Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A8F3814CD4811EF8216F76E762E951A.roa
File: 4A8F3814CD4811EF8216F76E762E951A.roa (raw, json)
Hash identifier: ObcdIei1swER+/vPWqv1sl7WpD7C4cIYQhzW0v6L2KA=
Subject key identifier: 03:2B:7E:36:77:28:1D:60:DF:0C:81:BB:6A:66:D8:FC:C4:2B:94:D2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEA9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A8F3814CD4811EF8216F76E762E951A.roa
Signing time: Tue 07 Jan 2025 22:39:44 +0000
ROA not before: Tue 07 Jan 2025 22:39:41 +0000
ROA not after: Mon 13 Dec 2027 22:39:41 +0000
asID: 17561
IP address blocks: 156.246.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65193 (0xfea9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:39:41 2025 GMT
Not After : Dec 13 22:39:41 2027 GMT
Subject: CN=677dad30-b42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ad:03:cf:6d:c8:5b:44:73:f0:6b:60:80:72:
55:3e:88:75:57:03:61:6a:c2:06:1f:7c:8d:a1:cb:
75:c6:42:92:2e:74:8e:d2:32:a8:6c:55:76:7d:34:
32:2d:fa:d8:9f:81:18:b9:fd:90:3d:bd:75:9c:3c:
a8:fd:b2:b7:06:74:18:62:7f:d0:78:41:fb:1c:7c:
99:92:ab:57:e7:46:13:f0:4e:be:a9:74:e7:6d:41:
33:93:2b:ed:99:ea:92:02:16:3e:7f:fb:ca:9e:da:
de:b7:0d:b2:50:0b:67:5a:79:ff:2d:66:bd:63:fa:
8e:c3:7c:c3:5c:e6:35:c6:bb:ea:95:fe:78:09:69:
9a:7d:74:08:68:f4:60:3d:c7:f4:be:9d:62:74:7c:
ab:ba:62:37:5a:ee:40:6e:5b:31:29:da:84:8c:58:
98:e4:f2:d1:1a:c3:ed:8b:ae:08:27:ee:c6:6d:77:
a2:6d:8e:d7:29:f9:9b:d3:33:73:1d:78:cd:01:72:
f0:d6:fb:0b:c6:52:da:da:98:b9:10:f4:25:e5:46:
0e:3e:51:09:f8:43:8e:ff:d5:91:70:93:e8:00:0f:
b3:67:b9:5b:1e:ac:ac:e3:89:93:71:4e:dc:fd:03:
5c:1e:72:8f:b6:c5:91:41:ce:28:3c:9e:ba:d5:ee:
f8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:2B:7E:36:77:28:1D:60:DF:0C:81:BB:6A:66:D8:FC:C4:2B:94:D2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A8F3814CD4811EF8216F76E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.21.0/24
Signature Algorithm: sha256WithRSAEncryption
70:df:fe:e9:ea:72:39:42:92:6c:f9:09:42:de:4a:c2:58:f7:
57:12:df:34:a0:77:9c:0c:6e:a8:f9:e8:f0:55:a5:07:4a:7a:
54:03:a3:2b:64:c2:a8:ed:c4:39:af:53:a1:ae:23:a7:57:a1:
54:2b:ea:b7:25:f5:b3:80:15:0c:5c:10:7e:c8:d9:68:3d:11:
9b:09:d5:7b:96:22:0e:35:09:8f:4a:11:03:54:8f:ff:db:04:
dc:10:80:e0:d3:53:c8:0e:f6:b9:1b:46:db:46:66:9a:71:e1:
9f:5a:f1:60:17:e0:4a:c7:20:c5:73:ec:80:16:d5:7e:1f:20:
b1:18:30:56:69:91:12:91:5e:b2:6c:34:6f:9e:45:e1:61:35:
3b:02:fd:c6:59:6d:a6:d3:f6:ec:d2:36:6d:91:57:0f:f9:bc:
9c:de:e0:00:d0:f8:5d:be:8a:d3:7d:10:b3:b1:74:57:6a:a3:
c6:20:9a:7c:95:94:83:6b:9d:1f:7f:08:be:ea:0b:5b:75:c1:
ab:15:7a:df:5e:54:fe:75:56:da:ac:01:e8:8a:07:52:46:e6:
83:96:ff:9f:5e:98:05:95:8a:8f:2d:22:de:54:3f:3a:af:b9:
e1:60:f6:19:c5:cf:3f:fe:cb:97:ac:24:ad:8e:26:c7:84:96:
ec:97:11:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjIzOTQxWhcNMjcxMjEzMjIzOTQxWjAYMRYw
FAYDVQQDEw02NzdkYWQzMC1iNDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzq0Dz23IW0Rz8GtggHJVPoh1VwNhasIGH3yNoct1xkKSLnSO0jKobFV2
fTQyLfrYn4EYuf2QPb11nDyo/bK3BnQYYn/QeEH7HHyZkqtX50YT8E6+qXTnbUEz
kyvtmeqSAhY+f/vKntretw2yUAtnWnn/LWa9Y/qOw3zDXOY1xrvqlf54CWmafXQI
aPRgPcf0vp1idHyrumI3Wu5AblsxKdqEjFiY5PLRGsPti64IJ+7GbXeibY7XKfmb
0zNzHXjNAXLw1vsLxlLa2pi5EPQl5UYOPlEJ+EOO/9WRcJPoAA+zZ7lbHqys44mT
cU7c/QNcHnKPtsWRQc4oPJ661e74swIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAMr
fjZ3KB1g3wyBu2pm2PzEK5TSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QThGMzgxNENENDgxMUVGODIxNkY3NkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPYVMA0GCSqGSIb3DQEBCwUA
A4IBAQBw3/7p6nI5QpJs+QlC3krCWPdXEt80oHecDG6o+ejwVaUHSnpUA6MrZMKo
7cQ5r1OhriOnV6FUK+q3JfWzgBUMXBB+yNloPRGbCdV7liIONQmPShEDVI//2wTc
EIDg01PIDva5G0bbRmaaceGfWvFgF+BKxyDFc+yAFtV+HyCxGDBWaZESkV6ybDRv
nkXhYTU7Av3GWW2m0/bs0jZtkVcP+byc3uAA0PhdvorTfRCzsXRXaqPGIJp8lZSD
a50ffwi+6gtbdcGrFXrfXlT+dVbarAHoigdSRuaDlv+fXpgFlYqPLSLeVD86r7nh
YPYZxc8//suXrCStjibHhJbslxGB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:32 2025 by rpki-client