Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4EFADABCD2E211EFA7E4517F762E951A.roa
File: 4EFADABCD2E211EFA7E4517F762E951A.roa (raw, json)
Hash identifier: j8+sUX9pvt2DnCpm58e7OMqayU4vY02oZJ4NFZoavnw=
Subject key identifier: 7D:A7:0E:74:95:77:C4:1F:BB:BF:5E:89:66:CF:C6:49:AC:45:01:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01073F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4EFADABCD2E211EFA7E4517F762E951A.roa
Signing time: Wed 15 Jan 2025 01:44:50 +0000
ROA not before: Wed 15 Jan 2025 01:44:46 +0000
ROA not after: Tue 16 Dec 2025 01:44:46 +0000
asID: 984
IP address blocks: 156.249.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67391 (0x1073f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 01:44:46 2025 GMT
Not After : Dec 16 01:44:46 2025 GMT
Subject: CN=67871312-b1c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:21:26:cb:25:fd:da:af:93:ce:6b:3a:5e:e1:
61:ae:27:6d:f0:a3:6a:47:25:2c:71:6a:2f:23:d5:
e3:c5:b2:66:02:e2:c7:e0:1c:b5:c7:83:6f:e8:88:
d1:59:ac:29:44:8a:e0:68:95:ee:97:5e:60:40:98:
05:ec:9a:74:34:69:d4:25:3f:ba:28:54:93:1e:87:
63:1d:68:08:c8:ce:ab:5f:64:02:fa:79:2a:10:ac:
1a:87:e2:db:c6:ac:de:c7:0b:03:95:22:07:31:41:
38:fd:09:5d:40:0b:53:9a:98:86:ff:29:41:89:86:
41:4f:7c:86:25:97:91:7b:73:c4:67:9d:f3:7a:1b:
1c:94:f7:34:47:d9:63:25:9d:c8:7f:b3:fd:af:95:
f1:41:12:b4:54:76:7d:e3:84:df:4a:47:bd:28:33:
50:90:c5:1e:9c:ea:af:7b:54:e0:f9:95:70:1a:16:
7c:1f:12:c3:69:aa:85:cb:04:8a:de:fd:5c:25:4d:
dc:8e:62:07:45:c9:5d:47:c4:bf:52:7d:3f:b2:0f:
28:9c:c6:08:1c:d7:c3:0b:70:1d:db:01:e2:78:c8:
c5:01:67:e8:a3:13:dc:06:53:f1:21:42:69:94:41:
80:5b:36:7e:03:f6:9e:7d:a8:4f:03:40:ab:bb:8e:
ad:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A7:0E:74:95:77:C4:1F:BB:BF:5E:89:66:CF:C6:49:AC:45:01:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4EFADABCD2E211EFA7E4517F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.56.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:10:c3:45:94:05:90:7c:9c:50:78:c6:9e:7b:18:98:00:d3:
1c:cf:d3:56:08:8a:ea:20:6f:90:f4:48:18:d1:22:3d:78:a3:
60:9b:50:58:bb:ed:99:69:73:91:c9:51:2c:24:48:ea:03:d3:
6d:66:62:8c:96:35:30:53:52:21:f1:89:44:8c:a0:67:7c:50:
b3:3d:77:52:d4:f5:22:14:40:5a:0c:00:72:44:c1:e2:42:aa:
ab:66:4a:0d:c5:a2:87:5f:9e:41:95:3c:1f:dd:4f:76:13:c8:
cb:b5:2a:3d:89:37:78:15:98:7a:bc:60:31:d4:74:16:e2:04:
c3:08:01:ce:fa:7b:8f:f5:8f:10:58:80:31:f4:25:26:e8:7e:
af:1e:69:df:14:c0:cd:04:91:4c:b1:e3:c8:89:58:d0:5a:af:
65:3f:ea:5f:8b:36:0d:4b:af:d2:58:cb:d9:48:d5:c4:f6:d7:
08:16:05:d1:6f:01:dd:26:30:e0:ac:71:84:04:88:6d:d7:ef:
12:7d:0b:e1:fa:d3:ac:01:29:1c:1e:f2:bc:19:9e:32:ce:4d:
a4:51:db:87:ec:39:4e:2e:24:ab:f3:a3:12:3d:aa:28:3a:39:
5e:61:ae:8d:07:f0:c9:a1:ec:2d:00:15:83:2d:ed:f8:5b:1e:
37:c7:96:1d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQc/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDE0NDQ2WhcNMjUxMjE2MDE0NDQ2WjAYMRYw
FAYDVQQDEw02Nzg3MTMxMi1iMWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyCEmyyX92q+Tzms6XuFhridt8KNqRyUscWovI9XjxbJmAuLH4By1x4Nv
6IjRWawpRIrgaJXul15gQJgF7Jp0NGnUJT+6KFSTHodjHWgIyM6rX2QC+nkqEKwa
h+LbxqzexwsDlSIHMUE4/QldQAtTmpiG/ylBiYZBT3yGJZeRe3PEZ53zehsclPc0
R9ljJZ3If7P9r5XxQRK0VHZ944TfSke9KDNQkMUenOqve1Tg+ZVwGhZ8HxLDaaqF
ywSK3v1cJU3cjmIHRcldR8S/Un0/sg8onMYIHNfDC3Ad2wHieMjFAWfooxPcBlPx
IUJplEGAWzZ+A/aefahPA0Cru46tRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH2n
DnSVd8Qfu79eiWbPxkmsRQGRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RUZBREFCQ0QyRTIxMUVGQTdFNDUxN0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPk4MA0GCSqGSIb3DQEBCwUA
A4IBAQA6EMNFlAWQfJxQeMaeexiYANMcz9NWCIrqIG+Q9EgY0SI9eKNgm1BYu+2Z
aXORyVEsJEjqA9NtZmKMljUwU1Ih8YlEjKBnfFCzPXdS1PUiFEBaDAByRMHiQqqr
ZkoNxaKHX55BlTwf3U92E8jLtSo9iTd4FZh6vGAx1HQW4gTDCAHO+nuP9Y8QWIAx
9CUm6H6vHmnfFMDNBJFMsePIiVjQWq9lP+pfizYNS6/SWMvZSNXE9tcIFgXRbwHd
JjDgrHGEBIht1+8SfQvh+tOsASkcHvK8GZ4yzk2kUduH7DlOLiSr86MSPaooOjle
Ya6NB/DJoewtABWDLe34Wx43x5Yd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:35 2025 by rpki-client