Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43C3EB3ECCA211EFAC2FA555762E951A.roa
File: 43C3EB3ECCA211EFAC2FA555762E951A.roa (raw, json)
Hash identifier: Jm9M9Ibl2y0LGZRf2UCYsFkMcWdm4hA0qEQO/N/+U5E=
Subject key identifier: 54:FF:B8:C8:47:C7:6D:A7:40:CB:D5:6E:40:68:B5:AE:96:56:69:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F99E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43C3EB3ECCA211EFAC2FA555762E951A.roa
Signing time: Tue 07 Jan 2025 02:51:17 +0000
ROA not before: Tue 07 Jan 2025 02:51:13 +0000
ROA not after: Mon 13 Dec 2027 02:51:13 +0000
asID: 17561
IP address blocks: 156.229.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63902 (0xf99e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:51:13 2025 GMT
Not After : Dec 13 02:51:13 2027 GMT
Subject: CN=677c96a4-e1bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:98:f0:04:f4:d4:ba:48:52:10:a1:9c:4f:66:
50:c1:0d:96:e5:72:71:43:04:5f:73:85:ff:52:3e:
d4:eb:54:8d:f3:7b:a5:11:30:b6:e3:15:1d:f9:07:
21:0d:29:8c:c2:0e:f3:9d:14:a8:14:d9:da:02:d4:
eb:08:be:96:d7:1d:87:4f:f5:1e:de:24:f8:6c:bc:
13:40:53:98:11:95:5d:4b:b7:bd:79:07:74:5d:f2:
aa:cc:51:a0:38:65:f4:81:fa:dc:b3:dc:5c:52:41:
b8:69:68:4a:13:ba:5e:f4:ba:df:cc:b5:96:e3:8a:
27:a5:0b:14:a9:7e:86:bd:55:1b:d4:5d:a4:e3:c5:
68:19:20:f1:3f:a3:d0:97:f8:f1:2c:26:76:d4:d7:
aa:4d:06:1a:8c:7a:c7:ba:aa:59:07:63:07:6f:6c:
76:7b:fc:2c:83:5e:ae:13:8c:4c:35:ff:92:a6:e9:
6f:3e:72:1c:ad:b4:31:08:01:d0:0a:f8:6b:01:e4:
79:e7:4d:f6:81:bb:5d:90:61:89:9c:53:a6:a7:45:
a1:fe:db:84:67:d6:80:60:9a:1f:22:82:fd:4f:32:
c1:19:78:b7:f4:f9:e6:29:5c:56:c7:57:1c:f4:00:
e1:e8:6d:9c:47:f8:99:63:ea:0f:57:a5:6d:31:f3:
bf:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FF:B8:C8:47:C7:6D:A7:40:CB:D5:6E:40:68:B5:AE:96:56:69:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43C3EB3ECCA211EFAC2FA555762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.26.0/24
Signature Algorithm: sha256WithRSAEncryption
13:9d:6c:65:42:69:41:77:47:dc:67:7f:1c:4b:15:d2:6e:17:
f8:d2:ef:9a:63:b3:ff:e4:d5:8d:b7:6b:8e:9e:88:4b:84:c4:
ac:35:db:a4:f3:93:94:d7:f9:b1:5d:5c:08:03:71:78:0a:1e:
e1:fc:c5:e9:bd:0d:08:14:2e:f8:ff:a2:32:24:15:b7:f9:da:
f7:d4:70:d9:7b:cc:a2:3e:69:17:84:aa:29:96:16:3c:49:f9:
4d:88:06:91:a4:63:cc:a8:f6:5b:fa:03:a4:a8:76:87:b0:33:
55:bf:3a:e2:7e:d2:2d:2c:28:10:8d:ef:08:84:5b:41:57:e8:
3a:ba:49:24:d0:4c:8c:67:90:e9:bc:9a:bc:b9:10:50:5c:bb:
34:3c:38:ca:b4:c3:05:63:5a:83:79:85:fd:c2:91:e8:65:8f:
be:85:0f:c5:d8:3e:87:b9:04:fb:f5:c2:39:84:50:0d:71:76:
7c:2c:d3:0f:3e:02:3b:70:28:35:92:e8:ae:f7:61:79:29:5f:
67:66:39:3a:d0:be:bc:41:63:62:0c:73:12:43:d5:9b:7d:36:
d0:3b:ea:e8:56:4b:66:58:5b:a9:92:bd:a0:db:73:86:ca:3d:
c5:82:c8:60:96:50:e0:ec:a3:9a:98:70:18:28:ab:05:4a:05:
2b:6a:84:ee
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPmeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDI1MTEzWhcNMjcxMjEzMDI1MTEzWjAYMRYw
FAYDVQQDEw02NzdjOTZhNC1lMWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmpjwBPTUukhSEKGcT2ZQwQ2W5XJxQwRfc4X/Uj7U61SN83ulETC24xUd
+QchDSmMwg7znRSoFNnaAtTrCL6W1x2HT/Ue3iT4bLwTQFOYEZVdS7e9eQd0XfKq
zFGgOGX0gfrcs9xcUkG4aWhKE7pe9LrfzLWW44onpQsUqX6GvVUb1F2k48VoGSDx
P6PQl/jxLCZ21NeqTQYajHrHuqpZB2MHb2x2e/wsg16uE4xMNf+SpulvPnIcrbQx
CAHQCvhrAeR55032gbtdkGGJnFOmp0Wh/tuEZ9aAYJofIoL9TzLBGXi39PnmKVxW
x1cc9ADh6G2cR/iZY+oPV6VtMfO/owIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFT/
uMhHx22nQMvVbkBota6WVmnAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80M0MzRUIzRUNDQTIxMUVGQUMyRkE1NTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOUaMA0GCSqGSIb3DQEBCwUA
A4IBAQATnWxlQmlBd0fcZ38cSxXSbhf40u+aY7P/5NWNt2uOnohLhMSsNduk85OU
1/mxXVwIA3F4Ch7h/MXpvQ0IFC74/6IyJBW3+dr31HDZe8yiPmkXhKoplhY8SflN
iAaRpGPMqPZb+gOkqHaHsDNVvzriftItLCgQje8IhFtBV+g6ukkk0EyMZ5DpvJq8
uRBQXLs0PDjKtMMFY1qDeYX9wpHoZY++hQ/F2D6HuQT79cI5hFANcXZ8LNMPPgI7
cCg1kuiu92F5KV9nZjk60L68QWNiDHMSQ9WbfTbQO+roVktmWFupkr2g23OGyj3F
gshgllDg7KOamHAYKKsFSgUraoTu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:23 2025 by rpki-client