Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4274EADCCD3111EFB8121C60762E951A.roa
File: 4274EADCCD3111EFB8121C60762E951A.roa (raw, json)
Hash identifier: 81F1d6643Duw1XM/cI+vP0p7lJJQLmjv6o0TrdCct2g=
Subject key identifier: E7:E0:F1:EF:BB:28:BC:E8:B8:DA:8B:26:38:E4:C2:38:27:63:45:7C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDF3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4274EADCCD3111EFB8121C60762E951A.roa
Signing time: Tue 07 Jan 2025 19:54:52 +0000
ROA not before: Tue 07 Jan 2025 19:54:49 +0000
ROA not after: Mon 13 Dec 2027 19:54:49 +0000
asID: 17561
IP address blocks: 156.243.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65011 (0xfdf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:54:49 2025 GMT
Not After : Dec 13 19:54:49 2027 GMT
Subject: CN=677d868c-3919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:75:ae:ae:9f:05:b8:b5:d7:f1:70:b2:07:ad:
ec:d3:7c:81:3c:36:74:11:1f:c3:19:fb:a0:5a:24:
fe:89:fc:0b:ec:81:c1:cc:38:cf:82:bf:2e:77:58:
37:a7:31:89:6d:fe:9e:97:89:ae:27:c0:c5:a0:5c:
66:9d:39:75:77:16:b6:37:e1:52:89:7a:93:d8:b9:
d1:6a:65:34:82:2f:8f:4e:65:89:37:32:a7:46:3a:
38:55:fa:a7:1b:de:e1:ee:7f:65:e0:fb:e4:d5:23:
2c:93:2e:93:e3:bc:ba:61:64:7a:54:34:d4:d7:3e:
7a:9d:12:2b:58:ff:ca:d9:78:87:72:1d:b0:37:cc:
24:ee:fd:c5:64:0c:0e:df:88:f7:9b:4b:e2:39:ce:
00:b1:0b:73:2c:9f:7c:3d:e7:4d:b5:40:9c:78:49:
64:4e:3d:41:f3:29:97:b8:89:29:0f:5c:77:d5:95:
7f:fc:5e:d8:53:d8:02:db:cf:1c:db:42:a6:38:64:
a9:20:a4:f3:6a:32:7e:23:b4:a3:ef:d5:bf:e3:8e:
61:9f:ca:4a:1a:43:9d:d5:c4:89:3e:ef:8e:7a:cb:
5e:7d:b5:89:89:9e:40:75:0a:4a:c8:82:9d:9d:55:
ad:21:76:0e:c9:e7:d9:ad:b2:ca:0f:11:13:72:c3:
a3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E0:F1:EF:BB:28:BC:E8:B8:DA:8B:26:38:E4:C2:38:27:63:45:7C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4274EADCCD3111EFB8121C60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.34.0/24
Signature Algorithm: sha256WithRSAEncryption
41:cf:04:fd:8b:f9:3b:84:f9:09:57:0c:2d:b3:45:f8:38:11:
57:ee:48:59:23:3b:40:20:3f:66:1b:ac:98:13:be:1a:c0:2c:
33:9f:6e:02:82:1e:31:98:90:3f:0d:2e:47:89:4c:10:76:75:
5b:76:c5:88:05:be:95:0e:be:c1:aa:04:5b:19:cc:76:da:4d:
eb:c3:61:ba:b6:5d:f2:fd:3d:63:3d:49:70:9b:a6:36:5a:a9:
ea:ad:67:17:8c:81:f6:eb:41:3a:8e:a8:16:46:f4:98:b4:36:
18:0e:8d:4e:c0:3a:41:9a:b9:6e:8a:70:df:6a:db:52:b5:c4:
51:6f:3a:8d:4a:be:0c:c6:cc:1f:de:fd:da:f3:52:05:63:69:
7a:23:6c:72:e7:43:1f:e3:23:b9:79:a9:24:9f:a0:55:d2:58:
9b:9f:27:a8:68:3d:6f:14:90:d0:9f:cb:31:26:76:33:6a:b0:
2e:86:46:61:0e:1a:1a:1b:57:71:4a:5e:64:0c:97:1b:41:1d:
10:9c:93:e7:e0:7f:e9:47:9c:f0:9c:dc:0c:2c:d0:fa:8b:de:
36:e6:d5:fb:47:20:1f:57:8d:55:83:85:c4:ae:b9:a3:b5:3b:
70:da:1f:17:70:e7:c5:9c:7e:6a:db:b8:8b:34:d3:4f:d8:3e:
7c:db:8e:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP3zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTk1NDQ5WhcNMjcxMjEzMTk1NDQ5WjAYMRYw
FAYDVQQDEw02NzdkODY4Yy0zOTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3HWurp8FuLXX8XCyB63s03yBPDZ0ER/DGfugWiT+ifwL7IHBzDjPgr8u
d1g3pzGJbf6el4muJ8DFoFxmnTl1dxa2N+FSiXqT2LnRamU0gi+PTmWJNzKnRjo4
VfqnG97h7n9l4Pvk1SMsky6T47y6YWR6VDTU1z56nRIrWP/K2XiHch2wN8wk7v3F
ZAwO34j3m0viOc4AsQtzLJ98PedNtUCceElkTj1B8ymXuIkpD1x31ZV//F7YU9gC
288c20KmOGSpIKTzajJ+I7Sj79W/445hn8pKGkOd1cSJPu+OestefbWJiZ5AdQpK
yIKdnVWtIXYOyefZrbLKDxETcsOj5QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOfg
8e+7KLzouNqLJjjkwjgnY0V8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80Mjc0RUFEQ0NEMzExMUVGQjgxMjFDNjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPMiMA0GCSqGSIb3DQEBCwUA
A4IBAQBBzwT9i/k7hPkJVwwts0X4OBFX7khZIztAID9mG6yYE74awCwzn24Cgh4x
mJA/DS5HiUwQdnVbdsWIBb6VDr7BqgRbGcx22k3rw2G6tl3y/T1jPUlwm6Y2Wqnq
rWcXjIH260E6jqgWRvSYtDYYDo1OwDpBmrluinDfattStcRRbzqNSr4Mxswf3v3a
81IFY2l6I2xy50Mf4yO5eakkn6BV0libnyeoaD1vFJDQn8sxJnYzarAuhkZhDhoa
G1dxSl5kDJcbQR0QnJPn4H/pR5zwnNwMLND6i9425tX7RyAfV41Vg4XErrmjtTtw
2h8XcOfFnH5q27iLNNNP2D58245Q
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:29 2025 by rpki-client