Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/52E3FB5ACD1411EF87B257A9762E951A.roa
File: 52E3FB5ACD1411EF87B257A9762E951A.roa (raw, json)
Hash identifier: u+ejdYxtpaW5QQQU1zaIKM6dUlr5ikjOMLa1y9YCxs4=
Subject key identifier: A8:3A:CA:01:92:15:EA:DC:2A:C1:94:EF:47:0E:3F:68:7B:1F:11:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD0D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/52E3FB5ACD1411EF87B257A9762E951A.roa
Signing time: Tue 07 Jan 2025 16:27:44 +0000
ROA not before: Tue 07 Jan 2025 16:27:41 +0000
ROA not after: Mon 13 Dec 2027 16:27:41 +0000
asID: 17561
IP address blocks: 156.241.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64781 (0xfd0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:27:41 2025 GMT
Not After : Dec 13 16:27:41 2027 GMT
Subject: CN=677d5600-c8ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d7:43:e6:4b:75:19:d8:1c:41:4a:b8:3f:c7:
de:5e:46:4b:7d:e7:9e:cb:01:2d:6d:ea:66:7f:60:
68:4b:b8:83:c0:99:44:b9:c3:5d:3f:dd:5f:bc:b9:
87:2b:c5:b6:fe:bb:82:19:b9:7f:25:36:69:40:f3:
ad:0a:c4:c7:f4:60:8e:ba:b7:62:09:9c:8f:55:5f:
e2:86:0d:ef:3f:16:df:ef:e1:b7:ce:b7:0a:01:32:
56:76:ae:d6:64:2f:95:1c:8a:48:8b:02:56:6d:c1:
ec:16:99:f2:1b:78:7c:e9:1b:52:3c:92:27:06:ae:
5b:42:c6:a8:af:83:b9:7e:53:04:df:0d:91:54:a0:
2a:ad:f6:be:ad:ab:82:8a:99:70:96:a2:40:32:d0:
83:14:58:33:86:dc:2b:c1:1d:81:da:cf:ca:de:82:
66:c0:70:e8:57:6e:01:ef:00:80:bc:d4:32:3f:18:
1d:da:b9:6e:1c:b1:7f:5e:d1:63:69:f7:66:af:2d:
54:3c:6d:8a:15:5f:ac:26:ad:d1:87:1a:2a:49:49:
bb:b4:0b:8b:af:6d:63:c4:48:8d:a0:d2:d7:eb:ad:
15:ab:2e:b8:68:47:31:44:8a:ef:c1:a4:3c:24:39:
cf:67:ce:b6:ef:88:34:9d:52:cb:9c:e1:e0:99:e4:
b9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:3A:CA:01:92:15:EA:DC:2A:C1:94:EF:47:0E:3F:68:7B:1F:11:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/52E3FB5ACD1411EF87B257A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.10.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:d1:39:1d:21:be:f2:1e:30:c9:ec:4b:6b:c4:6f:47:01:a3:
8b:13:7e:b4:fa:11:cb:a9:72:13:72:46:d2:ab:05:e9:76:2d:
a8:ea:15:3d:ff:66:cd:fa:b8:d8:7f:5b:71:7b:50:3c:23:a2:
ae:1e:07:5a:02:bb:80:9e:3b:b1:7c:62:0f:7d:6c:62:9a:9c:
54:50:21:00:db:e1:90:d6:63:e2:f4:d2:0a:41:66:c8:80:77:
8b:68:d5:ad:58:35:bf:2c:34:0e:0b:91:64:ab:c8:13:12:4d:
59:4e:64:95:19:14:19:01:17:5f:b6:77:f9:f5:6e:11:3a:2e:
3e:3d:4c:91:67:ef:85:44:fb:bd:e3:42:39:28:6b:a7:af:b8:
54:21:8d:20:dd:f0:69:43:34:f9:63:b4:66:6a:cd:7e:84:ae:
11:cb:09:d8:1c:73:de:9c:22:33:d5:e5:8a:34:fa:bb:fe:48:
0e:d7:30:ca:f7:b2:17:ad:02:00:be:f8:04:ff:d6:25:10:5c:
79:f4:b5:db:bf:10:35:57:0b:b8:a3:f5:ae:4d:f3:6c:f7:3d:
7d:80:7b:58:d0:d7:39:d5:d1:29:f0:1a:4d:89:98:14:95:ba:
2f:12:0f:b7:fd:96:94:53:67:37:62:3c:1c:5e:4f:6f:35:3f:
d8:29:5f:61
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYyNzQxWhcNMjcxMjEzMTYyNzQxWjAYMRYw
FAYDVQQDEw02NzdkNTYwMC1jOGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA89dD5kt1GdgcQUq4P8feXkZLfeeeywEtbepmf2BoS7iDwJlEucNdP91f
vLmHK8W2/ruCGbl/JTZpQPOtCsTH9GCOurdiCZyPVV/ihg3vPxbf7+G3zrcKATJW
dq7WZC+VHIpIiwJWbcHsFpnyG3h86RtSPJInBq5bQsaor4O5flME3w2RVKAqrfa+
rauCiplwlqJAMtCDFFgzhtwrwR2B2s/K3oJmwHDoV24B7wCAvNQyPxgd2rluHLF/
XtFjafdmry1UPG2KFV+sJq3RhxoqSUm7tAuLr21jxEiNoNLX660Vqy64aEcxRIrv
waQ8JDnPZ86274g0nVLLnOHgmeS5+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKg6
ygGSFercKsGU70cOP2h7HxH5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MkUzRkI1QUNEMTQxMUVGODdCMjU3QTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEKMA0GCSqGSIb3DQEBCwUA
A4IBAQCg0TkdIb7yHjDJ7EtrxG9HAaOLE360+hHLqXITckbSqwXpdi2o6hU9/2bN
+rjYf1txe1A8I6KuHgdaAruAnjuxfGIPfWximpxUUCEA2+GQ1mPi9NIKQWbIgHeL
aNWtWDW/LDQOC5Fkq8gTEk1ZTmSVGRQZARdftnf59W4ROi4+PUyRZ++FRPu940I5
KGunr7hUIY0g3fBpQzT5Y7Rmas1+hK4RywnYHHPenCIz1eWKNPq7/kgO1zDK97IX
rQIAvvgE/9YlEFx59LXbvxA1Vwu4o/WuTfNs9z19gHtY0Nc51dEp8BpNiZgUlbov
Eg+3/ZaUU2c3YjwcXk9vNT/YKV9h
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:58 2025 by rpki-client