Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/428302B0D2FA11EFB1CF55A5762E951A.roa
File: 428302B0D2FA11EFB1CF55A5762E951A.roa (raw, json)
Hash identifier: sthw0smBHKmxhCKoUObtSAoBkrhVdKst9vPsSKxjKlo=
Subject key identifier: F4:DA:8A:91:5E:45:8F:76:9A:73:5F:8E:9F:CD:B0:4B:55:F7:E8:E6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107BF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/428302B0D2FA11EFB1CF55A5762E951A.roa
Signing time: Wed 15 Jan 2025 04:36:17 +0000
ROA not before: Wed 15 Jan 2025 04:36:14 +0000
ROA not after: Sat 03 Jan 2026 04:36:14 +0000
asID: 984
IP address blocks: 156.254.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67519 (0x107bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:36:14 2025 GMT
Not After : Jan 3 04:36:14 2026 GMT
Subject: CN=67873b41-ca48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d4:e2:06:2d:9f:1b:bf:b2:8f:df:d7:22:f0:
18:d2:c3:61:00:d6:f7:77:d7:34:81:8b:a7:f4:8d:
8a:15:c0:15:40:ac:a9:81:da:01:08:00:12:66:2d:
a3:54:2b:73:a3:13:9e:0d:d8:21:a3:06:43:a3:4b:
23:46:00:7b:da:ee:0a:6d:f3:17:39:db:74:85:11:
b8:1f:fe:ea:ea:80:37:3e:23:00:02:ce:99:a4:da:
b6:79:95:2d:25:b1:80:a7:03:0d:31:05:89:14:41:
2f:49:11:ff:f6:8b:cf:28:ce:e3:97:ac:c3:93:16:
c8:6a:8c:48:50:08:93:1f:86:a9:db:93:84:20:62:
1a:e0:3a:af:5e:1b:e9:9e:f6:50:85:ca:5f:de:c1:
c9:de:58:e9:43:fc:01:5e:68:eb:6f:1c:15:b6:0d:
1d:57:cb:11:b3:bd:4d:84:86:32:b7:ec:72:a8:61:
2d:2e:59:5a:22:30:c1:66:14:ec:98:bb:b9:08:00:
aa:56:7a:0b:1e:e6:e6:2a:64:8f:60:5e:f3:fa:bc:
1c:8d:01:50:d8:7b:7b:6d:db:9d:7d:79:47:49:08:
88:98:4e:ef:1b:e9:9e:fd:91:be:2b:a3:c7:66:d5:
95:29:e7:c3:a7:5b:32:ce:8f:a6:9b:33:9f:7f:b9:
5f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:DA:8A:91:5E:45:8F:76:9A:73:5F:8E:9F:CD:B0:4B:55:F7:E8:E6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/428302B0D2FA11EFB1CF55A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.10.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:e8:93:56:45:1b:0b:2c:b0:a6:0f:e2:56:ba:5e:24:f7:3a:
d4:e6:e2:e4:b4:5e:da:2a:65:3c:29:23:d8:0c:a1:d7:5d:55:
45:77:e3:fa:94:4a:a2:0a:52:e3:c1:46:63:d9:91:e2:e4:7d:
39:e1:47:63:2a:5c:be:f0:0d:2e:44:c5:5e:89:62:f5:bf:69:
23:80:15:12:18:69:89:8c:ad:9f:c4:cb:d5:7d:c9:2d:72:c6:
5c:06:58:bd:58:3d:f7:18:a6:60:3f:05:8d:94:17:ac:64:6c:
7a:11:67:c4:6c:80:25:e7:0f:90:ae:cc:a1:69:83:8a:46:11:
84:0b:51:36:13:55:99:1a:11:ff:95:0f:72:da:3b:8e:23:e5:
67:a6:6d:3d:60:a2:88:96:83:d5:09:3c:18:93:1c:84:a5:1f:
6d:64:60:7a:c3:48:e7:1e:37:4f:33:da:41:cc:de:88:94:6d:
77:c9:24:e6:a3:85:3f:53:98:bc:eb:b8:a7:2e:84:93:44:c0:
31:08:e6:60:f3:67:53:89:c3:d0:be:d6:b7:1a:d7:a3:65:46:
8e:ea:95:d5:df:26:9d:12:3d:f0:9c:02:0e:5f:5e:e7:8c:39:
27:fd:ad:f8:32:d2:03:f4:81:ea:ab:02:79:d1:2e:3f:65:97:
8a:29:4d:c0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQe/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQzNjE0WhcNMjYwMTAzMDQzNjE0WjAYMRYw
FAYDVQQDEw02Nzg3M2I0MS1jYTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtNTiBi2fG7+yj9/XIvAY0sNhANb3d9c0gYun9I2KFcAVQKypgdoBCAAS
Zi2jVCtzoxOeDdghowZDo0sjRgB72u4KbfMXOdt0hRG4H/7q6oA3PiMAAs6ZpNq2
eZUtJbGApwMNMQWJFEEvSRH/9ovPKM7jl6zDkxbIaoxIUAiTH4ap25OEIGIa4Dqv
XhvpnvZQhcpf3sHJ3ljpQ/wBXmjrbxwVtg0dV8sRs71NhIYyt+xyqGEtLllaIjDB
ZhTsmLu5CACqVnoLHubmKmSPYF7z+rwcjQFQ2Ht7bdudfXlHSQiImE7vG+me/ZG+
K6PHZtWVKefDp1syzo+mmzOff7lf2QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPTa
ipFeRY92mnNfjp/NsEtV9+jmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MjgzMDJCMEQyRkExMUVGQjFDRjU1QTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4KMA0GCSqGSIb3DQEBCwUA
A4IBAQCw6JNWRRsLLLCmD+JWul4k9zrU5uLktF7aKmU8KSPYDKHXXVVFd+P6lEqi
ClLjwUZj2ZHi5H054UdjKly+8A0uRMVeiWL1v2kjgBUSGGmJjK2fxMvVfcktcsZc
Bli9WD33GKZgPwWNlBesZGx6EWfEbIAl5w+QrsyhaYOKRhGEC1E2E1WZGhH/lQ9y
2juOI+Vnpm09YKKIloPVCTwYkxyEpR9tZGB6w0jnHjdPM9pBzN6IlG13ySTmo4U/
U5i867inLoSTRMAxCOZg82dTicPQvta3GtejZUaO6pXV3yadEj3wnAIOX17njDkn
/a34MtID9IHqqwJ50S4/ZZeKKU3A
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:39 2025 by rpki-client