Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/44618C38CCA511EFA9F7CC6E762E951A.roa
File: 44618C38CCA511EFA9F7CC6E762E951A.roa (raw, json)
Hash identifier: +NgZI4WGatArNr3L8Vj2Kg8StUyEYvwxnA3fCoEQEPM=
Subject key identifier: C6:87:70:7E:AD:59:6C:F6:AD:EF:84:18:60:8F:04:AA:ED:A6:48:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9B8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/44618C38CCA511EFA9F7CC6E762E951A.roa
Signing time: Tue 07 Jan 2025 03:12:46 +0000
ROA not before: Tue 07 Jan 2025 03:12:42 +0000
ROA not after: Sat 13 Dec 2025 03:12:42 +0000
asID: 984
IP address blocks: 156.229.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63928 (0xf9b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 03:12:42 2025 GMT
Not After : Dec 13 03:12:42 2025 GMT
Subject: CN=677c9bae-ac66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:66:2d:76:52:b7:f0:de:11:0f:0f:ca:a2:
63:80:e2:bc:03:a3:f1:0b:3f:ec:f9:0c:1d:f0:c0:
8c:fc:e4:40:26:9b:9d:07:1e:d1:20:10:7b:77:13:
eb:dd:f3:26:cf:82:18:43:42:f5:e5:48:31:1e:54:
20:77:f1:7d:cd:c1:7d:97:d1:d3:62:53:00:24:67:
36:c2:27:fe:ef:7b:f5:97:08:1d:a9:5b:14:21:87:
cf:98:81:99:93:a0:eb:59:6d:ef:7d:06:d5:23:b3:
d5:59:df:59:2b:75:26:3a:06:38:3f:7b:10:23:d2:
e1:8a:98:04:ed:ae:54:63:23:a5:bc:d0:d5:2b:8c:
c7:ef:e2:37:4f:a5:c6:ee:81:40:65:03:39:46:f6:
20:d5:ec:06:39:f2:5e:cc:82:ad:58:a4:f0:7b:79:
6c:6d:bc:db:04:98:a6:f8:56:d8:6d:a0:03:c5:b5:
18:3a:50:62:2b:74:2f:de:ac:58:5b:72:7a:27:57:
33:32:da:22:50:ec:5b:3b:75:c7:9c:72:16:3f:13:
f9:05:01:ce:03:84:e4:4e:f3:4e:3e:df:e3:fc:28:
7c:14:54:d6:35:41:ce:1c:d2:d8:94:44:8c:cd:44:
ce:92:ef:2c:81:6b:b5:ac:ab:df:e7:d9:e1:ee:8d:
2a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:87:70:7E:AD:59:6C:F6:AD:EF:84:18:60:8F:04:AA:ED:A6:48:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/44618C38CCA511EFA9F7CC6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:89:23:84:a5:0d:2d:c8:7b:1d:4c:28:c4:1a:e6:02:f6:03:
85:85:f1:4e:b4:1e:c6:58:6e:cd:c9:33:3c:02:6b:66:cb:af:
c3:31:cc:ec:8d:84:c2:b9:62:34:ef:96:7e:a8:b6:68:71:89:
bb:ed:d6:13:d2:5c:a7:76:fd:fb:57:40:3c:49:1f:e8:5b:43:
42:92:d8:5c:dc:0f:82:a6:0a:a5:1b:00:57:86:12:fd:11:2e:
c9:51:c2:85:aa:2b:8e:b5:2b:f9:72:41:5f:37:f9:94:b7:35:
01:8b:2a:f2:6e:f3:51:ac:5b:86:a3:7c:2e:b9:88:34:23:4b:
4a:e0:b1:32:e6:4d:6f:04:67:08:77:8b:19:f1:92:a3:c5:4e:
33:8a:cd:4c:1d:04:27:0a:ce:fd:db:d5:ff:40:2d:0d:ff:7a:
a8:6e:2f:ee:55:b7:f9:cd:bb:12:21:72:dc:7d:e0:34:1c:4d:
60:5a:c7:f4:e8:29:98:c4:f8:d0:14:72:bd:59:c8:d6:e5:65:
74:cc:c4:c3:6a:92:9d:72:8f:e4:2e:6f:3a:14:12:e3:24:18:
a9:fe:aa:69:7a:6b:dd:73:c9:38:60:e1:fe:39:52:06:33:80:
ce:9e:10:65:57:1c:1c:c9:07:3d:29:68:0a:02:65:02:eb:83:
fb:d1:97:62
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPm4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDMxMjQyWhcNMjUxMjEzMDMxMjQyWjAYMRYw
FAYDVQQDEw02NzdjOWJhZS1hYzY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzixmLXZSt/DeEQ8PyqJjgOK8A6PxCz/s+Qwd8MCM/ORAJpudBx7RIBB7
dxPr3fMmz4IYQ0L15UgxHlQgd/F9zcF9l9HTYlMAJGc2wif+73v1lwgdqVsUIYfP
mIGZk6DrWW3vfQbVI7PVWd9ZK3UmOgY4P3sQI9LhipgE7a5UYyOlvNDVK4zH7+I3
T6XG7oFAZQM5RvYg1ewGOfJezIKtWKTwe3lsbbzbBJim+FbYbaADxbUYOlBiK3Qv
3qxYW3J6J1czMtoiUOxbO3XHnHIWPxP5BQHOA4TkTvNOPt/j/Ch8FFTWNUHOHNLY
lESMzUTOku8sgWu1rKvf59nh7o0qWwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMaH
cH6tWWz2re+EGGCPBKrtpkjpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDYxOEMzOENDQTUxMUVGQTlGN0NDNkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXvMA0GCSqGSIb3DQEBCwUA
A4IBAQAuiSOEpQ0tyHsdTCjEGuYC9gOFhfFOtB7GWG7NyTM8Amtmy6/DMczsjYTC
uWI075Z+qLZocYm77dYT0lyndv37V0A8SR/oW0NCkthc3A+CpgqlGwBXhhL9ES7J
UcKFqiuOtSv5ckFfN/mUtzUBiyrybvNRrFuGo3wuuYg0I0tK4LEy5k1vBGcId4sZ
8ZKjxU4zis1MHQQnCs7929X/QC0N/3qobi/uVbf5zbsSIXLcfeA0HE1gWsf06CmY
xPjQFHK9WcjW5WV0zMTDapKdco/kLm86FBLjJBip/qppemvdc8k4YOH+OVIGM4DO
nhBlVxwcyQc9KWgKAmUC64P70Zdi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:04 2025 by rpki-client