Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43781F0CD2F511EF879E2A87762E951A.roa
File: 43781F0CD2F511EF879E2A87762E951A.roa (raw, json)
Hash identifier: SNdLgM80Mxj/6GXh9pWfqFPX9g5vzJVBN03RLwacBBg=
Subject key identifier: 1C:A3:7F:C7:1A:8F:50:08:13:B4:72:ED:26:E3:7B:8B:53:3A:3E:6B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01079D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43781F0CD2F511EF879E2A87762E951A.roa
Signing time: Wed 15 Jan 2025 04:00:31 +0000
ROA not before: Wed 15 Jan 2025 04:00:27 +0000
ROA not after: Mon 03 Jan 2028 04:00:27 +0000
asID: 17561
IP address blocks: 156.250.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67485 (0x1079d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:00:27 2025 GMT
Not After : Jan 3 04:00:27 2028 GMT
Subject: CN=678732df-5f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6b:a1:5a:13:8a:ee:47:a0:52:e8:08:f0:a3:
13:5c:fe:a0:38:6d:57:48:dd:ca:4e:db:50:c7:f7:
92:84:b9:3c:33:1d:ea:76:d1:8b:ae:6c:43:e7:db:
71:4d:87:94:c4:b6:b2:a7:06:36:17:03:73:91:21:
31:4d:0b:73:f7:89:d5:5c:37:f7:5e:8e:f5:82:f8:
37:95:45:a2:83:7e:72:33:9f:f1:23:a4:84:68:d2:
4f:99:c6:12:a0:de:d7:96:29:86:d6:34:95:e6:80:
10:91:02:98:e4:30:9c:c5:3c:ab:2a:4e:0c:98:c2:
d5:45:e8:10:e0:b2:25:f5:b7:9a:7e:fe:c2:3f:9c:
5b:49:d1:7f:bd:9e:3f:a4:d2:e6:24:62:86:53:3a:
9f:9f:90:12:d3:43:d5:a7:33:a0:9b:8a:ed:a7:5b:
7a:5c:fa:a5:25:96:8f:8c:b7:26:41:d6:bb:ce:92:
7b:d7:e3:8b:92:aa:76:79:6f:70:d3:da:e4:a1:a1:
df:59:eb:03:c8:6e:a6:14:14:d2:26:5f:02:a5:ae:
05:5b:52:2f:da:52:42:aa:6b:18:5b:97:2d:d0:db:
c9:35:54:03:30:7b:49:e2:7e:85:8e:38:f7:72:80:
fd:61:8e:10:e6:25:a9:16:e6:e4:5c:3b:f6:54:c8:
ce:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A3:7F:C7:1A:8F:50:08:13:B4:72:ED:26:E3:7B:8B:53:3A:3E:6B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43781F0CD2F511EF879E2A87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.46.0/24
Signature Algorithm: sha256WithRSAEncryption
74:75:b5:13:96:a6:ba:13:99:34:46:bd:d9:af:1d:61:6b:03:
57:58:7d:df:11:6c:db:7c:8e:7b:5e:30:ec:7e:58:b4:9c:14:
b1:81:52:e3:05:1f:3e:43:6d:d7:55:3f:0d:6d:cf:0f:d4:87:
42:d1:b2:9d:07:2f:bb:ff:8e:b8:b4:d5:26:85:30:dc:c0:24:
5c:e5:fe:19:4c:1d:f0:c4:15:5f:35:60:5d:5e:8e:8d:d7:65:
fd:6d:e0:ea:9c:68:02:f3:0e:24:4c:d6:b6:ac:27:b2:7a:69:
fc:44:db:9e:b0:30:67:28:a6:03:af:34:e2:9d:c3:93:86:8c:
ec:5a:14:fb:9e:45:76:2c:24:a7:ff:76:fd:b1:cf:18:1d:d8:
c2:4c:f0:0e:80:95:2e:4d:a9:80:99:fb:43:71:34:65:38:8b:
40:56:98:8e:13:c5:06:a1:45:f3:20:da:9c:47:81:27:01:cb:
89:80:d1:2c:c3:2a:1f:71:78:3a:61:36:cf:57:f8:64:5a:8f:
55:22:ab:d9:8f:96:35:6b:7a:7f:0d:4c:83:85:1e:20:1f:24:
3c:ca:0f:bd:43:7d:ac:61:38:6d:d1:a3:8e:32:1a:56:58:37:
7f:a7:e8:c2:32:f6:82:5b:14:52:5e:3c:a5:ef:79:45:0a:c7:
f3:84:3d:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQedMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQwMDI3WhcNMjgwMTAzMDQwMDI3WjAYMRYw
FAYDVQQDEw02Nzg3MzJkZi01ZjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsWuhWhOK7kegUugI8KMTXP6gOG1XSN3KTttQx/eShLk8Mx3qdtGLrmxD
59txTYeUxLaypwY2FwNzkSExTQtz94nVXDf3Xo71gvg3lUWig35yM5/xI6SEaNJP
mcYSoN7XlimG1jSV5oAQkQKY5DCcxTyrKk4MmMLVRegQ4LIl9beafv7CP5xbSdF/
vZ4/pNLmJGKGUzqfn5AS00PVpzOgm4rtp1t6XPqlJZaPjLcmQda7zpJ71+OLkqp2
eW9w09rkoaHfWesDyG6mFBTSJl8Cpa4FW1Iv2lJCqmsYW5ct0NvJNVQDMHtJ4n6F
jjj3coD9YY4Q5iWpFubkXDv2VMjO9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFByj
f8caj1AIE7Ry7Sbje4tTOj5rMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80Mzc4MUYwQ0QyRjUxMUVGODc5RTJBODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPouMA0GCSqGSIb3DQEBCwUA
A4IBAQB0dbUTlqa6E5k0Rr3Zrx1hawNXWH3fEWzbfI57XjDsfli0nBSxgVLjBR8+
Q23XVT8Nbc8P1IdC0bKdBy+7/464tNUmhTDcwCRc5f4ZTB3wxBVfNWBdXo6N12X9
beDqnGgC8w4kTNa2rCeyemn8RNuesDBnKKYDrzTincOThozsWhT7nkV2LCSn/3b9
sc8YHdjCTPAOgJUuTamAmftDcTRlOItAVpiOE8UGoUXzINqcR4EnAcuJgNEswyof
cXg6YTbPV/hkWo9VIqvZj5Y1a3p/DUyDhR4gHyQ8yg+9Q32sYTht0aOOMhpWWDd/
p+jCMvaCWxRSXjyl73lFCsfzhD1X
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:56 2025 by rpki-client