Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AB50EAEC32F11EF91D78943762E951A.roa
File: 4AB50EAEC32F11EF91D78943762E951A.roa (raw, json)
Hash identifier: jWZIY5AIm77rgXBf8AGJMwQhA451Z0hM3Dqnw/YYc3M=
Subject key identifier: FF:49:57:D3:92:73:3B:76:2F:F2:49:DC:93:ED:3B:09:67:F7:A0:CE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAF9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AB50EAEC32F11EF91D78943762E951A.roa
Signing time: Thu 26 Dec 2024 02:15:36 +0000
ROA not before: Thu 26 Dec 2024 02:15:32 +0000
ROA not after: Wed 10 Dec 2025 02:15:32 +0000
asID: 984
IP address blocks: 156.243.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60153 (0xeaf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:15:32 2024 GMT
Not After : Dec 10 02:15:32 2025 GMT
Subject: CN=676cbc47-d3cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:36:ea:37:22:14:0a:55:1e:1a:ac:33:ab:5c:
83:1a:4f:b3:71:ce:8f:04:b7:b9:57:38:19:61:4e:
03:9d:14:85:ed:51:ac:70:b2:50:d3:c5:41:53:a4:
46:a0:a5:64:ce:0b:57:0f:cb:43:da:20:cd:b9:22:
64:63:00:76:5c:f1:72:fb:bb:4a:04:69:6d:81:44:
4b:9c:93:96:0d:fa:d9:dd:b0:75:18:3f:30:30:dd:
a5:79:f4:d7:a9:a4:36:3a:3b:e2:e8:70:39:35:e6:
9f:80:d4:b6:22:7d:ce:2c:e1:0b:9d:5a:51:d3:97:
69:f0:44:99:14:e9:c3:4e:3b:b3:b0:6d:60:cf:e1:
14:96:83:60:b4:16:35:04:b2:8f:a4:0b:33:ee:23:
e7:2b:c0:61:62:bf:13:6f:3b:52:2b:52:bc:b7:30:
7a:3f:fd:8e:b3:5e:12:ce:f2:43:2f:29:39:22:62:
67:d7:4f:fa:81:10:14:b9:7c:cd:1b:75:cf:f4:dd:
f2:d3:90:a1:64:d7:79:e1:59:1b:b0:9c:cb:d0:3e:
50:d3:b7:bb:92:7a:dd:79:0f:2c:c1:84:81:90:fe:
8e:66:22:88:cb:0d:bd:df:f5:45:26:7c:cb:60:42:
02:3c:60:c6:79:47:45:b7:60:ed:2d:b0:f9:14:d8:
3b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:49:57:D3:92:73:3B:76:2F:F2:49:DC:93:ED:3B:09:67:F7:A0:CE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AB50EAEC32F11EF91D78943762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.227.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:01:c0:0e:44:18:43:40:e3:f0:dd:eb:dd:b9:19:82:a6:d4:
94:e6:88:c0:fd:09:19:85:bd:ff:ee:30:a8:e4:01:3d:d0:61:
7a:f7:5f:a2:35:0c:af:df:a2:6b:03:3d:4d:9f:e4:98:dd:33:
b6:e2:f0:49:28:bd:92:71:40:9a:c7:5d:83:93:de:64:59:dd:
bb:0d:d5:65:da:2e:83:ee:f6:ba:ec:c9:4d:7c:da:6e:27:2f:
8d:da:95:01:92:9f:04:fa:41:30:75:d3:05:41:f9:14:62:c6:
77:3d:a2:cc:57:71:9a:77:94:0a:f1:a8:23:b5:50:54:41:e1:
38:44:0c:41:e7:f9:2e:9a:6d:23:e8:61:3f:e7:51:b0:87:23:
21:3d:ca:ba:24:e0:24:08:35:33:3b:72:fc:5b:9a:90:2e:05:
1e:fc:ca:20:8f:bd:ac:7e:a3:91:5b:45:e6:0a:f0:d9:fd:fc:
ee:8b:36:da:a5:11:74:c8:cf:01:1a:0c:58:83:30:0b:71:f6:
41:55:4b:88:d4:40:32:93:13:1e:65:f0:01:a1:60:ab:7c:e0:
0e:ba:72:c5:34:58:62:69:f8:14:13:1c:20:16:63:7c:d1:da:
59:bf:3a:1c:1b:d3:77:78:7e:fc:ee:98:e8:f5:ae:10:ea:b8:
d5:c2:70:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOr5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIxNTMyWhcNMjUxMjEwMDIxNTMyWjAYMRYw
FAYDVQQDEw02NzZjYmM0Ny1kM2NkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5TbqNyIUClUeGqwzq1yDGk+zcc6PBLe5VzgZYU4DnRSF7VGscLJQ08VB
U6RGoKVkzgtXD8tD2iDNuSJkYwB2XPFy+7tKBGltgURLnJOWDfrZ3bB1GD8wMN2l
efTXqaQ2Ojvi6HA5NeafgNS2In3OLOELnVpR05dp8ESZFOnDTjuzsG1gz+EUloNg
tBY1BLKPpAsz7iPnK8BhYr8TbztSK1K8tzB6P/2Os14SzvJDLyk5ImJn10/6gRAU
uXzNG3XP9N3y05ChZNd54VkbsJzL0D5Q07e7knrdeQ8swYSBkP6OZiKIyw293/VF
JnzLYEICPGDGeUdFt2DtLbD5FNg76wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP9J
V9OSczt2L/JJ3JPtOwln96DOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QUI1MEVBRUMzMkYxMUVGOTFENzg5NDM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPjMA0GCSqGSIb3DQEBCwUA
A4IBAQCPAcAORBhDQOPw3evduRmCptSU5ojA/QkZhb3/7jCo5AE90GF691+iNQyv
36JrAz1Nn+SY3TO24vBJKL2ScUCax12Dk95kWd27DdVl2i6D7va67MlNfNpuJy+N
2pUBkp8E+kEwddMFQfkUYsZ3PaLMV3Gad5QK8agjtVBUQeE4RAxB5/kumm0j6GE/
51GwhyMhPcq6JOAkCDUzO3L8W5qQLgUe/Mogj72sfqORW0XmCvDZ/fzuizbapRF0
yM8BGgxYgzALcfZBVUuI1EAykxMeZfABoWCrfOAOunLFNFhiafgUExwgFmN80dpZ
vzocG9N3eH787pjo9a4Q6rjVwnAh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:39 2025 by rpki-client