Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/34F5843ECD4511EFAAC3B65D762E951A.roa
File: 34F5843ECD4511EFAAC3B65D762E951A.roa (raw, json)
Hash identifier: 0ONF43URQvp3K1TcNe4a9vsnq8jqEUYardeqjrdE+Mo=
Subject key identifier: DC:CB:CC:21:5D:E8:89:EF:BF:5B:A1:09:95:27:A3:2B:8A:20:92:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE91
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/34F5843ECD4511EFAAC3B65D762E951A.roa
Signing time: Tue 07 Jan 2025 22:17:40 +0000
ROA not before: Tue 07 Jan 2025 22:17:36 +0000
ROA not after: Mon 13 Dec 2027 22:17:36 +0000
asID: 17561
IP address blocks: 156.243.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65169 (0xfe91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:17:36 2025 GMT
Not After : Dec 13 22:17:36 2027 GMT
Subject: CN=677da804-1b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:19:8e:b4:ed:7f:e0:ce:65:68:16:56:12:7f:
94:ae:ee:c9:a3:94:b1:f3:0d:a5:80:b7:77:d7:9f:
ef:3b:3e:d2:f6:f6:82:a1:b7:c5:22:e9:21:c5:19:
9a:a1:c9:6a:c7:8e:92:29:77:7a:f8:50:09:79:d8:
f3:7b:07:5e:15:76:13:26:78:79:fe:11:ef:24:da:
89:1b:6f:2b:6c:08:35:f2:c5:9e:1d:a9:00:50:cf:
0a:79:60:1f:40:62:e1:08:d6:3f:19:8b:d2:bc:aa:
30:93:a2:d5:e7:5f:ba:54:4f:b9:3c:70:a4:44:0e:
5b:41:ed:8c:c9:fa:ea:03:b1:69:a9:8d:0f:91:80:
35:c9:3d:2e:5a:79:55:45:95:7e:25:a7:e0:1e:0a:
a0:6b:c1:8e:35:59:4c:80:c5:3f:47:d1:06:31:1c:
79:90:00:73:67:e0:dd:99:d4:d9:18:32:57:9f:f0:
c9:ad:25:6a:b9:4e:5e:68:3e:23:80:db:7d:1b:15:
a0:50:a5:5f:e3:36:59:e0:cb:53:01:49:79:ce:c1:
9a:6c:8f:c8:4c:7f:c7:2a:15:eb:e9:dd:b3:dc:1d:
50:34:87:b0:05:e7:b1:63:bb:fc:8e:4f:1b:e2:2a:
fb:60:31:34:4e:8e:2c:21:51:bc:d2:c9:b9:0b:0b:
07:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CB:CC:21:5D:E8:89:EF:BF:5B:A1:09:95:27:A3:2B:8A:20:92:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/34F5843ECD4511EFAAC3B65D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.115.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:04:d7:71:23:8e:4c:5f:c1:de:90:be:fe:94:a6:1d:1b:33:
f3:5e:d3:7e:b9:92:aa:db:ba:e4:df:f9:97:96:47:b2:aa:43:
d1:99:1b:03:7d:01:6e:75:d1:5c:dd:f9:e1:3f:65:84:6c:09:
4c:88:86:33:7d:6d:e1:b7:13:3e:2d:64:3f:72:bd:d8:a9:13:
0c:ee:de:0b:30:cc:ea:18:4d:f3:85:58:df:61:e4:54:14:ac:
f6:97:fb:82:ae:39:53:22:d2:e9:3e:1d:85:f5:b2:b2:7e:eb:
4b:4f:7a:2d:e2:58:07:b8:85:0e:bc:f3:cc:39:2e:71:f4:d4:
e4:84:67:c3:ab:4d:b7:bb:b8:16:7e:73:07:ef:95:97:e0:b3:
06:a4:c8:b5:59:9b:6c:37:19:3c:b5:b1:ae:f1:21:74:e4:dd:
8c:3f:28:25:b4:b5:06:e5:a4:86:16:b9:ff:8e:60:90:ec:57:
6f:f9:28:51:42:5c:65:b5:a3:ea:eb:b3:91:cd:4c:48:33:56:
e4:f0:61:f8:bb:58:ca:3e:29:30:0e:78:ea:32:86:2f:d3:7e:
f6:17:fb:1d:c3:7e:ea:a8:39:28:7d:3a:ee:96:32:73:72:2f:
87:6f:7a:7b:d1:50:c4:99:d0:46:40:82:72:44:65:0d:e3:5d:
98:51:fa:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjIxNzM2WhcNMjcxMjEzMjIxNzM2WjAYMRYw
FAYDVQQDEw02NzdkYTgwNC0xYjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtxmOtO1/4M5laBZWEn+Uru7Jo5Sx8w2lgLd315/vOz7S9vaCobfFIukh
xRmaoclqx46SKXd6+FAJedjzewdeFXYTJnh5/hHvJNqJG28rbAg18sWeHakAUM8K
eWAfQGLhCNY/GYvSvKowk6LV51+6VE+5PHCkRA5bQe2MyfrqA7FpqY0PkYA1yT0u
WnlVRZV+JafgHgqga8GONVlMgMU/R9EGMRx5kABzZ+DdmdTZGDJXn/DJrSVquU5e
aD4jgNt9GxWgUKVf4zZZ4MtTAUl5zsGabI/ITH/HKhXr6d2z3B1QNIewBeexY7v8
jk8b4ir7YDE0To4sIVG80sm5CwsHxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNzL
zCFd6Invv1uhCZUnoyuKIJL/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNEY1ODQzRUNENDUxMUVGQUFDM0I2NUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNzMA0GCSqGSIb3DQEBCwUA
A4IBAQAuBNdxI45MX8HekL7+lKYdGzPzXtN+uZKq27rk3/mXlkeyqkPRmRsDfQFu
ddFc3fnhP2WEbAlMiIYzfW3htxM+LWQ/cr3YqRMM7t4LMMzqGE3zhVjfYeRUFKz2
l/uCrjlTItLpPh2F9bKyfutLT3ot4lgHuIUOvPPMOS5x9NTkhGfDq023u7gWfnMH
75WX4LMGpMi1WZtsNxk8tbGu8SF05N2MPygltLUG5aSGFrn/jmCQ7Fdv+ShRQlxl
taPq67ORzUxIM1bk8GH4u1jKPikwDnjqMoYv0372F/sdw37qqDkofTruljJzci+H
b3p70VDEmdBGQIJyRGUN412YUfoi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:52 2025 by rpki-client