:9a:41:c1:31:08:9f:e6:
9e:ea:20:37:b5:96:32:27:a0:83:e4:d1:5d:ce:8c:
29:ba:2d:56:57:c9:02:18:e7:f1:7f:5a:a7:b2:c2:
f1:2a:98:a3:5b:51:bc:f8:fa:be:05:30:1a:87:9e:
9d:00:4e:e1:72:e6:c4:2b:d0:e7:60:d7:b3:c2:c2:
a3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:7D:9D:1C:7A:B0:7C:CC:60:7C:49:5F:4D:A2:A1:DD:1C:52:E8:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/301CF5A6CDA311EFB3589044762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.49.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:3c:25:a1:9d:99:15:fd:35:6d:71:2c:83:cc:58:9c:52:89:
da:75:dc:68:08:18:d6:ca:1e:0a:6f:ae:25:73:9d:fd:64:a3:
45:32:7f:01:76:ab:4f:2e:fc:89:6a:0a:e6:ec:d1:8d:64:1a:
6d:1b:7d:d5:c7:98:27:6e:4d:1e:39:e0:8a:f9:92:06:9a:d4:
3f:c0:7e:d2:a0:02:bb:94:57:f1:33:d8:9e:23:64:09:b2:c6:
01:d4:9c:b0:80:cf:76:52:dd:2e:5d:6d:55:af:30:72:c1:87:
3e:6b:60:7c:61:1e:b1:b9:35:ae:4c:cd:bc:a3:7e:53:ff:63:
48:b9:2f:2c:b9:9c:81:7f:c9:8f:07:12:bf:68:3e:9b:8f:bf:
ae:e0:85:f3:87:db:26:97:dc:88:77:0f:5d:d1:05:2a:2b:a7:
47:ab:3d:40:77:95:af:1a:8f:88:7c:36:be:6e:c1:39:6c:26:
2e:e1:8c:b0:2e:5d:a4:dc:94:b7:ab:1a:d0:af:0d:96:d8:b4:
3d:4e:24:d2:c0:7b:f2:18:4b:39:b5:81:2e:d4:b7:35:b8:cd:
3b:0b:91:c1:45:63:81:fe:df:4e:47:f9:3d:b1:6a:a3:c9:6e:
c9:42:49:9e:b6:9c:6d:79:2b:f5:e4:2f:3c:93:ed:a9:20:57:
0a:49:d6:91
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQD9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkzMDIxWhcNMjUxMjEzMDkzMDIxWjAYMRYw
FAYDVQQDEw02NzdlNDViMC0yMWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5ZZNCk/YTaXopXiggw0xjnN7H44jlMCMLyTIq5GYydVsYdQpBVZ/e3QY
4tEGCiAMFaTEUZRS1LHgDSVtNeszwRyiw2SIuwWFvEQjLXr7tZ6Z6h17+O6pXV8/
TM9uY9EXF59pTwn8A1LsgYMViDOFt9UzmeGKszGzufVuizjwTGwLNNTEiduDckQC
OGYI5Xrbi21n1iGDhrxZrzI/7mpxyNd1vxILW09PC0irQ/NeANbt2xyrBeRY79fI
KZpBwTEIn+ae6iA3tZYyJ6CD5NFdzowpui1WV8kCGOfxf1qnssLxKpijW1G8+Pq+
BTAah56dAE7hcubEK9DnYNezwsKjJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHp9
nRx6sHzMYHxJX02iod0cUuiLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMDFDRjVBNkNEQTMxMUVGQjM1ODkwNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP0xMA0GCSqGSIb3DQEBCwUA
A4IBAQB6PCWhnZkV/TVtcSyDzFicUonaddxoCBjWyh4Kb64lc539ZKNFMn8BdqtP
LvyJagrm7NGNZBptG33Vx5gnbk0eOeCK+ZIGmtQ/wH7SoAK7lFfxM9ieI2QJssYB
1JywgM92Ut0uXW1VrzBywYc+a2B8YR6xuTWuTM28o35T/2NIuS8suZyBf8mPBxK/
aD6bj7+u4IXzh9sml9yIdw9d0QUqK6dHqz1Ad5WvGo+IfDa+bsE5bCYu4YywLl2k
3JS3qxrQrw2W2LQ9TiTSwHvyGEs5tYEu1Lc1uM07C5HBRWOB/t9OR/k9sWqjyW7J
QkmetpxteSv15C88k+2pIFcKSdaR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:27 2025 by rpki-client