Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4805F7A6C32311EFBA1DBF68762E951A.roa
File: 4805F7A6C32311EFBA1DBF68762E951A.roa (raw, json)
Hash identifier: iaKCPH6mTVs95ER3bECwzEhDtStzO4CtI/xBxk7dhyE=
Subject key identifier: 43:22:7A:4A:74:CF:0A:5F:A6:38:78:87:E7:AA:08:81:A1:37:5F:7C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA48
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4805F7A6C32311EFBA1DBF68762E951A.roa
Signing time: Thu 26 Dec 2024 00:49:37 +0000
ROA not before: Thu 26 Dec 2024 00:00:33 +0000
ROA not after: Sat 01 Mar 2025 00:00:33 +0000
asID: 984
IP address blocks: 156.243.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59976 (0xea48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:33 2024 GMT
Not After : Mar 1 00:00:33 2025 GMT
Subject: CN=676ca821-48f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:27:a3:59:5c:1c:98:f9:43:57:57:0b:61:8f:
a5:89:0e:70:86:4f:fc:bb:2b:42:25:e6:6a:e9:c3:
f1:11:49:84:18:bf:89:79:d8:ec:ea:f9:07:bb:bb:
c4:fa:59:e4:82:f0:02:e9:3a:f0:89:50:77:7a:3a:
66:92:33:56:fe:4a:8a:7b:f2:94:56:b6:28:c2:56:
0b:03:f6:eb:b9:06:18:31:b3:b3:57:fa:ec:90:2f:
29:7e:01:cc:14:ec:a8:b2:5b:76:19:c7:02:c4:38:
8a:9f:87:c6:36:30:b0:dd:00:8e:e3:06:02:36:50:
b1:23:8c:f5:88:c7:60:1d:21:40:17:ee:d2:cb:d6:
3c:12:3c:2f:dc:73:6a:e6:b5:88:16:86:30:92:12:
43:4d:d7:8c:ed:9c:4a:4f:9c:87:49:b0:0d:72:79:
3c:84:9e:2a:79:c0:a9:2d:a1:41:45:62:b6:8a:ca:
a3:c8:a6:be:d5:cf:19:76:75:2d:37:7e:98:b9:cc:
fc:4b:5d:44:e1:04:18:33:ce:fb:c3:cb:66:b5:87:
5d:b8:ec:0e:46:d3:21:fa:25:2a:75:72:74:01:28:
10:86:3e:98:b8:56:23:92:a3:15:c7:23:14:a5:7e:
5e:f7:e2:a6:97:66:10:8d:dd:6e:66:1d:2f:0a:6a:
b8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:22:7A:4A:74:CF:0A:5F:A6:38:78:87:E7:AA:08:81:A1:37:5F:7C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4805F7A6C32311EFBA1DBF68762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.128.0/17
Signature Algorithm: sha256WithRSAEncryption
0e:54:fc:dc:bd:6f:a7:52:f0:22:d9:0d:87:fd:c2:2a:40:88:
39:55:e2:6b:26:6f:5f:7e:b4:6f:0c:a7:74:af:c0:9c:80:fa:
5e:3e:a5:5d:a1:9f:68:a4:92:e6:94:67:01:ff:b6:c4:71:f9:
22:84:e6:7c:e3:bc:ec:a5:f7:84:8a:19:47:56:ba:86:9e:15:
42:ac:ee:2a:a2:a8:a6:fe:2b:c4:f3:c5:0e:a6:40:63:01:a5:
7d:1b:a6:64:12:a6:dc:5e:c4:53:4a:21:a6:ca:73:72:a7:83:
06:9d:75:72:0a:dd:0f:ca:a7:1c:74:83:76:ab:4e:66:1d:f0:
41:ab:96:d3:93:a0:09:93:10:4e:b7:d4:1a:96:d2:8e:97:79:
03:f8:f9:8a:c8:1a:e8:86:2c:f4:77:ed:30:6e:11:d0:c1:18:
aa:89:d4:26:b9:31:a9:5a:45:46:0b:f0:61:31:cd:cd:4d:e2:
9a:c1:b5:d8:6b:0d:fe:ac:1c:29:d8:77:9c:de:98:4b:b3:5a:
7d:50:65:73:4e:4b:12:11:a7:7e:4f:ea:8d:a1:38:12:70:9e:
c3:cb:56:6f:85:81:85:90:49:bf:c9:ee:33:63:0d:d9:56:7b:
1d:d7:d2:a9:55:e4:65:7f:17:fe:7f:7f:4e:23:f9:51:0f:e9:
07:ed:ec:96
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOpIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDMzWhcNMjUwMzAxMDAwMDMzWjAYMRYw
FAYDVQQDEw02NzZjYTgyMS00OGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtSejWVwcmPlDV1cLYY+liQ5whk/8uytCJeZq6cPxEUmEGL+Jedjs6vkH
u7vE+lnkgvAC6TrwiVB3ejpmkjNW/kqKe/KUVrYowlYLA/bruQYYMbOzV/rskC8p
fgHMFOyoslt2GccCxDiKn4fGNjCw3QCO4wYCNlCxI4z1iMdgHSFAF+7Sy9Y8Ejwv
3HNq5rWIFoYwkhJDTdeM7ZxKT5yHSbANcnk8hJ4qecCpLaFBRWK2isqjyKa+1c8Z
dnUtN36Yucz8S11E4QQYM877w8tmtYdduOwORtMh+iUqdXJ0ASgQhj6YuFYjkqMV
xyMUpX5e9+Kml2YQjd1uZh0vCmq4WwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEMi
ekp0zwpfpjh4h+eqCIGhN198MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80ODA1RjdBNkMzMjMxMUVGQkExREJGNjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHnPOAMA0GCSqGSIb3DQEBCwUA
A4IBAQAOVPzcvW+nUvAi2Q2H/cIqQIg5VeJrJm9ffrRvDKd0r8CcgPpePqVdoZ9o
pJLmlGcB/7bEcfkihOZ847zspfeEihlHVrqGnhVCrO4qoqim/ivE88UOpkBjAaV9
G6ZkEqbcXsRTSiGmynNyp4MGnXVyCt0PyqccdIN2q05mHfBBq5bTk6AJkxBOt9Qa
ltKOl3kD+PmKyBrohiz0d+0wbhHQwRiqidQmuTGpWkVGC/BhMc3NTeKawbXYaw3+
rBwp2Hec3phLs1p9UGVzTksSEad+T+qNoTgScJ7Dy1ZvhYGFkEm/ye4zYw3ZVnsd
19KpVeRlfxf+f39OI/lRD+kH7eyW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:13 2025 by rpki-client