Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50423B2CCDA111EFA65D20B6762E951A.roa
File: 50423B2CCDA111EFA65D20B6762E951A.roa (raw, json)
Hash identifier: uay0VV4Jh9VIMRqANUrE7gy0r9NGpowmpuiUSU8U/CM=
Subject key identifier: EF:EC:58:46:1C:1A:49:EE:84:FC:34:77:72:FA:49:B3:6E:51:6B:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100DF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50423B2CCDA111EFA65D20B6762E951A.roa
Signing time: Wed 08 Jan 2025 09:16:59 +0000
ROA not before: Wed 08 Jan 2025 09:16:56 +0000
ROA not after: Tue 16 Dec 2025 09:16:56 +0000
asID: 984
IP address blocks: 156.249.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65759 (0x100df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:16:56 2025 GMT
Not After : Dec 16 09:16:56 2025 GMT
Subject: CN=677e428b-6a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b6:68:d5:78:ac:ba:db:69:a3:b6:49:89:8a:
e1:5b:4f:df:ee:53:59:c9:40:ec:47:36:00:b4:b9:
78:68:6e:11:94:46:fc:46:1d:74:a8:4e:78:09:5c:
bb:9a:7c:8c:71:78:63:44:e3:32:ba:6d:39:79:01:
bf:47:b8:7c:ba:7e:ae:3c:af:c3:ee:9b:16:d3:7d:
56:e3:38:fc:30:15:e8:b3:e5:48:1a:6f:9c:99:12:
f0:7b:17:41:e2:75:46:bc:65:d0:8f:d8:92:16:1c:
13:e8:14:77:a4:3c:a9:97:52:fb:a5:1a:6c:40:bb:
98:07:56:c6:5b:00:e9:d8:0e:12:31:07:7c:9f:60:
f9:12:ee:fb:a4:6f:56:0e:8c:a8:f5:5e:02:ff:ba:
47:06:31:22:e6:2c:a1:88:de:0f:d0:4a:b4:d2:bc:
f2:38:5f:fb:e5:61:47:e1:ab:ad:ab:c7:d1:e3:b0:
d9:e2:21:2b:be:95:21:7b:3c:7f:62:7c:78:1f:fc:
4d:01:4d:ac:c8:89:b1:4e:a0:a8:f1:1d:ff:cf:4f:
80:89:a4:e7:15:eb:e7:9c:86:a9:ab:a3:0c:50:a8:
dc:26:fa:36:19:13:d3:54:c2:e2:fd:36:1f:0d:15:
22:ec:7c:c1:d9:a7:b0:62:6a:da:a7:13:2f:11:30:
23:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:EC:58:46:1C:1A:49:EE:84:FC:34:77:72:FA:49:B3:6E:51:6B:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50423B2CCDA111EFA65D20B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.116.0/24
Signature Algorithm: sha256WithRSAEncryption
35:16:0f:f4:d8:bb:3f:7f:65:b8:de:d1:e7:39:ba:95:14:dc:
e7:e3:ef:f4:e9:39:58:bd:d7:dd:d4:89:e0:29:1c:31:8d:5d:
6a:e9:84:90:c3:3e:98:74:82:d3:d0:7d:db:f8:ac:09:74:3e:
3c:23:21:56:b6:13:b2:c5:c7:db:38:45:50:82:52:60:bc:68:
b6:aa:d7:8a:65:b9:2a:91:89:a9:0c:fe:f2:fa:00:b6:e7:57:
c7:4c:f2:76:70:1c:0b:25:29:84:12:cf:2b:f6:04:31:ae:b5:
1d:71:1c:59:07:ad:cf:b2:f6:b8:b8:b6:cc:bd:96:61:25:38:
2a:86:71:8a:97:5f:db:8d:80:f6:0e:b3:b5:c3:74:1d:aa:53:
28:53:6a:e1:ac:b0:3d:8e:d4:21:ab:44:a7:d0:59:0a:75:4b:
58:2d:1e:3c:8f:35:08:57:08:a9:ae:57:6b:6a:29:6c:b1:59:
3c:07:02:36:74:34:1b:29:4d:7a:73:2c:6a:f0:82:ab:5f:a2:
e5:62:06:83:5c:b9:31:d6:14:31:8b:9a:e9:0f:a8:cf:7b:8d:
5a:ef:1b:c9:b9:99:1e:1f:80:45:93:1e:7a:a7:13:e4:ea:7f:
71:99:ac:06:9a:d1:25:b5:97:b0:cb:82:16:74:85:33:e0:44:
bb:97:63:36
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQDfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkxNjU2WhcNMjUxMjE2MDkxNjU2WjAYMRYw
FAYDVQQDEw02NzdlNDI4Yi02YTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp7Zo1Xisuttpo7ZJiYrhW0/f7lNZyUDsRzYAtLl4aG4RlEb8Rh10qE54
CVy7mnyMcXhjROMyum05eQG/R7h8un6uPK/D7psW031W4zj8MBXos+VIGm+cmRLw
exdB4nVGvGXQj9iSFhwT6BR3pDypl1L7pRpsQLuYB1bGWwDp2A4SMQd8n2D5Eu77
pG9WDoyo9V4C/7pHBjEi5iyhiN4P0Eq00rzyOF/75WFH4autq8fR47DZ4iErvpUh
ezx/Ynx4H/xNAU2syImxTqCo8R3/z0+AiaTnFevnnIapq6MMUKjcJvo2GRPTVMLi
/TYfDRUi7HzB2aewYmrapxMvETAjPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO/s
WEYcGknuhPw0d3L6SbNuUWviMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MDQyM0IyQ0NEQTExMUVGQTY1RDIwQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPl0MA0GCSqGSIb3DQEBCwUA
A4IBAQA1Fg/02Ls/f2W43tHnObqVFNzn4+/06TlYvdfd1IngKRwxjV1q6YSQwz6Y
dILT0H3b+KwJdD48IyFWthOyxcfbOEVQglJgvGi2qteKZbkqkYmpDP7y+gC251fH
TPJ2cBwLJSmEEs8r9gQxrrUdcRxZB63Psva4uLbMvZZhJTgqhnGKl1/bjYD2DrO1
w3QdqlMoU2rhrLA9jtQhq0Sn0FkKdUtYLR48jzUIVwiprldrailssVk8BwI2dDQb
KU16cyxq8IKrX6LlYgaDXLkx1hQxi5rpD6jPe41a7xvJuZkeH4BFkx56pxPk6n9x
mawGmtEltZewy4IWdIUz4ES7l2M2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:02 2025 by rpki-client