Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4C67DE72C32D11EF9C8E03B3762E951A.roa
File: 4C67DE72C32D11EF9C8E03B3762E951A.roa (raw, json)
Hash identifier: Knlct4doaMY3lay3WKGRSTjXDzItONVIVE+qUZa94Dw=
Subject key identifier: 9A:F2:49:71:77:10:72:B5:4B:F2:4C:40:7F:3C:78:A5:7B:97:27:A4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAE1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4C67DE72C32D11EF9C8E03B3762E951A.roa
Signing time: Thu 26 Dec 2024 02:01:19 +0000
ROA not before: Thu 26 Dec 2024 02:01:16 +0000
ROA not after: Wed 10 Dec 2025 02:01:16 +0000
asID: 984
IP address blocks: 156.243.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60129 (0xeae1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:01:16 2024 GMT
Not After : Dec 10 02:01:16 2025 GMT
Subject: CN=676cb8ef-503d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6f:e7:80:02:d4:7b:b5:cb:a2:b8:c5:45:6d:
82:52:f7:e5:37:8f:c7:f5:81:95:56:18:aa:11:86:
9a:1d:e3:3e:f0:8d:07:b8:b0:6b:8b:ad:a4:c6:7a:
ea:7b:15:ae:0b:50:92:08:39:c2:d1:fb:23:b1:ef:
56:fb:7a:e4:3f:03:e9:8b:a1:ab:39:a0:11:ca:ee:
9c:14:37:c1:3d:d7:b4:ca:86:38:c8:2c:03:50:0e:
24:cf:b4:f1:38:d4:a8:d6:95:c6:51:ea:4a:4b:40:
0a:6e:64:1b:ba:a1:13:57:b9:69:aa:ca:69:89:b7:
75:52:05:36:bf:a2:2b:8e:75:7f:73:fc:16:f6:fb:
13:e9:25:40:fc:4e:30:2f:af:bb:bf:d4:66:f0:57:
b6:c9:53:3c:e3:82:a1:db:9f:8d:9b:2d:b4:cb:3a:
0c:ef:94:14:7c:53:95:46:d9:d7:20:a4:dc:df:4d:
6d:8d:d3:d7:cd:64:55:b8:aa:25:5a:9d:86:c7:c7:
49:68:e5:38:eb:ef:87:ac:8f:17:d8:ce:08:dc:d7:
53:6a:11:78:96:76:71:37:85:0c:a8:77:15:3e:98:
bf:c3:e9:cc:dd:63:d8:ae:15:27:b9:f5:34:35:2d:
fd:6c:c3:e7:a7:d7:1f:85:48:9e:75:d3:5c:16:cc:
87:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F2:49:71:77:10:72:B5:4B:F2:4C:40:7F:3C:78:A5:7B:97:27:A4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4C67DE72C32D11EF9C8E03B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.209.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:67:8c:20:26:f6:06:3f:c1:f5:b1:e2:05:8d:0a:4e:cb:f8:
69:7d:58:4a:cd:79:01:a6:a7:85:85:77:f2:dd:d6:73:42:93:
8b:d2:19:65:65:c5:8e:ff:54:f2:54:b6:af:50:00:a3:71:0a:
63:fb:19:d6:2b:0b:e2:da:22:5d:74:be:da:af:cf:f4:31:29:
ba:7c:c1:80:d2:3e:5d:d2:d6:8c:e0:f5:32:0f:23:20:43:26:
1e:a8:26:85:f8:b9:b8:7b:3b:a5:65:b1:3a:48:3b:be:03:a6:
1f:fd:bd:12:d3:1b:63:3e:df:69:42:a8:5e:0c:72:09:49:81:
0c:a8:71:6b:ef:cf:d3:a5:5d:6c:c0:cf:f8:7a:c1:f4:ca:f0:
a5:29:ad:eb:dc:03:de:99:44:6c:95:74:81:48:f4:bb:26:48:
54:df:ab:b4:4b:13:3b:28:53:33:22:c8:5d:57:73:81:a2:a4:
ea:43:b0:4b:cc:ac:5b:73:52:f2:21:ad:24:5f:3e:4c:a2:76:
e9:ec:f8:56:a7:36:ab:e6:63:69:92:0f:ef:31:de:cc:ed:11:
bd:24:11:a9:c2:7b:f8:06:94:bb:e0:ae:a1:33:6e:3c:eb:67:
05:cb:26:4c:5c:3a:16:2f:74:25:53:4b:0e:4e:0d:ac:30:20:
fa:38:0d:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIwMTE2WhcNMjUxMjEwMDIwMTE2WjAYMRYw
FAYDVQQDEw02NzZjYjhlZi01MDNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6m/ngALUe7XLorjFRW2CUvflN4/H9YGVVhiqEYaaHeM+8I0HuLBri62k
xnrqexWuC1CSCDnC0fsjse9W+3rkPwPpi6GrOaARyu6cFDfBPde0yoY4yCwDUA4k
z7TxONSo1pXGUepKS0AKbmQbuqETV7lpqsppibd1UgU2v6IrjnV/c/wW9vsT6SVA
/E4wL6+7v9Rm8Fe2yVM844Kh25+Nmy20yzoM75QUfFOVRtnXIKTc301tjdPXzWRV
uKolWp2Gx8dJaOU46++HrI8X2M4I3NdTahF4lnZxN4UMqHcVPpi/w+nM3WPYrhUn
ufU0NS39bMPnp9cfhUieddNcFsyHNQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJry
SXF3EHK1S/JMQH88eKV7lyekMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QzY3REU3MkMzMkQxMUVGOUM4RTAzQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPRMA0GCSqGSIb3DQEBCwUA
A4IBAQBLZ4wgJvYGP8H1seIFjQpOy/hpfVhKzXkBpqeFhXfy3dZzQpOL0hllZcWO
/1TyVLavUACjcQpj+xnWKwvi2iJddL7ar8/0MSm6fMGA0j5d0taM4PUyDyMgQyYe
qCaF+Lm4ezulZbE6SDu+A6Yf/b0S0xtjPt9pQqheDHIJSYEMqHFr78/TpV1swM/4
esH0yvClKa3r3APemURslXSBSPS7JkhU36u0SxM7KFMzIshdV3OBoqTqQ7BLzKxb
c1LyIa0kXz5Monbp7PhWpzar5mNpkg/vMd7M7RG9JBGpwnv4BpS74K6hM24862cF
yyZMXDoWL3QlU0sOTg2sMCD6OA1Y
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:10 2025 by rpki-client