Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D947A86CD0411EFBB405345762E951A.roa
File: 4D947A86CD0411EFBB405345762E951A.roa (raw, json)
Hash identifier: K8o3o+gfR8r8jXow63RL5YTIlRDGPA9ve/MQZ281fWE=
Subject key identifier: 8A:0D:77:30:90:EF:20:A6:0D:0B:FF:23:59:A8:4E:6D:A9:32:B2:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC8B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D947A86CD0411EFBB405345762E951A.roa
Signing time: Tue 07 Jan 2025 14:33:04 +0000
ROA not before: Tue 07 Jan 2025 14:33:00 +0000
ROA not after: Mon 13 Dec 2027 14:33:00 +0000
asID: 17561
IP address blocks: 156.238.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64651 (0xfc8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:33:00 2025 GMT
Not After : Dec 13 14:33:00 2027 GMT
Subject: CN=677d3b20-f8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2c:6c:78:1d:b4:10:a7:64:8a:ee:17:e8:4e:
80:5a:b3:43:6f:20:c0:d8:5a:5e:b3:53:fb:5c:45:
bc:97:2e:fc:71:67:51:59:2e:42:f5:ee:6b:6b:12:
85:12:d0:e3:cc:d3:5a:72:84:c6:29:6c:54:ff:67:
ac:13:8b:29:38:06:7c:e8:85:f8:35:c3:ae:93:4e:
72:ec:ce:75:d4:5d:51:28:7f:ab:19:a4:0b:0a:cf:
b3:8e:69:d9:72:0d:e1:de:85:d2:7b:54:1f:69:3e:
bf:ad:b6:7e:10:5c:75:3a:ce:a4:b3:80:c2:df:25:
47:08:51:65:0a:a7:0f:09:c1:04:15:2e:66:67:e2:
99:32:2c:cd:15:14:28:b2:69:a9:f5:ab:56:1f:ee:
c2:07:15:2a:06:b2:9b:ec:72:c7:42:81:75:e1:59:
d0:74:d9:61:88:c7:ba:db:44:7f:da:53:9e:ae:07:
b6:bd:b8:10:bb:76:b9:a4:a5:d3:ad:d8:b9:e3:db:
c6:51:c0:38:8e:cc:b6:21:40:c4:97:b4:af:56:4d:
e6:f1:57:56:31:92:d2:e0:de:83:23:38:88:ea:58:
99:07:37:fe:5e:70:be:ec:46:b8:2f:7c:80:f5:fc:
2e:bc:80:70:9b:b1:54:1f:50:1d:b3:30:3f:a1:73:
24:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0D:77:30:90:EF:20:A6:0D:0B:FF:23:59:A8:4E:6D:A9:32:B2:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D947A86CD0411EFBB405345762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.187.0/24
Signature Algorithm: sha256WithRSAEncryption
33:e1:3b:02:d1:78:68:80:ca:60:fd:28:f9:04:8c:b7:8d:82:
0c:e3:1f:95:43:88:b5:8e:50:27:9d:3e:29:24:9b:7f:09:f9:
b2:03:04:48:f2:3c:ae:f2:4b:6b:a1:85:05:1f:6e:44:85:a2:
47:d8:3f:ca:6b:7a:3c:c2:09:0c:af:eb:76:3e:bf:5b:a0:d8:
09:ca:4f:97:fb:e3:66:11:8c:1b:f0:9c:97:7a:99:b5:52:6f:
5f:3b:cb:1b:ce:13:89:17:ce:dd:04:6c:4b:e5:bd:88:a2:63:
e9:2f:cd:ab:80:43:7b:05:1d:d9:a2:4c:8c:b5:3c:57:23:f2:
11:36:8f:ec:97:f5:fc:dc:70:e4:56:d6:6b:76:75:1e:12:80:
a0:77:00:c2:65:9c:ad:4b:bb:78:99:ec:72:33:7e:0f:b6:43:
0b:7e:a5:29:51:b0:ff:3f:70:6b:42:33:4a:0a:8e:d6:2b:0c:
80:8c:ad:1f:58:23:12:70:8b:cc:7b:48:62:0c:7b:e0:33:ee:
3e:75:d2:6d:64:1c:e2:be:97:b1:1d:bf:e9:bb:f6:9e:a7:de:
f4:18:0c:e0:c0:84:f4:91:43:51:e0:b5:2b:77:53:d9:73:c6:
2d:e5:33:31:16:be:48:53:1d:71:c1:b9:07:b6:56:88:97:fa:
0d:7a:76:d3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPyLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQzMzAwWhcNMjcxMjEzMTQzMzAwWjAYMRYw
FAYDVQQDEw02NzdkM2IyMC1mOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8yxseB20EKdkiu4X6E6AWrNDbyDA2Fpes1P7XEW8ly78cWdRWS5C9e5r
axKFEtDjzNNacoTGKWxU/2esE4spOAZ86IX4NcOuk05y7M511F1RKH+rGaQLCs+z
jmnZcg3h3oXSe1QfaT6/rbZ+EFx1Os6ks4DC3yVHCFFlCqcPCcEEFS5mZ+KZMizN
FRQosmmp9atWH+7CBxUqBrKb7HLHQoF14VnQdNlhiMe620R/2lOerge2vbgQu3a5
pKXTrdi549vGUcA4jsy2IUDEl7SvVk3m8VdWMZLS4N6DIziI6liZBzf+XnC+7Ea4
L3yA9fwuvIBwm7FUH1AdszA/oXMkQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIoN
dzCQ7yCmDQv/I1moTm2pMrLeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDk0N0E4NkNEMDQxMUVGQkI0MDUzNDU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO67MA0GCSqGSIb3DQEBCwUA
A4IBAQAz4TsC0XhogMpg/Sj5BIy3jYIM4x+VQ4i1jlAnnT4pJJt/CfmyAwRI8jyu
8ktroYUFH25EhaJH2D/Ka3o8wgkMr+t2Pr9boNgJyk+X++NmEYwb8JyXepm1Um9f
O8sbzhOJF87dBGxL5b2IomPpL82rgEN7BR3ZokyMtTxXI/IRNo/sl/X83HDkVtZr
dnUeEoCgdwDCZZytS7t4mexyM34PtkMLfqUpUbD/P3BrQjNKCo7WKwyAjK0fWCMS
cIvMe0hiDHvgM+4+ddJtZBzivpexHb/pu/aep970GAzgwIT0kUNR4LUrd1PZc8Yt
5TMxFr5IUx1xwbkHtlaIl/oNenbT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:49 2025 by rpki-client