Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B9A4362CC0711EF8F71EA7B762E951A.roa
File: 4B9A4362CC0711EF8F71EA7B762E951A.roa (raw, json)
Hash identifier: ro75VOUhcWFCrYGcQRPqafhvu+2kM8Fr90q57tOs0FA=
Subject key identifier: C9:6F:C4:C9:B2:D0:A0:BE:A8:9C:FD:F9:DB:DB:F2:E8:8F:7D:DB:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F847
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B9A4362CC0711EF8F71EA7B762E951A.roa
Signing time: Mon 06 Jan 2025 08:21:58 +0000
ROA not before: Mon 06 Jan 2025 08:21:54 +0000
ROA not after: Fri 07 Mar 2025 08:21:54 +0000
asID: 135377
IP address blocks: 156.229.24.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63559 (0xf847)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 08:21:54 2025 GMT
Not After : Mar 7 08:21:54 2025 GMT
Subject: CN=677b92a6-f1a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b3:53:c9:fb:21:27:a7:db:b3:3e:6d:9b:82:
0f:8c:11:c0:50:c9:8c:ea:9d:29:5a:05:1f:ad:20:
e7:bf:ab:03:9e:bc:d6:91:e4:94:7c:95:56:77:9b:
e7:82:fd:e2:8e:03:c2:9e:fb:5b:b7:88:df:3a:94:
1b:36:1d:4c:b0:82:8b:8b:88:01:24:e6:7c:9e:5b:
15:c8:dd:c2:b1:b4:fc:3b:b8:f5:41:fe:82:40:8c:
f7:cc:66:a7:7a:30:41:f2:28:8a:d9:9d:9e:0b:64:
ae:26:66:52:93:51:f3:8c:5c:a2:12:86:72:e7:57:
ce:b2:44:80:ed:08:dd:89:d5:99:2f:75:1d:31:6a:
1d:b6:72:e0:6d:8b:ea:df:3c:73:48:46:fb:6a:0b:
a2:7d:e3:22:5d:f4:a9:e6:97:2d:7f:f2:24:0e:c9:
21:95:cc:54:84:80:ea:6d:38:2b:3f:36:06:1d:bc:
07:dc:db:a1:3a:4c:7a:b2:d3:a4:ad:5d:af:1f:4d:
4d:80:e3:16:f5:db:eb:d5:eb:9c:d4:95:45:3b:5e:
81:94:9f:92:7a:21:e9:23:ba:18:91:71:d6:db:9e:
f5:dd:43:e3:da:11:25:98:8c:c5:8c:25:5b:97:59:
ab:77:90:1e:bb:4b:e5:c6:11:3b:f1:d4:17:1b:0d:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:6F:C4:C9:B2:D0:A0:BE:A8:9C:FD:F9:DB:DB:F2:E8:8F:7D:DB:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B9A4362CC0711EF8F71EA7B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.24.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:e4:5d:b1:e5:63:52:29:dc:82:54:4e:0c:ef:44:97:6e:8d:
7e:b3:eb:8b:cf:d2:8b:b0:6b:d8:a4:34:8c:93:3c:28:cc:be:
7e:a4:9f:54:99:16:72:f8:3b:49:81:7a:c9:fe:a6:a8:0d:a6:
15:64:84:0a:73:11:b7:20:f6:bc:67:4e:19:eb:ae:54:aa:f0:
2f:cd:da:ce:fd:dc:4c:84:87:d5:a3:7a:2f:ac:cc:3b:97:1d:
3b:7f:ef:ca:4c:42:50:be:de:65:7b:3f:5a:1d:49:95:b4:9f:
e4:3f:cc:b2:d7:2b:86:7e:ed:4a:0a:78:de:87:6b:0c:c4:6a:
f4:3d:93:70:1e:bd:05:34:50:d2:cb:64:3b:e4:7f:c0:0d:ae:
2d:44:25:4f:6f:17:1c:7d:40:f1:89:45:6d:22:3f:1b:64:9f:
0b:5a:b7:93:19:4d:83:f1:45:ce:4d:af:de:52:31:59:3d:38:
50:f5:dc:88:b3:89:35:61:6f:1d:fb:a0:2d:e8:5f:d6:1c:d3:
5a:3a:c1:69:07:bb:30:23:39:64:17:43:87:dc:21:f9:23:f1:
17:fe:42:f8:e2:e7:ce:20:d2:c2:b3:c4:e3:d4:e7:a1:a7:7f:
11:b9:3e:3d:60:4c:98:82:36:90:b1:9c:b2:5f:85:a2:9c:d1:
41:93:8d:8c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPhHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDgyMTU0WhcNMjUwMzA3MDgyMTU0WjAYMRYw
FAYDVQQDEw02NzdiOTJhNi1mMWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx7NTyfshJ6fbsz5tm4IPjBHAUMmM6p0pWgUfrSDnv6sDnrzWkeSUfJVW
d5vngv3ijgPCnvtbt4jfOpQbNh1MsIKLi4gBJOZ8nlsVyN3CsbT8O7j1Qf6CQIz3
zGanejBB8iiK2Z2eC2SuJmZSk1HzjFyiEoZy51fOskSA7QjdidWZL3UdMWodtnLg
bYvq3zxzSEb7aguifeMiXfSp5pctf/IkDskhlcxUhIDqbTgrPzYGHbwH3NuhOkx6
stOkrV2vH01NgOMW9dvr1euc1JVFO16BlJ+SeiHpI7oYkXHW25713UPj2hElmIzF
jCVbl1mrd5Aeu0vlxhE78dQXGw38xQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMlv
xMmy0KC+qJz9+dvb8uiPfdtJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QjlBNDM2MkNDMDcxMUVGOEY3MUVBN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOUYMA0GCSqGSIb3DQEBCwUA
A4IBAQAP5F2x5WNSKdyCVE4M70SXbo1+s+uLz9KLsGvYpDSMkzwozL5+pJ9UmRZy
+DtJgXrJ/qaoDaYVZIQKcxG3IPa8Z04Z665UqvAvzdrO/dxMhIfVo3ovrMw7lx07
f+/KTEJQvt5lez9aHUmVtJ/kP8yy1yuGfu1KCnjeh2sMxGr0PZNwHr0FNFDSy2Q7
5H/ADa4tRCVPbxccfUDxiUVtIj8bZJ8LWreTGU2D8UXOTa/eUjFZPThQ9dyIs4k1
YW8d+6At6F/WHNNaOsFpB7swIzlkF0OH3CH5I/EX/kL44ufOINLCs8Tj1Oehp38R
uT49YEyYgjaQsZyyX4WinNFBk42M
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:42 2025 by rpki-client