Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4549FA50CE4D11EF925B4C85762E951A.roa
File: 4549FA50CE4D11EF925B4C85762E951A.roa (raw, json)
Hash identifier: LoWGDrL/KlbC20OydMkfINptRQ4LsE5coANBPsPWESI=
Subject key identifier: F3:96:5A:56:0E:88:B0:09:33:1C:D7:71:BB:07:66:3B:FD:6A:D6:C8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102CB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4549FA50CE4D11EF925B4C85762E951A.roa
Signing time: Thu 09 Jan 2025 05:47:54 +0000
ROA not before: Thu 09 Jan 2025 05:47:50 +0000
ROA not after: Fri 09 Jan 2026 05:47:50 +0000
asID: 17561
IP address blocks: 156.238.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66251 (0x102cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 05:47:50 2025 GMT
Not After : Jan 9 05:47:50 2026 GMT
Subject: CN=677f630a-b595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ef:4c:d7:3c:c0:1a:56:28:a1:f6:1f:61:1a:
14:5b:bd:0d:85:70:07:6d:1a:28:f4:3b:82:ff:b2:
66:6a:7f:b1:08:18:4c:3f:7b:fc:77:1c:cc:c5:4e:
9b:a4:5f:d3:aa:ad:67:d8:9e:34:a9:d9:b9:6b:d0:
d8:93:d0:ab:cf:4e:fb:69:f2:c7:b5:0d:b6:31:cf:
a9:1b:47:70:53:db:19:b4:3e:69:82:db:71:f1:b3:
63:03:bb:8f:d1:48:f3:3e:8a:fc:c1:ba:1b:02:0a:
a0:0f:05:75:bc:09:18:36:0b:78:13:07:79:64:11:
17:5b:3f:c9:de:b7:b4:9e:81:cf:25:71:05:5b:09:
f3:d2:0e:46:fd:bf:cc:17:b3:f4:40:07:f8:79:25:
94:f8:9f:47:5b:3b:67:41:31:24:29:88:08:1e:82:
02:16:11:8c:0c:74:df:cf:79:82:48:8c:41:d3:8c:
c7:71:6d:f5:45:c2:a9:f6:48:27:1f:19:8d:82:f0:
eb:6d:22:64:34:a1:94:7e:97:58:a5:6a:ba:63:79:
cf:f3:0d:fe:98:6d:fd:b6:63:65:70:c5:21:76:9c:
38:39:ce:5e:b8:14:29:45:5c:34:25:e0:8e:4a:9a:
01:eb:6c:ff:46:b7:d0:de:21:17:9d:62:7d:dc:a0:
43:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:96:5A:56:0E:88:B0:09:33:1C:D7:71:BB:07:66:3B:FD:6A:D6:C8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4549FA50CE4D11EF925B4C85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.57.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:fb:41:ff:f4:52:0e:02:5e:84:92:6f:1a:02:7b:4c:de:28:
77:04:45:5f:6d:df:47:d2:42:3d:6a:c4:86:5d:4c:b8:0f:78:
78:e1:43:48:90:1d:2c:63:f8:63:a4:4b:db:33:7b:c6:dc:1d:
f4:37:c2:8d:bb:74:85:25:0d:20:2f:5a:0e:b3:90:1c:7c:14:
36:85:34:5c:d3:ca:02:52:5e:50:85:7e:69:c0:d8:85:a3:c7:
f5:34:6c:a4:89:68:0a:76:25:3c:ec:43:14:c7:fb:17:e4:86:
c4:c7:64:7f:5a:f7:0f:8f:85:45:65:5e:47:3f:1f:a2:ef:de:
fa:7c:dd:3e:ce:82:b8:06:6f:55:6a:01:ee:ce:ba:21:b2:dd:
08:54:eb:25:bb:85:f1:af:c9:18:d3:88:be:94:6d:16:bd:3e:
1d:52:07:19:8e:8c:c9:1d:4e:85:7f:e2:66:b2:e2:7e:b6:ef:
3c:85:35:73:4a:87:fa:5a:18:22:4e:24:9f:55:d5:8b:68:a4:
04:2b:48:a8:c3:34:43:19:fb:9b:e7:e9:6e:cc:ea:75:95:c3:
cd:99:53:63:79:d9:fa:20:05:49:b6:34:2c:cf:55:47:9b:da:
30:84:49:5a:75:03:d3:7d:e2:38:fa:5c:dd:48:34:93:38:4b:
bc:67:3d:d7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQLLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDU0NzUwWhcNMjYwMTA5MDU0NzUwWjAYMRYw
FAYDVQQDEw02NzdmNjMwYS1iNTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1O9M1zzAGlYoofYfYRoUW70NhXAHbRoo9DuC/7Jman+xCBhMP3v8dxzM
xU6bpF/Tqq1n2J40qdm5a9DYk9Crz077afLHtQ22Mc+pG0dwU9sZtD5pgttx8bNj
A7uP0UjzPor8wbobAgqgDwV1vAkYNgt4Ewd5ZBEXWz/J3re0noHPJXEFWwnz0g5G
/b/MF7P0QAf4eSWU+J9HWztnQTEkKYgIHoICFhGMDHTfz3mCSIxB04zHcW31RcKp
9kgnHxmNgvDrbSJkNKGUfpdYpWq6Y3nP8w3+mG39tmNlcMUhdpw4Oc5euBQpRVw0
JeCOSpoB62z/RrfQ3iEXnWJ93KBD4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPOW
WlYOiLAJMxzXcbsHZjv9atbIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NTQ5RkE1MENFNEQxMUVGOTI1QjRDODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO45MA0GCSqGSIb3DQEBCwUA
A4IBAQCk+0H/9FIOAl6Ekm8aAntM3ih3BEVfbd9H0kI9asSGXUy4D3h44UNIkB0s
Y/hjpEvbM3vG3B30N8KNu3SFJQ0gL1oOs5AcfBQ2hTRc08oCUl5QhX5pwNiFo8f1
NGykiWgKdiU87EMUx/sX5IbEx2R/WvcPj4VFZV5HPx+i7976fN0+zoK4Bm9VagHu
zrohst0IVOslu4Xxr8kY04i+lG0WvT4dUgcZjozJHU6Ff+JmsuJ+tu88hTVzSof6
WhgiTiSfVdWLaKQEK0iowzRDGfub5+luzOp1lcPNmVNjedn6IAVJtjQsz1VHm9ow
hEladQPTfeI4+lzdSDSTOEu8Zz3X
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:24 2025 by rpki-client