Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E8B5E36CD3C11EFB7F409A4762E951A.roa
File: 4E8B5E36CD3C11EFB7F409A4762E951A.roa (raw, json)
Hash identifier: +OTFZTXVMnXKprutJK2AKKBYk1Z8mtg+wdij+BIaS5g=
Subject key identifier: 2F:F1:FA:EA:5F:9C:64:1C:03:13:F8:40:42:73:C1:19:01:A0:BC:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE4B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E8B5E36CD3C11EFB7F409A4762E951A.roa
Signing time: Tue 07 Jan 2025 21:13:57 +0000
ROA not before: Tue 07 Jan 2025 21:13:53 +0000
ROA not after: Sat 13 Dec 2025 21:13:53 +0000
asID: 984
IP address blocks: 156.243.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65099 (0xfe4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:13:53 2025 GMT
Not After : Dec 13 21:13:53 2025 GMT
Subject: CN=677d9915-d9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8e:36:6f:3a:4f:fe:5b:6a:c9:3a:1e:8f:25:
1c:2c:53:35:53:47:86:bb:39:3b:6a:13:d8:1e:49:
79:f0:8f:cc:e2:1c:c4:7f:5a:43:e0:39:1f:8e:00:
74:0e:aa:50:ea:90:a4:a0:43:8a:b4:6c:d5:52:ad:
ea:15:3d:e2:6d:63:fb:7f:c9:8e:1d:06:18:f6:78:
b6:98:c6:b5:af:4c:2f:46:4b:99:f3:3f:9c:62:e3:
06:3c:3a:6f:15:2f:0f:1d:f2:26:0a:93:6e:80:25:
d2:0e:67:b0:a4:35:37:4a:7a:a9:9c:3a:b6:02:b6:
cd:aa:50:16:dd:e2:45:59:b3:1b:d7:95:3b:b3:cc:
e7:bc:5f:e0:f4:f4:cd:98:63:07:ad:88:a6:eb:1b:
56:62:a4:b5:4f:0f:9e:ec:c3:45:15:9c:42:df:e0:
90:db:1a:3e:74:28:a2:7f:33:12:e1:50:76:ed:db:
22:7a:30:df:94:1b:41:12:4e:5c:62:a9:58:d9:42:
f8:8c:42:4d:6e:38:3e:81:08:c7:3c:82:e3:85:47:
c8:7c:59:09:99:07:60:25:61:c8:05:2a:8a:e7:ce:
e3:23:cd:24:ef:1b:e0:6d:86:1b:b0:d1:78:a1:80:
ba:d1:86:52:f7:8b:6b:dc:12:b4:8f:2c:eb:49:21:
c9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F1:FA:EA:5F:9C:64:1C:03:13:F8:40:42:73:C1:19:01:A0:BC:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E8B5E36CD3C11EFB7F409A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.78.0/24
Signature Algorithm: sha256WithRSAEncryption
49:8e:12:03:7f:8c:eb:64:d2:13:fa:96:4c:f3:8e:c3:66:8d:
41:77:fc:7e:d0:b4:b2:08:fc:17:a6:7e:e1:98:08:62:9b:db:
e2:d2:09:9b:98:b4:21:73:9a:65:b9:66:14:e3:c9:9a:e0:0c:
cd:a0:89:ad:04:16:ad:5d:b8:45:60:3e:46:86:c0:af:e7:ce:
c5:88:97:da:7c:3a:a6:1e:f6:26:9b:4f:04:e0:95:ea:e5:00:
7b:d6:3d:58:9e:78:b6:d3:3b:ea:87:cb:7c:12:4e:cd:2f:0f:
57:03:ce:7b:32:85:88:b2:5e:28:34:be:44:f4:55:1c:ce:66:
de:7f:cf:70:07:14:7c:4f:94:a5:21:c5:4c:8c:07:c0:94:cd:
cd:b9:01:f0:40:e9:44:a8:96:17:a1:ff:d8:1d:e0:ba:8f:07:
e9:cb:ae:3d:b7:48:98:37:3c:40:f3:2b:7c:8e:36:2d:c8:14:
5d:04:b8:15:fa:00:18:62:a4:5a:97:54:17:43:ee:ca:a1:97:
fa:d5:d0:5d:2c:15:13:a6:90:bd:22:68:37:60:ca:8e:3c:a0:
8c:73:0e:0d:38:47:05:70:db:3d:41:b3:70:03:7b:0a:5f:7c:
e2:04:59:10:48:25:b5:65:9a:b0:45:57:5a:dd:e3:11:5d:85:
10:55:c6:f0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP5LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjExMzUzWhcNMjUxMjEzMjExMzUzWjAYMRYw
FAYDVQQDEw02NzdkOTkxNS1kOWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwo42bzpP/ltqyToejyUcLFM1U0eGuzk7ahPYHkl58I/M4hzEf1pD4Dkf
jgB0DqpQ6pCkoEOKtGzVUq3qFT3ibWP7f8mOHQYY9ni2mMa1r0wvRkuZ8z+cYuMG
PDpvFS8PHfImCpNugCXSDmewpDU3SnqpnDq2ArbNqlAW3eJFWbMb15U7s8znvF/g
9PTNmGMHrYim6xtWYqS1Tw+e7MNFFZxC3+CQ2xo+dCiifzMS4VB27dsiejDflBtB
Ek5cYqlY2UL4jEJNbjg+gQjHPILjhUfIfFkJmQdgJWHIBSqK587jI80k7xvgbYYb
sNF4oYC60YZS94tr3BK0jyzrSSHJVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC/x
+upfnGQcAxP4QEJzwRkBoLxRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RThCNUUzNkNEM0MxMUVGQjdGNDA5QTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNOMA0GCSqGSIb3DQEBCwUA
A4IBAQBJjhIDf4zrZNIT+pZM847DZo1Bd/x+0LSyCPwXpn7hmAhim9vi0gmbmLQh
c5pluWYU48ma4AzNoImtBBatXbhFYD5GhsCv587FiJfafDqmHvYmm08E4JXq5QB7
1j1Ynni20zvqh8t8Ek7NLw9XA857MoWIsl4oNL5E9FUczmbef89wBxR8T5SlIcVM
jAfAlM3NuQHwQOlEqJYXof/YHeC6jwfpy649t0iYNzxA8yt8jjYtyBRdBLgV+gAY
YqRal1QXQ+7KoZf61dBdLBUTppC9Img3YMqOPKCMcw4NOEcFcNs9QbNwA3sKX3zi
BFkQSCW1ZZqwRVda3eMRXYUQVcbw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:17 2025 by rpki-client