Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A4E2E12CCAF11EF9919C0AB762E951A.roa
File: 4A4E2E12CCAF11EF9919C0AB762E951A.roa (raw, json)
Hash identifier: KcToCrEPnMlgq79ukaVpeUw+vW6oIM8H/SVbn0MqX8c=
Subject key identifier: A6:47:30:CD:CD:BE:93:29:50:E0:81:95:78:76:8A:A6:58:51:5C:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9EA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A4E2E12CCAF11EF9919C0AB762E951A.roa
Signing time: Tue 07 Jan 2025 04:24:31 +0000
ROA not before: Tue 07 Jan 2025 04:24:27 +0000
ROA not after: Sat 13 Dec 2025 04:24:27 +0000
asID: 984
IP address blocks: 156.232.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63978 (0xf9ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:24:27 2025 GMT
Not After : Dec 13 04:24:27 2025 GMT
Subject: CN=677cac7f-1be4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:71:ff:50:58:78:95:04:e2:ac:a5:0a:1e:80:
94:9c:34:e1:84:15:cb:62:60:6c:fb:51:25:7f:59:
25:ce:ee:d5:f6:89:04:b1:27:54:31:a7:9f:03:31:
58:d6:50:ab:93:69:b0:0c:c8:a2:a5:c9:76:65:01:
b8:58:fb:c1:18:34:c4:70:18:02:d6:bd:d4:e8:1f:
a1:ff:26:d6:96:5b:b5:2f:bc:97:11:d0:f2:81:c8:
1a:e3:e4:56:84:43:f7:e4:a9:59:78:43:f6:e2:a3:
a5:15:ef:fe:4b:94:18:99:25:de:18:16:9a:3a:ae:
da:f9:04:fd:cb:22:96:bd:62:50:3d:3a:36:ae:26:
10:9b:5a:c2:75:cc:5b:15:91:e9:ed:ed:a9:af:8c:
e4:0a:24:cc:48:4a:2d:0d:38:45:de:b5:02:5c:bd:
da:a2:c9:0a:1b:ac:96:c6:42:c9:8b:b7:cb:e2:7a:
1c:54:9f:34:ab:b5:98:9a:3b:ee:d9:ec:cd:ef:49:
51:23:5e:b0:ee:be:7d:51:36:62:4b:8f:e2:3c:85:
a1:11:62:b7:78:65:74:68:ff:a7:da:d0:aa:0d:30:
bf:21:a8:d1:73:34:b4:f8:42:2b:3d:c2:9a:01:64:
7f:6e:0d:c3:3e:48:0e:20:8a:fc:91:ef:e3:2e:9e:
07:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:47:30:CD:CD:BE:93:29:50:E0:81:95:78:76:8A:A6:58:51:5C:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A4E2E12CCAF11EF9919C0AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.69.0/24
Signature Algorithm: sha256WithRSAEncryption
72:bc:a4:38:2a:48:2a:11:8a:78:8a:53:0b:b7:ea:1a:d4:70:
17:b6:1e:47:6c:16:10:74:23:f6:7c:34:78:c6:f9:00:86:a6:
58:a0:b6:5c:cd:a8:c3:88:58:62:4f:d3:fc:b6:2b:7e:b3:a0:
5e:f1:50:36:03:a6:33:40:58:cd:be:de:5e:81:39:db:3e:9b:
13:14:88:05:00:6a:28:7c:93:84:9b:c9:5a:76:b8:d7:b1:a3:
3d:55:50:e9:b4:37:2d:44:f4:9a:58:61:c4:63:5a:b5:49:2f:
d3:34:3c:7f:ca:bf:03:a3:01:e3:4b:b2:e3:7f:5d:dd:31:b1:
21:b5:48:d5:a2:e7:8a:b8:3b:ef:12:b7:ea:de:0a:23:59:6c:
72:fb:05:54:5c:1b:30:99:89:e2:64:95:1b:7a:54:1f:0a:af:
73:dc:d9:c1:03:7d:1c:0c:e1:59:fe:b0:9a:48:b4:f4:fa:a7:
de:a6:84:2a:68:9e:72:01:84:91:b7:c7:08:e7:c8:ea:0e:e9:
11:47:ee:60:2b:bf:bf:91:69:b8:46:fc:7a:71:a7:57:43:94:
34:ff:04:d1:80:b8:78:ac:c5:ca:b6:92:fd:f0:44:7c:29:c9:
b9:a0:16:df:5d:e9:fe:a5:f7:33:b8:0b:ac:85:f7:8d:5e:6c:
a7:76:d1:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPnqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQyNDI3WhcNMjUxMjEzMDQyNDI3WjAYMRYw
FAYDVQQDEw02NzdjYWM3Zi0xYmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyXH/UFh4lQTirKUKHoCUnDThhBXLYmBs+1Elf1klzu7V9okEsSdUMaef
AzFY1lCrk2mwDMiipcl2ZQG4WPvBGDTEcBgC1r3U6B+h/ybWllu1L7yXEdDygcga
4+RWhEP35KlZeEP24qOlFe/+S5QYmSXeGBaaOq7a+QT9yyKWvWJQPTo2riYQm1rC
dcxbFZHp7e2pr4zkCiTMSEotDThF3rUCXL3aoskKG6yWxkLJi7fL4nocVJ80q7WY
mjvu2ezN70lRI16w7r59UTZiS4/iPIWhEWK3eGV0aP+n2tCqDTC/IajRczS0+EIr
PcKaAWR/bg3DPkgOIIr8ke/jLp4HlQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKZH
MM3NvpMpUOCBlXh2iqZYUVyLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QTRFMkUxMkNDQUYxMUVGOTkxOUMwQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhFMA0GCSqGSIb3DQEBCwUA
A4IBAQByvKQ4KkgqEYp4ilMLt+oa1HAXth5HbBYQdCP2fDR4xvkAhqZYoLZczajD
iFhiT9P8tit+s6Be8VA2A6YzQFjNvt5egTnbPpsTFIgFAGoofJOEm8ladrjXsaM9
VVDptDctRPSaWGHEY1q1SS/TNDx/yr8DowHjS7Ljf13dMbEhtUjVoueKuDvvErfq
3gojWWxy+wVUXBswmYniZJUbelQfCq9z3NnBA30cDOFZ/rCaSLT0+qfepoQqaJ5y
AYSRt8cI58jqDukRR+5gK7+/kWm4Rvx6cadXQ5Q0/wTRgLh4rMXKtpL98ER8Kcm5
oBbfXen+pfczuAushfeNXmyndtES
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:46 2025 by rpki-client