Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/517DE57EC32C11EFA98A55AB762E951A.roa
File: 517DE57EC32C11EFA98A55AB762E951A.roa (raw, json)
Hash identifier: EsJmFB7Rqd7LM9chhCmT8Okf44JZKozwD67kSAaCCi4=
Subject key identifier: 09:CA:00:D0:71:C7:D5:51:44:98:1F:B1:59:9D:5A:45:A9:8B:EE:C6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAD5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/517DE57EC32C11EFA98A55AB762E951A.roa
Signing time: Thu 26 Dec 2024 01:54:19 +0000
ROA not before: Thu 26 Dec 2024 01:54:15 +0000
ROA not after: Wed 10 Dec 2025 01:54:15 +0000
asID: 984
IP address blocks: 156.243.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60117 (0xead5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:54:15 2024 GMT
Not After : Dec 10 01:54:15 2025 GMT
Subject: CN=676cb74a-5f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:23:6a:45:6b:5c:7b:6c:8e:1a:b1:0a:7f:d0:
50:e0:f2:ca:25:ed:a2:18:c3:dc:c4:8e:c1:99:8b:
52:57:ef:2c:61:5e:9e:bb:44:84:3b:e7:b1:5f:46:
5f:8f:be:1f:81:dd:42:9e:fd:f8:e9:1e:56:96:fa:
da:ec:55:6b:d3:bd:cd:2b:71:dc:1c:55:17:b6:45:
ad:01:54:4a:5e:b6:f9:aa:76:ae:17:61:4c:89:3c:
5f:2d:d0:c7:19:f0:c8:44:be:b9:61:55:86:dd:7e:
60:6e:e7:66:c1:30:fe:30:bb:9c:20:36:a5:3e:53:
74:1d:da:17:dd:bd:89:11:7a:e4:11:83:38:d8:87:
9a:8e:6f:84:03:b6:b6:9b:02:ae:db:b3:f2:70:3c:
ce:cd:1c:4c:ff:c4:0c:9a:32:b9:12:68:a8:6d:20:
52:34:9d:a3:1c:8d:19:98:95:56:16:3b:79:2b:80:
8c:a0:9c:55:66:9b:be:e2:9f:b3:b1:0d:25:41:85:
b2:63:8f:36:49:24:56:5f:8f:d0:5a:f8:ee:0d:2e:
ae:09:6a:cb:81:f8:8c:85:fc:97:ec:00:09:16:61:
a0:83:84:71:e2:76:a0:b6:1a:34:f9:b0:77:3c:02:
17:53:52:4c:77:c5:de:06:19:43:4b:af:1e:eb:fe:
95:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CA:00:D0:71:C7:D5:51:44:98:1F:B1:59:9D:5A:45:A9:8B:EE:C6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/517DE57EC32C11EFA98A55AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.203.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:2e:ed:95:4f:9d:4e:51:6a:e8:06:f9:bb:18:ab:3e:c0:c7:
35:6c:98:83:47:b1:1b:e9:62:27:8e:3b:35:66:2b:c3:ae:1c:
6c:d5:c7:3a:79:51:10:9c:48:9d:d3:a9:27:c5:b7:7b:99:f8:
42:1d:17:d2:66:83:fd:ce:1a:11:82:3f:16:64:d7:d7:1e:7e:
4e:a5:aa:aa:a3:a3:30:f6:02:aa:73:93:03:c6:00:bb:85:0a:
d3:04:07:1b:07:1e:04:22:7a:23:3a:5d:0c:9a:12:c9:ec:7c:
4f:fc:29:39:b7:01:ce:c6:db:1a:cd:27:a6:c1:d2:ac:c0:12:
ad:3f:f1:6a:5f:7f:12:31:d2:87:7a:fc:58:19:30:5b:be:55:
d4:c4:7d:b2:c8:62:65:9a:36:fb:c3:15:b5:76:98:03:64:e8:
4a:40:24:88:af:ba:56:5a:23:b0:78:9d:98:63:6a:f5:b7:b7:
2c:de:4b:0e:b1:dd:ab:3b:d4:44:d5:e4:14:49:af:ee:e5:bf:
d6:ae:0d:af:a1:a9:f2:42:88:c9:7f:f6:a6:d5:f9:62:14:f0:
07:ad:3e:69:ae:8e:d5:82:1d:9e:ad:47:4f:a3:4e:9e:fe:19:
06:79:83:de:1c:a9:05:28:cd:cc:c8:ca:a0:bc:89:81:b8:b5:
4f:36:be:6b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDE1NDE1WhcNMjUxMjEwMDE1NDE1WjAYMRYw
FAYDVQQDEw02NzZjYjc0YS01ZjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApSNqRWtce2yOGrEKf9BQ4PLKJe2iGMPcxI7BmYtSV+8sYV6eu0SEO+ex
X0Zfj74fgd1Cnv346R5Wlvra7FVr073NK3HcHFUXtkWtAVRKXrb5qnauF2FMiTxf
LdDHGfDIRL65YVWG3X5gbudmwTD+MLucIDalPlN0HdoX3b2JEXrkEYM42Ieajm+E
A7a2mwKu27PycDzOzRxM/8QMmjK5EmiobSBSNJ2jHI0ZmJVWFjt5K4CMoJxVZpu+
4p+zsQ0lQYWyY482SSRWX4/QWvjuDS6uCWrLgfiMhfyX7AAJFmGgg4Rx4nagtho0
+bB3PAIXU1JMd8XeBhlDS68e6/6V+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAnK
ANBxx9VRRJgfsVmdWkWpi+7GMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MTdERTU3RUMzMkMxMUVGQTk4QTU1QUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPLMA0GCSqGSIb3DQEBCwUA
A4IBAQB6Lu2VT51OUWroBvm7GKs+wMc1bJiDR7Eb6WInjjs1ZivDrhxs1cc6eVEQ
nEid06knxbd7mfhCHRfSZoP9zhoRgj8WZNfXHn5Opaqqo6Mw9gKqc5MDxgC7hQrT
BAcbBx4EInojOl0MmhLJ7HxP/Ck5twHOxtsazSemwdKswBKtP/FqX38SMdKHevxY
GTBbvlXUxH2yyGJlmjb7wxW1dpgDZOhKQCSIr7pWWiOweJ2YY2r1t7cs3ksOsd2r
O9RE1eQUSa/u5b/Wrg2voanyQojJf/am1fliFPAHrT5pro7Vgh2erUdPo06e/hkG
eYPeHKkFKM3MyMqgvImBuLVPNr5r
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:18 2025 by rpki-client