Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FEB73B8CD2511EFA6A37093762E951A.roa
File: 4FEB73B8CD2511EFA6A37093762E951A.roa (raw, json)
Hash identifier: petryV8+D5BUBUIMna+NbuA/9ojgBmxiPZAav3tNvIw=
Subject key identifier: D4:02:C7:E1:F6:98:44:69:B8:06:54:FA:E2:A2:A5:A0:BD:24:E2:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD95
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FEB73B8CD2511EFA6A37093762E951A.roa
Signing time: Tue 07 Jan 2025 18:29:21 +0000
ROA not before: Tue 07 Jan 2025 18:29:17 +0000
ROA not after: Sat 13 Dec 2025 18:29:17 +0000
asID: 984
IP address blocks: 156.241.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64917 (0xfd95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 18:29:17 2025 GMT
Not After : Dec 13 18:29:17 2025 GMT
Subject: CN=677d7281-1ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:62:3d:49:bb:52:c1:a9:f2:bd:f4:d3:3c:7d:
a4:61:62:19:cb:1e:45:2a:7f:2a:44:58:c2:7f:3e:
e6:73:b8:fd:16:ed:ed:d6:1a:04:9b:ce:c1:51:2e:
28:ef:30:ae:0c:37:25:1a:2f:aa:9c:17:b9:0e:e5:
a6:8e:92:e9:2a:f6:24:00:33:e1:90:50:4d:9e:ec:
cb:d6:0d:20:12:cd:f3:d2:81:40:e6:4d:75:dc:db:
f1:4d:2e:b9:2f:93:a0:e6:7e:5c:74:9f:29:f0:68:
76:bc:c0:64:e0:ee:48:0d:7e:29:32:e0:f5:04:03:
30:dc:b6:05:7a:cb:0a:f6:64:ce:49:c9:0c:21:45:
c0:88:fb:d4:c3:69:7c:90:ab:89:67:ff:84:6c:7b:
b5:49:f4:6f:e2:14:41:3a:4c:20:60:7d:99:bd:cb:
e7:a1:0d:b0:e7:0d:87:22:94:ec:7d:cb:af:83:21:
a1:dd:12:92:d0:c9:72:25:d4:9e:35:0e:29:23:07:
f9:e1:4c:d6:31:93:b8:ad:14:94:31:58:07:28:58:
f7:a3:78:62:60:8c:c3:1c:b8:04:5a:64:b6:b1:9b:
1d:f7:19:ca:79:52:b5:ac:b2:6e:7a:cc:7d:bf:27:
fa:ab:40:d6:5d:d6:28:87:44:05:68:f5:e0:f9:c4:
b9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:02:C7:E1:F6:98:44:69:B8:06:54:FA:E2:A2:A5:A0:BD:24:E2:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FEB73B8CD2511EFA6A37093762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.213.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:a6:1a:87:54:76:b2:80:65:65:53:49:c5:30:8a:28:b9:ce:
17:68:35:cd:dd:bb:60:7a:76:d8:76:3f:ac:77:8d:ba:f2:8c:
95:ec:9e:0e:5d:3f:7d:4c:ca:44:90:31:d3:b7:6f:47:f6:ef:
08:cc:9b:2a:3f:fa:99:fb:fb:36:a8:6a:00:bf:18:21:b3:31:
ba:da:d3:41:2f:05:e7:91:6f:7b:2d:d1:d9:b2:21:c2:3f:8e:
78:85:20:b6:02:36:ce:28:70:42:4d:d7:43:31:42:c6:3f:df:
73:c3:1c:83:b9:bb:03:24:71:88:f0:c2:e2:ea:be:8d:6f:3f:
8b:00:1e:14:b4:90:eb:55:11:ae:d7:40:79:84:c2:6c:70:36:
4e:34:6a:58:84:6c:79:d3:b6:fa:ff:6f:b5:e4:5b:da:32:da:
71:51:eb:77:d3:a0:2e:96:8c:22:60:3c:1e:9c:34:f4:44:1f:
5c:3e:f3:21:a9:b0:89:ed:00:8f:58:24:62:1b:16:01:42:16:
ab:31:49:80:c2:be:54:eb:6a:b3:56:d7:b9:a7:1c:6b:73:11:
a5:75:1c:22:a4:fc:24:64:c6:92:a4:1e:91:66:76:aa:57:1b:
44:c1:ec:22:25:5d:2c:b7:38:84:be:b7:f5:72:df:0f:8f:ac:
47:45:c3:a2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP2VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTgyOTE3WhcNMjUxMjEzMTgyOTE3WjAYMRYw
FAYDVQQDEw02NzdkNzI4MS0xY2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArWI9SbtSwanyvfTTPH2kYWIZyx5FKn8qRFjCfz7mc7j9Fu3t1hoEm87B
US4o7zCuDDclGi+qnBe5DuWmjpLpKvYkADPhkFBNnuzL1g0gEs3z0oFA5k113Nvx
TS65L5Og5n5cdJ8p8Gh2vMBk4O5IDX4pMuD1BAMw3LYFessK9mTOSckMIUXAiPvU
w2l8kKuJZ/+EbHu1SfRv4hRBOkwgYH2ZvcvnoQ2w5w2HIpTsfcuvgyGh3RKS0Mly
JdSeNQ4pIwf54UzWMZO4rRSUMVgHKFj3o3hiYIzDHLgEWmS2sZsd9xnKeVK1rLJu
esx9vyf6q0DWXdYoh0QFaPXg+cS5/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNQC
x+H2mERpuAZU+uKipaC9JOLMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RkVCNzNCOENEMjUxMUVGQTZBMzcwOTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHVMA0GCSqGSIb3DQEBCwUA
A4IBAQBqphqHVHaygGVlU0nFMIoouc4XaDXN3btgenbYdj+sd4268oyV7J4OXT99
TMpEkDHTt29H9u8IzJsqP/qZ+/s2qGoAvxghszG62tNBLwXnkW97LdHZsiHCP454
hSC2AjbOKHBCTddDMULGP99zwxyDubsDJHGI8MLi6r6Nbz+LAB4UtJDrVRGu10B5
hMJscDZONGpYhGx507b6/2+15FvaMtpxUet306AulowiYDwenDT0RB9cPvMhqbCJ
7QCPWCRiGxYBQharMUmAwr5U62qzVte5pxxrcxGldRwipPwkZMaSpB6RZnaqVxtE
wewiJV0stziEvrf1ct8Pj6xHRcOi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:58 2025 by rpki-client