Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41A5F8DCCD1B11EFA6A75554762E951A.roa
File: 41A5F8DCCD1B11EFA6A75554762E951A.roa (raw, json)
Hash identifier: rRZOlE/ZR7Ea0qbTW/9BKzmbPXRXx1zAWb2cNREnnjk=
Subject key identifier: 09:C5:80:37:BB:03:27:25:F0:BF:EE:33:48:F2:7A:56:91:5E:11:09
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD45
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41A5F8DCCD1B11EFA6A75554762E951A.roa
Signing time: Tue 07 Jan 2025 17:17:22 +0000
ROA not before: Tue 07 Jan 2025 17:17:18 +0000
ROA not after: Mon 13 Dec 2027 17:17:18 +0000
asID: 17561
IP address blocks: 156.241.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64837 (0xfd45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:17:18 2025 GMT
Not After : Dec 13 17:17:18 2027 GMT
Subject: CN=677d61a2-144a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:76:d4:6d:47:2c:f1:a1:db:30:be:22:f2:35:
41:87:b8:a0:1c:97:6f:36:27:d6:37:39:0e:87:5f:
c7:8e:36:0f:05:2a:fb:b2:62:f8:4f:6a:c5:a6:a6:
05:1b:62:ec:81:3c:b4:fd:2d:af:b1:1f:d3:e8:d0:
30:b8:55:66:95:e4:e3:c1:f3:db:3c:cf:5a:29:32:
cf:c1:15:9f:9d:04:be:09:70:27:95:aa:9c:7d:ac:
ba:5d:c0:ee:4e:8d:4d:29:63:ae:99:1b:cf:12:c1:
36:a0:04:f7:c6:17:fe:a8:83:e0:29:02:4f:ff:1c:
5f:4c:70:ee:13:0b:d3:1d:c3:96:9e:96:a2:c5:45:
f4:f2:96:1c:93:51:ba:d1:ca:58:77:42:1b:03:5e:
f1:fe:f4:13:ea:55:39:2b:10:97:65:f3:49:c1:b4:
b9:62:6f:a6:4a:ad:f2:ed:48:2e:26:d4:05:ad:31:
21:27:3e:02:3b:c9:1f:dd:55:fa:88:05:f6:e5:35:
4f:8e:82:9e:80:1b:e9:80:89:dc:75:62:13:0b:8c:
26:20:be:c1:d3:72:53:d7:56:5d:9d:a5:c0:34:d7:
2d:cc:da:1a:fd:56:e1:3e:1d:0a:df:a7:d5:b0:27:
11:bf:19:90:c8:82:50:b0:7b:15:12:b9:3e:49:31:
52:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C5:80:37:BB:03:27:25:F0:BF:EE:33:48:F2:7A:56:91:5E:11:09
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41A5F8DCCD1B11EFA6A75554762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.39.0/24
Signature Algorithm: sha256WithRSAEncryption
60:27:10:69:c2:50:5a:46:66:02:f3:db:b4:04:4f:e1:95:39:
6f:cc:82:aa:ef:52:cf:46:d3:a3:c0:99:19:e7:1f:1a:7c:42:
15:df:5c:6b:5a:38:9f:53:35:8c:01:bb:de:13:4f:d1:35:6f:
a4:6d:7a:1a:f2:69:06:7e:28:07:b8:41:58:e6:96:64:65:87:
11:e5:03:1a:4d:12:cf:be:a4:b0:3c:6c:59:be:f8:e3:b7:2a:
ea:81:cb:8b:41:3e:95:f4:4d:9b:c4:ef:3d:03:d9:75:30:9f:
51:28:d2:40:28:01:64:23:2b:b7:87:41:53:1b:17:7e:39:b0:
7a:82:80:ed:d5:db:23:90:c8:c0:db:30:c5:f0:3a:f8:96:85:
ba:12:05:b7:01:b0:de:05:3d:d1:45:c9:c9:2d:8c:c2:63:c3:
c7:48:32:59:96:cd:dd:1d:76:89:2a:d3:5f:ec:40:0d:98:71:
78:2b:ae:c0:9c:40:e7:cb:6f:bb:06:fd:22:ec:5e:44:66:04:
c5:2c:ef:33:e5:1f:49:25:9b:14:b6:a4:5f:b2:73:07:a1:9f:
fb:c9:4f:18:c5:c1:bc:31:c6:6b:a5:dc:0c:60:64:06:30:94:
80:32:6b:40:a4:09:d1:67:6c:07:f1:54:8c:2c:31:ed:0f:7d:
f6:f2:ab:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTcxNzE4WhcNMjcxMjEzMTcxNzE4WjAYMRYw
FAYDVQQDEw02NzdkNjFhMi0xNDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsnbUbUcs8aHbML4i8jVBh7igHJdvNifWNzkOh1/HjjYPBSr7smL4T2rF
pqYFG2LsgTy0/S2vsR/T6NAwuFVmleTjwfPbPM9aKTLPwRWfnQS+CXAnlaqcfay6
XcDuTo1NKWOumRvPEsE2oAT3xhf+qIPgKQJP/xxfTHDuEwvTHcOWnpaixUX08pYc
k1G60cpYd0IbA17x/vQT6lU5KxCXZfNJwbS5Ym+mSq3y7UguJtQFrTEhJz4CO8kf
3VX6iAX25TVPjoKegBvpgIncdWITC4wmIL7B03JT11ZdnaXANNctzNoa/VbhPh0K
36fVsCcRvxmQyIJQsHsVErk+STFSzwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAnF
gDe7Aycl8L/uM0jyelaRXhEJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MUE1RjhEQ0NEMUIxMUVGQTZBNzU1NTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEnMA0GCSqGSIb3DQEBCwUA
A4IBAQBgJxBpwlBaRmYC89u0BE/hlTlvzIKq71LPRtOjwJkZ5x8afEIV31xrWjif
UzWMAbveE0/RNW+kbXoa8mkGfigHuEFY5pZkZYcR5QMaTRLPvqSwPGxZvvjjtyrq
gcuLQT6V9E2bxO89A9l1MJ9RKNJAKAFkIyu3h0FTGxd+ObB6goDt1dsjkMjA2zDF
8Dr4loW6EgW3AbDeBT3RRcnJLYzCY8PHSDJZls3dHXaJKtNf7EANmHF4K67AnEDn
y2+7Bv0i7F5EZgTFLO8z5R9JJZsUtqRfsnMHoZ/7yU8YxcG8McZrpdwMYGQGMJSA
MmtApAnRZ2wH8VSMLDHtD3328quC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:32 2025 by rpki-client