Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4884A166CCC211EF81E0A7A3762E951A.roa
File: 4884A166CCC211EF81E0A7A3762E951A.roa (raw, json)
Hash identifier: MdNOnVy/3ZLkxL0WkgZy3NgjjLeaUk2T430Wd1/NAJI=
Subject key identifier: A6:30:C7:E1:12:41:5D:2E:54:B4:7E:FF:67:17:68:A1:D8:CC:9C:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA32
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4884A166CCC211EF81E0A7A3762E951A.roa
Signing time: Tue 07 Jan 2025 06:40:28 +0000
ROA not before: Tue 07 Jan 2025 06:40:25 +0000
ROA not after: Mon 13 Dec 2027 06:40:25 +0000
asID: 17561
IP address blocks: 156.233.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64050 (0xfa32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 06:40:25 2025 GMT
Not After : Dec 13 06:40:25 2027 GMT
Subject: CN=677ccc5c-69a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:70:4b:82:fe:53:f4:f0:99:eb:63:1c:37:f0:
96:62:07:9d:5c:07:a5:de:d5:d8:de:bb:42:30:e9:
44:c0:c1:c1:92:89:05:e7:86:30:26:9f:38:69:81:
01:f1:22:d5:5e:35:38:1d:db:b7:26:b2:70:07:e6:
76:55:af:c6:5d:9a:9d:93:7c:81:01:6b:85:9f:e5:
e0:27:84:38:33:cc:ee:02:b0:42:b0:e6:81:33:49:
79:8d:4e:a3:f9:a8:18:c5:3d:99:0b:bf:c5:83:58:
c7:82:7f:cc:dc:69:2b:3e:95:64:bd:fe:3f:5a:bb:
90:61:f7:2f:05:32:f2:c3:cf:78:8c:28:00:3e:a1:
cb:d1:81:ac:63:3f:34:a5:40:86:9f:03:18:d3:10:
de:e4:37:54:12:ae:ac:e8:1d:70:0c:34:aa:c8:94:
ce:82:97:6f:e4:bb:1b:91:34:0a:89:3a:31:bf:c0:
8d:f0:c8:6b:d7:68:8a:01:44:6c:eb:66:2c:7e:71:
f3:51:5c:d1:f0:fe:e2:50:57:98:7d:e6:84:6f:fd:
37:af:9b:3e:cc:a5:e8:6a:3a:5d:fb:a6:4b:3c:65:
07:84:87:26:5e:9a:89:c2:1d:4e:00:70:a6:07:c8:
41:da:f7:24:75:96:48:78:2a:62:f7:4e:69:d4:61:
a8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:30:C7:E1:12:41:5D:2E:54:B4:7E:FF:67:17:68:A1:D8:CC:9C:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4884A166CCC211EF81E0A7A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.46.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:5e:7c:b8:c5:07:d3:85:96:1e:9f:57:3d:1c:47:0e:dc:be:
d1:f0:49:22:d1:bb:0c:c3:f0:ba:94:08:ac:52:76:6d:40:73:
8d:c0:bc:9f:d9:30:74:74:1a:7f:70:0c:6a:53:d4:d3:c7:b3:
fc:42:17:b7:42:f3:e6:0e:07:b1:26:e5:ac:65:4a:ae:14:36:
63:a5:4e:0b:3d:31:24:68:57:e2:db:b2:2d:64:10:ba:b9:f8:
ac:02:77:f3:ab:fd:45:6b:b3:85:82:20:da:43:42:e6:ce:9c:
29:7d:9b:4e:a4:81:ee:a6:f6:61:73:e7:cb:c2:2f:4a:6e:7b:
ca:5c:d2:2e:4c:58:8c:04:ce:32:33:24:81:22:38:86:4a:8b:
a5:9a:42:5b:90:d6:65:d4:cc:a0:bd:1a:2f:63:a0:6a:24:41:
b7:fa:eb:4d:92:9d:0b:93:ee:93:ba:c4:81:48:01:43:44:8b:
c4:f1:64:b3:a5:30:e6:d2:66:42:68:89:b6:a3:a2:ee:0d:59:
ee:25:74:1c:7c:d8:4c:49:71:ad:8e:b2:24:1c:e5:a0:d3:fd:
88:eb:45:59:28:91:8b:0b:28:68:30:8c:55:f2:e0:40:1c:d0:
33:91:59:71:c5:3b:8f:ca:2e:e4:22:9a:23:f1:78:ff:ad:f8:
93:ee:94:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPoyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDY0MDI1WhcNMjcxMjEzMDY0MDI1WjAYMRYw
FAYDVQQDEw02NzdjY2M1Yy02OWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtHBLgv5T9PCZ62McN/CWYgedXAel3tXY3rtCMOlEwMHBkokF54YwJp84
aYEB8SLVXjU4Hdu3JrJwB+Z2Va/GXZqdk3yBAWuFn+XgJ4Q4M8zuArBCsOaBM0l5
jU6j+agYxT2ZC7/Fg1jHgn/M3GkrPpVkvf4/WruQYfcvBTLyw894jCgAPqHL0YGs
Yz80pUCGnwMY0xDe5DdUEq6s6B1wDDSqyJTOgpdv5LsbkTQKiToxv8CN8Mhr12iK
AURs62YsfnHzUVzR8P7iUFeYfeaEb/03r5s+zKXoajpd+6ZLPGUHhIcmXpqJwh1O
AHCmB8hB2vckdZZIeCpi905p1GGoDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKYw
x+ESQV0uVLR+/2cXaKHYzJzMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80ODg0QTE2NkNDQzIxMUVGODFFMEE3QTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkuMA0GCSqGSIb3DQEBCwUA
A4IBAQC3Xny4xQfThZYen1c9HEcO3L7R8Eki0bsMw/C6lAisUnZtQHONwLyf2TB0
dBp/cAxqU9TTx7P8Qhe3QvPmDgexJuWsZUquFDZjpU4LPTEkaFfi27ItZBC6ufis
Anfzq/1Fa7OFgiDaQ0LmzpwpfZtOpIHupvZhc+fLwi9KbnvKXNIuTFiMBM4yMySB
IjiGSoulmkJbkNZl1MygvRovY6BqJEG3+utNkp0Lk+6TusSBSAFDRIvE8WSzpTDm
0mZCaIm2o6LuDVnuJXQcfNhMSXGtjrIkHOWg0/2I60VZKJGLCyhoMIxV8uBAHNAz
kVlxxTuPyi7kIpoj8Xj/rfiT7pTx
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:09 2025 by rpki-client