Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4C81E4C8C94711EF95B7D97D762E951A.roa
File: 4C81E4C8C94711EF95B7D97D762E951A.roa (raw, json)
Hash identifier: YjdPZpoLjx7dGCcaMo88wAWXzmZRa0MhgPweWDrZrq4=
Subject key identifier: 63:01:4A:78:8D:41:F0:C7:0B:48:68:1D:F7:C5:2F:7C:5B:66:BE:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F36A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4C81E4C8C94711EF95B7D97D762E951A.roa
Signing time: Thu 02 Jan 2025 20:22:33 +0000
ROA not before: Thu 02 Jan 2025 20:22:30 +0000
ROA not after: Mon 13 Dec 2027 20:22:30 +0000
asID: 17561
IP address blocks: 156.225.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62314 (0xf36a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:22:30 2025 GMT
Not After : Dec 13 20:22:30 2027 GMT
Subject: CN=6776f589-5524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a3:67:5e:f7:d1:09:71:e1:7b:f7:9c:c3:55:
7f:cf:d7:68:00:e7:ea:eb:d4:1c:f7:ea:60:44:b2:
71:fc:60:a6:ee:94:67:60:5c:06:3c:48:ab:d3:16:
13:34:fd:d7:4f:06:89:66:8e:48:33:06:6d:15:12:
f1:01:f0:d7:4c:69:8e:9e:2f:b8:0e:b8:a0:4e:1c:
ff:63:fd:89:e2:ed:64:5e:e8:5a:b1:28:69:ad:f3:
ba:5f:17:94:82:07:c4:71:b8:8a:1f:b1:13:e2:d2:
d7:d7:8d:bf:a5:ec:70:b9:15:da:17:ca:4d:20:a0:
a4:50:e4:67:5b:d5:ca:b5:99:7a:e5:b4:71:a7:8c:
36:45:6a:37:6b:d9:7e:12:90:ef:81:06:12:da:19:
2b:41:df:e5:47:6c:a9:a0:5e:c9:52:5b:ec:c3:05:
40:db:68:55:0e:4e:b8:5f:e4:e1:b9:ce:46:16:db:
9e:e9:e3:0e:dd:04:d4:5e:9e:36:9a:18:5e:6f:9a:
2b:d5:06:17:6c:53:17:f3:77:02:fb:af:9c:68:26:
98:d9:1b:2e:a8:f9:b7:58:e8:f6:38:45:40:f8:73:
59:c2:91:ae:ab:92:a9:cd:87:f6:e6:d4:48:0c:eb:
f7:56:78:2a:77:50:a9:03:0d:f8:f3:c0:28:7b:df:
e7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:01:4A:78:8D:41:F0:C7:0B:48:68:1D:F7:C5:2F:7C:5B:66:BE:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4C81E4C8C94711EF95B7D97D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.48.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:2b:c6:e2:fc:24:b0:66:69:43:2b:c7:fe:71:85:af:86:55:
bb:ac:ab:c5:e0:7e:12:e8:83:58:b6:ed:d8:4f:a2:88:63:fe:
ee:9b:ac:43:50:9b:a3:6f:d4:4c:70:f8:18:38:96:91:d1:26:
04:69:bb:3f:bc:19:4b:77:5a:29:e8:4f:61:41:de:f8:ee:51:
29:4e:d9:ea:ac:c8:93:6a:4a:40:cb:b1:ae:ee:0e:6f:91:a1:
51:f0:f8:d5:7a:c4:1f:ac:7b:80:e3:61:af:0f:c8:b5:ee:6e:
67:1e:77:6f:6a:e7:95:f9:94:bc:3b:1e:9d:f8:13:60:af:69:
e1:79:50:5c:fb:91:93:c7:63:45:99:c5:8f:d1:d2:34:ae:6b:
a7:6f:97:a6:a0:b2:d3:97:3f:67:80:37:dc:67:52:5b:9f:24:
fc:a3:13:46:ed:ea:d9:26:31:84:ad:02:16:1e:1a:b7:c8:71:
0b:1e:33:4c:1d:cc:01:5c:8f:34:f1:ac:82:7c:b8:77:0f:b1:
b3:ea:f7:71:ea:0c:4f:12:f8:87:0b:99:67:ed:94:6d:79:7f:
75:07:c0:e9:1c:cc:42:1c:74:89:b6:00:27:07:f2:7d:bf:cc:
ff:2c:c0:90:f6:c3:a5:c3:a8:28:df:a4:d6:02:f7:d8:c9:38:
3c:f6:09:c5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPNqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjAyMjMwWhcNMjcxMjEzMjAyMjMwWjAYMRYw
FAYDVQQDEw02Nzc2ZjU4OS01NTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw6NnXvfRCXHhe/ecw1V/z9doAOfq69Qc9+pgRLJx/GCm7pRnYFwGPEir
0xYTNP3XTwaJZo5IMwZtFRLxAfDXTGmOni+4DrigThz/Y/2J4u1kXuhasShprfO6
XxeUggfEcbiKH7ET4tLX142/pexwuRXaF8pNIKCkUORnW9XKtZl65bRxp4w2RWo3
a9l+EpDvgQYS2hkrQd/lR2ypoF7JUlvswwVA22hVDk64X+Thuc5GFtue6eMO3QTU
Xp42mhheb5or1QYXbFMX83cC+6+caCaY2RsuqPm3WOj2OEVA+HNZwpGuq5KpzYf2
5tRIDOv3Vngqd1CpAw3488Aoe9/nwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGMB
SniNQfDHC0hoHffFL3xbZr6LMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QzgxRTRDOEM5NDcxMUVGOTVCN0Q5N0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEwMA0GCSqGSIb3DQEBCwUA
A4IBAQArK8bi/CSwZmlDK8f+cYWvhlW7rKvF4H4S6INYtu3YT6KIY/7um6xDUJuj
b9RMcPgYOJaR0SYEabs/vBlLd1op6E9hQd747lEpTtnqrMiTakpAy7Gu7g5vkaFR
8PjVesQfrHuA42GvD8i17m5nHndvaueV+ZS8Ox6d+BNgr2nheVBc+5GTx2NFmcWP
0dI0rmunb5emoLLTlz9ngDfcZ1JbnyT8oxNG7erZJjGErQIWHhq3yHELHjNMHcwB
XI808ayCfLh3D7Gz6vdx6gxPEviHC5ln7ZRteX91B8DpHMxCHHSJtgAnB/J9v8z/
LMCQ9sOlw6go36TWAvfYyTg89gnF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:30 2025 by rpki-client