Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50D831C2C95011EF8C4CF4B4762E951A.roa
File: 50D831C2C95011EF8C4CF4B4762E951A.roa (raw, json)
Hash identifier: Qx5zc1aj9XlRqyBbnSz6sjw3mrPBHgK8/nNKs6j0agQ=
Subject key identifier: BD:88:E5:34:56:44:23:87:B6:F6:90:06:3C:B4:4E:0E:C2:B4:F8:C7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3C0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50D831C2C95011EF8C4CF4B4762E951A.roa
Signing time: Thu 02 Jan 2025 21:27:06 +0000
ROA not before: Thu 02 Jan 2025 21:27:03 +0000
ROA not after: Sat 13 Dec 2025 21:27:03 +0000
asID: 984
IP address blocks: 156.225.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62400 (0xf3c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:27:03 2025 GMT
Not After : Dec 13 21:27:03 2025 GMT
Subject: CN=677704aa-0fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:08:c4:38:e5:4a:79:90:2b:72:06:e2:2b:79:
42:80:0e:a9:06:d2:5f:8c:e0:23:62:90:4e:52:ea:
76:a2:54:d1:d6:91:89:c5:2c:3f:aa:cb:5f:ff:37:
4a:b7:79:1c:52:05:83:ad:c5:ee:ae:76:e9:18:2d:
86:41:35:fb:08:3f:32:36:f5:bc:4e:0c:34:5e:79:
8c:6c:13:56:6e:46:a3:52:5e:de:4d:60:2e:3b:1e:
df:3e:dc:35:c4:5b:94:f6:44:38:a0:fc:d7:2f:a6:
03:01:f6:04:08:8e:ff:40:10:f1:9e:e2:25:93:dd:
a5:7f:9f:4d:5b:30:0b:71:a2:e9:e5:78:22:63:9f:
6d:4e:7b:7c:75:c8:f9:29:2e:50:77:46:3a:c7:6c:
1a:47:76:17:d4:6b:e2:a3:a0:66:01:1e:ab:3f:9f:
f1:c7:d4:fb:33:4f:bd:2f:96:11:9d:50:42:6a:72:
5c:45:9d:44:2d:c4:b3:c0:b0:f5:a2:a7:44:59:80:
22:f5:4e:52:41:be:80:cb:d6:04:74:1f:4c:b7:06:
cd:e4:1b:54:52:f3:0f:b1:d6:78:ad:8d:c5:d9:ac:
c6:7b:e9:03:6d:49:26:b7:aa:f7:e2:73:1a:4f:38:
f7:1d:f5:f9:ce:2f:89:55:6b:b7:41:76:cc:6f:e7:
95:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:88:E5:34:56:44:23:87:B6:F6:90:06:3C:B4:4E:0E:C2:B4:F8:C7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/50D831C2C95011EF8C4CF4B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.183.0/24
Signature Algorithm: sha256WithRSAEncryption
54:b7:1b:ad:62:1b:de:b9:21:81:0c:98:15:0f:76:cc:ba:e1:
0b:a2:4d:66:20:f1:bc:14:26:5e:b8:90:0c:be:f5:0f:12:4b:
5d:f6:90:e2:c8:f4:eb:76:56:81:ab:9f:38:72:4c:b3:3f:0a:
21:87:08:1f:42:87:8e:e2:7e:0f:eb:30:41:60:35:11:e8:37:
0a:04:38:50:e3:bb:17:ad:1a:2a:a4:7b:16:e0:03:af:bb:d5:
e9:b1:b1:a9:e5:6c:05:68:09:25:b2:20:0e:e5:6e:b2:2e:f4:
d4:26:48:60:dd:68:16:18:c6:6e:0e:58:cf:fa:c4:db:d0:72:
b5:a7:57:c5:97:4a:f4:a6:6e:0e:be:a2:ab:cd:c4:e0:7c:c8:
c4:32:a6:27:12:c2:78:04:49:6c:8a:eb:f9:8b:0a:c6:d5:e8:
48:7d:9f:a8:57:7e:94:5e:56:6d:4a:bc:04:ef:8e:24:73:69:
5c:68:18:62:fe:60:b1:e9:ee:3a:62:37:61:7c:47:40:6e:4f:
f8:c2:f1:ff:23:01:7f:7c:75:de:99:53:d0:2d:96:15:45:8e:
54:e7:d6:d6:1f:19:d3:46:e0:4c:4c:d1:14:d8:4e:b2:13:1e:
81:2b:49:86:ce:d5:44:d2:01:30:13:4a:eb:fb:ac:c1:ed:7f:
23:b0:d6:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPPAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjEyNzAzWhcNMjUxMjEzMjEyNzAzWjAYMRYw
FAYDVQQDEw02Nzc3MDRhYS0wZmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArgjEOOVKeZArcgbiK3lCgA6pBtJfjOAjYpBOUup2olTR1pGJxSw/qstf
/zdKt3kcUgWDrcXurnbpGC2GQTX7CD8yNvW8Tgw0XnmMbBNWbkajUl7eTWAuOx7f
Ptw1xFuU9kQ4oPzXL6YDAfYECI7/QBDxnuIlk92lf59NWzALcaLp5XgiY59tTnt8
dcj5KS5Qd0Y6x2waR3YX1Gvio6BmAR6rP5/xx9T7M0+9L5YRnVBCanJcRZ1ELcSz
wLD1oqdEWYAi9U5SQb6Ay9YEdB9MtwbN5BtUUvMPsdZ4rY3F2azGe+kDbUkmt6r3
4nMaTzj3HfX5zi+JVWu3QXbMb+eVawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL2I
5TRWRCOHtvaQBjy0Tg7CtPjHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MEQ4MzFDMkM5NTAxMUVGOEM0Q0Y0QjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOG3MA0GCSqGSIb3DQEBCwUA
A4IBAQBUtxutYhveuSGBDJgVD3bMuuELok1mIPG8FCZeuJAMvvUPEktd9pDiyPTr
dlaBq584ckyzPwohhwgfQoeO4n4P6zBBYDUR6DcKBDhQ47sXrRoqpHsW4AOvu9Xp
sbGp5WwFaAklsiAO5W6yLvTUJkhg3WgWGMZuDljP+sTb0HK1p1fFl0r0pm4OvqKr
zcTgfMjEMqYnEsJ4BElsiuv5iwrG1ehIfZ+oV36UXlZtSrwE744kc2lcaBhi/mCx
6e46YjdhfEdAbk/4wvH/IwF/fHXemVPQLZYVRY5U59bWHxnTRuBMTNEU2E6yEx6B
K0mGztVE0gEwE0rr+6zB7X8jsNbk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:11 2025 by rpki-client