Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E4BB312C34B11EFB9B9BB7C762E951A.roa
File: 4E4BB312C34B11EFB9B9BB7C762E951A.roa (raw, json)
Hash identifier: fkkQxv1uiPxTTCWUNvztFnWUbmrayn769SrnuPmh6w0=
Subject key identifier: 64:CF:97:DA:D0:D9:B2:6B:DC:58:EF:99:5D:01:01:20:79:86:F3:B9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC41
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E4BB312C34B11EFB9B9BB7C762E951A.roa
Signing time: Thu 26 Dec 2024 05:36:08 +0000
ROA not before: Thu 26 Dec 2024 05:36:04 +0000
ROA not after: Wed 10 Dec 2025 05:36:04 +0000
asID: 984
IP address blocks: 156.245.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60481 (0xec41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:36:04 2024 GMT
Not After : Dec 10 05:36:04 2025 GMT
Subject: CN=676ceb47-6f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fc:87:cd:a7:2c:3d:d6:7e:b7:c4:b9:6c:97:
84:4b:89:af:ef:a8:ae:80:7e:c9:b1:41:26:a8:f7:
1f:09:15:cb:50:0d:ba:b7:21:f7:34:77:86:88:51:
6b:f1:2f:99:27:a8:f2:4a:a1:7c:54:16:05:6c:a9:
d6:3d:ed:8a:3e:a9:ac:6d:b2:9b:d5:1f:cb:2d:d3:
4d:34:12:a5:38:d6:00:0e:31:ad:81:ff:b7:57:4b:
3a:60:8f:22:ff:f6:23:33:ea:b2:1a:6b:a5:da:84:
7d:29:e5:a8:f3:f2:b0:31:5e:b1:73:25:c7:01:20:
db:ec:e1:a9:a4:2a:d4:4d:c0:23:23:76:6b:4e:57:
ec:c0:81:dd:ac:36:ec:00:8b:b2:98:25:d0:90:8b:
02:b7:91:78:f2:17:53:8d:d7:af:c7:1c:cf:b4:b4:
c5:5b:af:18:be:a3:dd:bb:73:7e:be:2a:9c:33:51:
06:aa:24:c9:4c:da:07:e8:4b:fe:47:e8:a7:18:6a:
8f:d2:7f:3b:c0:c5:a8:ae:b8:5e:48:21:50:f1:6c:
b3:fa:69:6b:27:2d:3b:30:7b:d2:c8:55:c8:9a:86:
d9:de:ba:2d:b8:61:1b:f2:6c:5f:90:9b:61:b4:5c:
dd:c3:cf:c9:81:a5:b6:b4:fb:13:b3:73:80:25:b3:
4a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:CF:97:DA:D0:D9:B2:6B:DC:58:EF:99:5D:01:01:20:79:86:F3:B9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E4BB312C34B11EFB9B9BB7C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:b5:fc:7c:97:ec:14:a0:e1:6b:9a:5a:bb:82:69:ff:1e:79:
2d:49:ae:30:00:c4:55:08:19:e8:09:90:fe:50:42:97:cc:13:
ee:fe:39:75:fc:fe:5f:99:a5:ec:00:5f:7b:f6:d2:83:e5:c0:
cf:45:36:32:56:8e:9f:e6:be:38:51:42:93:fd:49:8b:6a:0b:
e5:16:7a:b3:0c:aa:dd:60:29:4c:c5:94:79:27:1b:dc:ae:ad:
5f:f9:53:8b:52:2d:89:a3:c9:7b:b4:26:7a:f1:b9:b6:b3:89:
ff:8d:20:82:c0:84:ee:ac:e7:05:e4:86:63:e7:6c:0e:ec:a3:
6c:bb:d3:a4:7c:c8:a6:24:c9:9d:19:72:47:a4:11:87:39:e0:
5f:0a:f2:4b:00:eb:72:51:90:19:99:3d:f6:b5:f0:5f:2b:08:
c6:9b:73:ce:76:2f:41:6a:f1:92:76:4e:ac:14:d3:34:b1:c2:
ec:0e:09:ba:fc:c2:4f:36:17:2e:63:56:ef:f3:11:86:4e:9d:
8b:30:c0:17:d7:66:ca:fb:2b:d2:20:b4:1d:dd:c1:9b:c0:84:
c1:3b:be:b8:57:31:22:c2:09:af:1c:35:3b:22:2d:16:aa:63:
26:dd:83:17:0e:2f:9d:98:87:a4:b8:50:d2:f7:71:a4:8c:c6:
e2:92:c4:0b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOxBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUzNjA0WhcNMjUxMjEwMDUzNjA0WjAYMRYw
FAYDVQQDEw02NzZjZWI0Ny02ZjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq/yHzacsPdZ+t8S5bJeES4mv76iugH7JsUEmqPcfCRXLUA26tyH3NHeG
iFFr8S+ZJ6jySqF8VBYFbKnWPe2KPqmsbbKb1R/LLdNNNBKlONYADjGtgf+3V0s6
YI8i//YjM+qyGmul2oR9KeWo8/KwMV6xcyXHASDb7OGppCrUTcAjI3ZrTlfswIHd
rDbsAIuymCXQkIsCt5F48hdTjdevxxzPtLTFW68YvqPdu3N+viqcM1EGqiTJTNoH
6Ev+R+inGGqP0n87wMWorrheSCFQ8Wyz+mlrJy07MHvSyFXImobZ3rotuGEb8mxf
kJthtFzdw8/JgaW2tPsTs3OAJbNKdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGTP
l9rQ2bJr3FjvmV0BASB5hvO5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RTRCQjMxMkMzNEIxMUVGQjlCOUJCN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPXfMA0GCSqGSIb3DQEBCwUA
A4IBAQAstfx8l+wUoOFrmlq7gmn/HnktSa4wAMRVCBnoCZD+UEKXzBPu/jl1/P5f
maXsAF979tKD5cDPRTYyVo6f5r44UUKT/UmLagvlFnqzDKrdYClMxZR5Jxvcrq1f
+VOLUi2Jo8l7tCZ68bm2s4n/jSCCwITurOcF5IZj52wO7KNsu9OkfMimJMmdGXJH
pBGHOeBfCvJLAOtyUZAZmT32tfBfKwjGm3POdi9BavGSdk6sFNM0scLsDgm6/MJP
NhcuY1bv8xGGTp2LMMAX12bK+yvSILQd3cGbwITBO764VzEiwgmvHDU7Ii0WqmMm
3YMXDi+dmIekuFDS93GkjMbiksQL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:00 2025 by rpki-client