Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47D7C976D2FF11EF92E67045762E951A.roa
File: 47D7C976D2FF11EF92E67045762E951A.roa (raw, json)
Hash identifier: LRj3FOv4YX9I1BqRiba/NugGDC6mK/cKBVEle+e/z/Q=
Subject key identifier: 62:F1:A6:A0:FF:61:CB:9B:5C:09:9B:C8:8F:5A:6C:F8:7C:7D:72:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107E1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47D7C976D2FF11EF92E67045762E951A.roa
Signing time: Wed 15 Jan 2025 05:12:14 +0000
ROA not before: Wed 15 Jan 2025 05:12:10 +0000
ROA not after: Sat 03 Jan 2026 05:12:10 +0000
asID: 984
IP address blocks: 156.254.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67553 (0x107e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 05:12:10 2025 GMT
Not After : Jan 3 05:12:10 2026 GMT
Subject: CN=678743ad-df16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:73:4a:55:04:ee:6d:76:de:c3:c4:0d:d1:94:
39:41:ec:4d:07:07:ec:e9:e0:2e:39:34:be:76:18:
29:eb:d2:c4:fc:f4:38:78:c6:e3:00:3a:f4:a7:f1:
d0:47:87:d6:0e:3c:5b:9f:5d:ed:ce:ae:5b:69:8c:
b8:f5:11:3e:de:fc:62:49:07:0c:bb:93:5e:a9:21:
cb:38:63:dc:b3:96:49:f6:19:38:3e:2f:f9:ae:43:
97:b2:59:93:da:73:d6:d2:56:e5:71:4b:81:0c:da:
ae:ad:be:49:7e:6a:50:7c:55:94:cf:47:f4:3d:51:
ce:b4:c1:4a:b3:9f:19:24:89:f2:56:cd:3f:9d:ed:
83:75:f8:da:8e:72:c3:bf:4e:f9:2d:6b:5c:0a:97:
b1:30:13:3e:01:e0:fe:a5:c9:7e:50:fd:6c:74:9a:
fc:8a:8e:1a:a0:1d:de:48:6d:17:5b:86:1a:ff:f8:
14:43:ab:4e:68:3c:13:93:d2:de:eb:34:a7:91:0a:
45:eb:62:52:0e:16:1b:a5:f1:19:77:62:65:98:e2:
1b:b6:19:4a:c9:1d:cd:88:41:61:89:9c:95:ae:b6:
bc:5e:4b:5d:f9:5f:9b:19:ed:41:20:11:88:56:af:
d0:2f:2d:8b:f8:0e:fa:88:b4:d2:27:34:9e:a9:d7:
3e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F1:A6:A0:FF:61:CB:9B:5C:09:9B:C8:8F:5A:6C:F8:7C:7D:72:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47D7C976D2FF11EF92E67045762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.27.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:17:a4:fb:8a:0e:eb:07:1b:07:7b:ce:4e:87:1c:26:37:7d:
09:37:fd:9b:60:8e:99:07:a9:3e:df:f7:db:4d:43:d7:0d:94:
31:20:f0:d2:62:92:69:5a:a5:ce:be:34:65:82:ab:96:74:9d:
0b:0c:31:e7:56:a9:25:5b:a8:12:09:d0:6a:d0:80:71:6b:21:
17:ae:1f:f0:08:11:19:9a:9a:f9:52:d9:19:a4:96:10:ba:7c:
c3:26:1e:d7:47:13:4d:e2:6f:33:11:5c:33:eb:8b:92:fd:47:
2e:ea:c1:49:00:2c:87:d2:3f:d0:44:df:0a:b8:11:05:ec:6c:
0e:74:57:1f:c3:23:a5:3a:ef:5b:12:11:e2:e4:de:56:8b:ce:
d8:07:a9:c4:68:62:87:35:7b:73:f8:87:ef:a6:b4:e4:cf:3b:
51:ae:28:45:5a:9f:62:0f:69:e9:c5:23:46:cc:07:17:53:9b:
8b:88:f3:a3:85:e3:75:6f:12:16:7b:5f:bd:0f:1e:84:6f:f0:
a5:46:5b:33:84:76:6b:7b:f6:00:1b:b0:b9:67:3c:11:73:be:
28:27:c6:f4:c9:03:8b:01:54:5f:df:f2:bf:ea:c0:8c:10:c5:
f8:06:70:6f:f0:91:46:93:16:9c:22:4c:f9:40:88:50:69:9d:
2c:c3:38:c9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQfhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDUxMjEwWhcNMjYwMTAzMDUxMjEwWjAYMRYw
FAYDVQQDEw02Nzg3NDNhZC1kZjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu3NKVQTubXbew8QN0ZQ5QexNBwfs6eAuOTS+dhgp69LE/PQ4eMbjADr0
p/HQR4fWDjxbn13tzq5baYy49RE+3vxiSQcMu5NeqSHLOGPcs5ZJ9hk4Pi/5rkOX
slmT2nPW0lblcUuBDNqurb5JfmpQfFWUz0f0PVHOtMFKs58ZJInyVs0/ne2Ddfja
jnLDv075LWtcCpexMBM+AeD+pcl+UP1sdJr8io4aoB3eSG0XW4Ya//gUQ6tOaDwT
k9Le6zSnkQpF62JSDhYbpfEZd2JlmOIbthlKyR3NiEFhiZyVrra8Xktd+V+bGe1B
IBGIVq/QLy2L+A76iLTSJzSeqdc+AwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGLx
pqD/YcubXAmbyI9abPh8fXLhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80N0Q3Qzk3NkQyRkYxMUVGOTJFNjcwNDU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4bMA0GCSqGSIb3DQEBCwUA
A4IBAQCoF6T7ig7rBxsHe85OhxwmN30JN/2bYI6ZB6k+3/fbTUPXDZQxIPDSYpJp
WqXOvjRlgquWdJ0LDDHnVqklW6gSCdBq0IBxayEXrh/wCBEZmpr5UtkZpJYQunzD
Jh7XRxNN4m8zEVwz64uS/Ucu6sFJACyH0j/QRN8KuBEF7GwOdFcfwyOlOu9bEhHi
5N5Wi87YB6nEaGKHNXtz+IfvprTkzztRrihFWp9iD2npxSNGzAcXU5uLiPOjheN1
bxIWe1+9Dx6Eb/ClRlszhHZre/YAG7C5ZzwRc74oJ8b0yQOLAVRf3/K/6sCMEMX4
BnBv8JFGkxacIkz5QIhQaZ0swzjJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:13 2025 by rpki-client