Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4DB4C082C27A11EFBFB3EE51762E951A.roa
File: 4DB4C082C27A11EFBFB3EE51762E951A.roa (raw, json)
Hash identifier: 0MC1cpmXhdmJYkYMRmgfAjGjhLCMkMbHdeHnjx1fdY0=
Subject key identifier: B6:AD:A5:D1:53:EC:8D:3A:FE:94:57:3E:7E:FB:05:7A:0E:A2:CA:B3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E895
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4DB4C082C27A11EFBFB3EE51762E951A.roa
Signing time: Wed 25 Dec 2024 04:40:02 +0000
ROA not before: Wed 25 Dec 2024 04:39:58 +0000
ROA not after: Wed 10 Dec 2025 04:39:58 +0000
asID: 984
IP address blocks: 156.227.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59541 (0xe895)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 04:39:58 2024 GMT
Not After : Dec 10 04:39:58 2025 GMT
Subject: CN=676b8ca2-1cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e9:ee:c5:be:f4:64:44:6b:4e:74:fe:b6:81:
a5:26:bd:bb:d6:3e:6b:b6:c2:f2:37:e9:1a:b4:82:
48:78:c8:d9:be:78:2e:99:81:db:b1:02:20:62:75:
f0:4a:af:3f:2d:f3:6f:4b:d8:73:05:4b:26:c8:91:
f5:bf:d2:5f:15:3b:ab:7d:81:5e:e5:39:28:6c:a5:
0a:12:66:4d:77:1d:ee:49:d9:fd:9e:5b:a9:b0:cf:
98:12:2e:6e:65:eb:aa:5f:93:1b:d2:46:2d:6a:8c:
1f:5a:2b:11:b8:17:7a:b4:a6:b7:88:4e:f8:7d:0a:
79:1b:8c:a6:31:01:20:1e:a3:dd:80:75:b1:2b:14:
57:e7:48:54:51:a2:af:9f:66:49:c7:53:6f:bf:63:
d6:fa:e6:68:7d:fe:a7:73:19:9d:b4:8a:7e:f1:42:
46:4b:48:3b:9a:1a:84:35:1d:43:a5:e4:38:9f:e3:
2a:92:66:2d:ec:00:de:d8:69:b5:da:8e:fc:e9:af:
9b:a2:ce:60:b6:61:2d:28:20:2c:02:bd:8c:05:2a:
ea:53:31:3b:93:b1:db:16:e8:12:63:ae:82:d2:b6:
5c:38:f7:9e:eb:84:2c:0a:b6:99:ab:67:af:23:2b:
c5:3a:85:ac:db:b1:da:2a:fc:ba:11:86:20:70:2a:
1a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AD:A5:D1:53:EC:8D:3A:FE:94:57:3E:7E:FB:05:7A:0E:A2:CA:B3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4DB4C082C27A11EFBFB3EE51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.150.0/24
Signature Algorithm: sha256WithRSAEncryption
05:b2:94:81:6d:cd:85:c5:ef:6e:ac:85:ea:81:c5:7e:7c:af:
57:15:d2:ca:13:a7:d4:26:ca:f3:73:15:2b:d5:8e:9a:01:43:
b0:07:34:4e:05:ec:13:a2:93:80:68:fd:72:06:28:97:a3:c9:
fc:76:8f:6f:18:38:5f:27:d3:c7:64:f6:f0:fc:b5:ff:db:4e:
0e:18:e5:c6:89:1d:e8:7d:69:e5:c7:98:25:9b:3b:2a:a6:94:
ea:82:c0:ae:5c:2c:9a:0c:49:5e:3d:2e:ae:d8:dc:98:c2:d7:
00:bd:60:99:54:1a:b1:6f:ad:b3:8e:ca:de:26:57:14:4c:19:
c0:a7:6d:37:29:6b:d5:20:a1:03:4f:84:4d:a3:c9:2a:37:5e:
43:21:4b:45:e5:f2:ae:bf:98:f1:c0:d3:58:46:66:09:98:01:
84:0b:dc:eb:ed:bc:20:98:aa:5c:e3:57:c8:5b:55:c8:13:f0:
03:c8:29:8c:23:7d:b0:99:ef:44:ed:df:a0:0a:d8:28:2b:75:
a1:7b:fc:6e:65:61:22:b3:e3:59:79:5c:fc:0c:7c:99:30:5b:
12:76:ca:e6:2e:a6:e3:45:00:df:7a:fd:b4:32:75:de:9b:a9:
cf:d1:76:57:21:30:e5:74:4d:44:08:17:15:3c:fa:69:e1:91:
65:14:1b:8d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOiVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDQzOTU4WhcNMjUxMjEwMDQzOTU4WjAYMRYw
FAYDVQQDEw02NzZiOGNhMi0xY2IyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzenuxb70ZERrTnT+toGlJr271j5rtsLyN+katIJIeMjZvngumYHbsQIg
YnXwSq8/LfNvS9hzBUsmyJH1v9JfFTurfYFe5TkobKUKEmZNdx3uSdn9nlupsM+Y
Ei5uZeuqX5Mb0kYtaowfWisRuBd6tKa3iE74fQp5G4ymMQEgHqPdgHWxKxRX50hU
UaKvn2ZJx1Nvv2PW+uZoff6ncxmdtIp+8UJGS0g7mhqENR1DpeQ4n+MqkmYt7ADe
2Gm12o786a+bos5gtmEtKCAsAr2MBSrqUzE7k7HbFugSY66C0rZcOPee64QsCraZ
q2evIyvFOoWs27HaKvy6EYYgcCoasQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLat
pdFT7I06/pRXPn77BXoOosqzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80REI0QzA4MkMyN0ExMUVGQkZCM0VFNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOOWMA0GCSqGSIb3DQEBCwUA
A4IBAQAFspSBbc2Fxe9urIXqgcV+fK9XFdLKE6fUJsrzcxUr1Y6aAUOwBzROBewT
opOAaP1yBiiXo8n8do9vGDhfJ9PHZPbw/LX/204OGOXGiR3ofWnlx5glmzsqppTq
gsCuXCyaDElePS6u2NyYwtcAvWCZVBqxb62zjsreJlcUTBnAp203KWvVIKEDT4RN
o8kqN15DIUtF5fKuv5jxwNNYRmYJmAGEC9zr7bwgmKpc41fIW1XIE/ADyCmMI32w
me9E7d+gCtgoK3Whe/xuZWEis+NZeVz8DHyZMFsSdsrmLqbjRQDfev20MnXem6nP
0XZXITDldE1ECBcVPPpp4ZFlFBuN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:05 2025 by rpki-client