Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/442B7ED4CD7E11EFA7119A5B762E951A.roa
File: 442B7ED4CD7E11EFA7119A5B762E951A.roa (raw, json)
Hash identifier: 8RSiW0tyvCeoUjMWFt7VYwwvfM3ni+3GJ0Prhm26EUw=
Subject key identifier: 78:84:07:74:95:06:59:0B:D8:90:13:54:A4:11:43:B7:E1:6C:F8:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFEF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/442B7ED4CD7E11EFA7119A5B762E951A.roa
Signing time: Wed 08 Jan 2025 05:06:06 +0000
ROA not before: Wed 08 Jan 2025 05:06:03 +0000
ROA not after: Sat 13 Dec 2025 05:06:03 +0000
asID: 984
IP address blocks: 156.250.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65519 (0xffef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:06:03 2025 GMT
Not After : Dec 13 05:06:03 2025 GMT
Subject: CN=677e07be-2132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d4:34:26:85:48:98:b6:08:f9:2b:9b:09:45:
d9:43:6c:a7:af:e9:3b:01:a9:fa:2b:b8:d0:66:11:
55:0d:e8:f1:64:61:78:57:ff:b8:40:33:28:b4:bc:
c6:1d:ce:c1:49:82:ee:a8:6b:63:d5:80:df:38:8b:
fe:1d:47:87:eb:16:3e:14:23:82:18:72:e5:a3:64:
74:55:15:01:5d:30:ee:32:80:3a:b7:5a:65:f3:60:
07:ac:2b:1a:d7:15:b1:ce:c1:30:01:ce:65:63:c7:
54:77:7e:0d:3e:e6:c2:62:3e:e0:36:7a:b5:e1:84:
41:7e:76:31:b3:31:7d:25:0d:9c:ce:33:d8:79:df:
e9:dd:7f:69:9b:e0:3d:c3:f9:66:1c:b3:87:6c:7b:
19:2c:29:7a:ae:67:01:c8:bc:5c:24:2e:46:79:60:
a3:3b:69:e0:13:45:4c:47:13:d6:cc:07:08:28:55:
13:71:22:f4:d2:27:86:9d:b8:5b:69:c7:6d:04:cf:
50:ea:4b:1a:5f:dc:b1:7a:e4:dc:42:79:25:a0:52:
3a:b0:e6:f9:88:4b:89:c7:9a:aa:76:a6:b5:cd:ad:
c7:11:af:47:1e:20:ab:2c:b8:31:ad:2d:32:77:0c:
5e:7c:fa:fb:db:ce:44:85:0c:9d:fb:fc:f4:f2:39:
94:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:84:07:74:95:06:59:0B:D8:90:13:54:A4:11:43:B7:E1:6C:F8:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/442B7ED4CD7E11EFA7119A5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.61.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:b4:68:88:ab:61:b2:65:a6:92:57:cc:6c:6c:d7:b5:87:51:
00:a7:24:8a:71:57:9d:a7:4d:4c:da:e6:f0:3e:53:af:6e:4c:
7b:8d:5c:cd:c0:33:09:21:4f:b6:cd:03:01:32:e6:79:3d:f3:
5a:d8:88:e3:67:ad:f0:bf:84:69:8c:e1:a9:3a:25:7d:d7:dc:
5c:cc:0a:f5:1a:b9:aa:53:b7:58:20:55:91:f7:57:89:a7:89:
50:77:77:6a:06:b1:47:30:e7:43:17:31:91:74:b3:31:e3:18:
e0:0c:23:c9:c7:a8:a8:b0:32:30:e5:9e:a6:57:c7:0a:7f:9f:
1d:86:a6:0f:57:a7:9f:49:6b:b7:9e:0e:17:e4:fa:1d:52:9c:
7d:11:dd:db:42:6e:5e:86:ed:99:35:0e:96:96:60:9c:24:72:
08:33:04:12:82:e2:85:42:2c:10:d7:67:81:6c:09:70:cd:a8:
cf:62:a5:4c:bd:39:57:b4:d7:cc:1c:f1:1b:df:69:1b:67:bd:
83:4a:43:ea:c2:6b:89:d9:20:36:20:45:97:ab:fa:cd:e7:f1:
f7:a7:27:71:e5:f9:86:ba:b2:ed:ba:24:b1:39:0a:a7:f9:1d:
79:2b:95:68:a6:e4:b8:cd:03:1b:65:e9:fe:6e:57:3e:b1:7b:
1d:6d:2c:d7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP/vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDUwNjAzWhcNMjUxMjEzMDUwNjAzWjAYMRYw
FAYDVQQDEw02NzdlMDdiZS0yMTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3tQ0JoVImLYI+SubCUXZQ2ynr+k7Aan6K7jQZhFVDejxZGF4V/+4QDMo
tLzGHc7BSYLuqGtj1YDfOIv+HUeH6xY+FCOCGHLlo2R0VRUBXTDuMoA6t1pl82AH
rCsa1xWxzsEwAc5lY8dUd34NPubCYj7gNnq14YRBfnYxszF9JQ2czjPYed/p3X9p
m+A9w/lmHLOHbHsZLCl6rmcByLxcJC5GeWCjO2ngE0VMRxPWzAcIKFUTcSL00ieG
nbhbacdtBM9Q6ksaX9yxeuTcQnkloFI6sOb5iEuJx5qqdqa1za3HEa9HHiCrLLgx
rS0ydwxefPr7285EhQyd+/z08jmU1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHiE
B3SVBlkL2JATVKQRQ7fhbPg/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDJCN0VENENEN0UxMUVGQTcxMTlBNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPo9MA0GCSqGSIb3DQEBCwUA
A4IBAQAPtGiIq2GyZaaSV8xsbNe1h1EApySKcVedp01M2ubwPlOvbkx7jVzNwDMJ
IU+2zQMBMuZ5PfNa2IjjZ63wv4RpjOGpOiV919xczAr1GrmqU7dYIFWR91eJp4lQ
d3dqBrFHMOdDFzGRdLMx4xjgDCPJx6iosDIw5Z6mV8cKf58dhqYPV6efSWu3ng4X
5PodUpx9Ed3bQm5ehu2ZNQ6WlmCcJHIIMwQSguKFQiwQ12eBbAlwzajPYqVMvTlX
tNfMHPEb32kbZ72DSkPqwmuJ2SA2IEWXq/rN5/H3pydx5fmGurLtuiSxOQqn+R15
K5VopuS4zQMbZen+blc+sXsdbSzX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:50 2025 by rpki-client