Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/543C7A0AC32711EFA3790987762E951A.roa
File: 543C7A0AC32711EFA3790987762E951A.roa (raw, json)
Hash identifier: JGhPq7ahBhbu08I0JQHOiJ9SNjS++VTuDx0ds/HWFAs=
Subject key identifier: E6:62:85:C2:D0:96:41:7F:DC:7B:0F:95:2E:1D:DA:73:8A:E2:D8:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA99
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/543C7A0AC32711EFA3790987762E951A.roa
Signing time: Thu 26 Dec 2024 01:18:36 +0000
ROA not before: Thu 26 Dec 2024 01:18:32 +0000
ROA not after: Wed 10 Dec 2025 01:18:32 +0000
asID: 984
IP address blocks: 156.243.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60057 (0xea99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:18:32 2024 GMT
Not After : Dec 10 01:18:32 2025 GMT
Subject: CN=676caeeb-1c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:16:c1:56:5a:9f:47:6f:26:b6:05:00:44:
5c:87:f2:ad:e5:3d:7d:1e:0b:d0:04:4a:2f:a8:ea:
55:c8:bd:b8:2e:4e:53:1e:e6:df:86:81:d1:49:52:
e8:57:90:16:f1:32:83:9a:bc:b7:75:61:1d:ea:75:
1f:09:d3:8c:5c:90:6e:31:6b:a6:c8:49:49:2b:02:
ca:2c:df:fb:29:09:38:80:11:c5:62:d4:a8:8a:c4:
70:ca:7c:dc:b8:c9:06:74:ba:19:68:ca:3c:4d:c0:
ae:b1:67:32:da:2d:92:62:95:08:89:c6:93:ca:43:
96:e7:ca:b8:10:59:09:ea:5b:5b:34:0b:56:f3:bc:
45:ae:d6:b7:94:9a:e1:ba:9a:03:0f:cd:66:c9:62:
4f:22:20:69:76:d6:24:55:b8:d4:fd:8d:67:ef:9f:
b4:cf:0b:e9:e5:24:11:1c:0f:df:dc:f8:f8:99:1c:
e1:5b:01:d3:89:5f:c3:db:58:65:a0:40:21:e5:d1:
d1:bc:47:27:69:92:77:cb:25:ce:8d:17:26:4e:df:
d3:69:4d:17:3c:2e:69:f2:f1:fd:0b:51:57:35:6c:
5f:2a:74:3d:a8:4e:ee:86:e9:d0:3c:a5:23:d9:5e:
63:95:60:97:f4:b4:da:a7:39:47:47:e4:e2:52:97:
1e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:62:85:C2:D0:96:41:7F:DC:7B:0F:95:2E:1D:DA:73:8A:E2:D8:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/543C7A0AC32711EFA3790987762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.140.0/24
Signature Algorithm: sha256WithRSAEncryption
88:2e:2c:5b:57:cb:62:3f:bc:1d:27:23:38:31:81:55:9b:5d:
a1:23:3b:35:a6:74:51:aa:ea:ba:4e:c6:46:d5:74:7f:00:f1:
11:e3:f7:84:36:1f:9e:8f:e7:6a:6d:6b:49:54:18:32:82:e4:
21:cd:aa:0e:76:49:e9:6d:ec:5a:e1:2b:7f:29:73:43:1b:ed:
c6:8e:8b:4a:fd:e8:9f:f8:fd:05:25:b9:2e:50:10:6e:94:86:
9a:84:8b:72:3a:2b:0a:9a:75:12:19:9c:99:f3:c9:74:8f:e9:
ec:44:5f:19:4e:a4:31:26:9d:58:92:56:95:4b:47:df:db:d4:
33:87:bb:08:b8:a9:90:94:e1:9d:b7:62:77:cc:f0:b1:7c:46:
93:d4:d9:8f:bd:53:d8:b2:25:68:34:9a:58:0c:6e:f0:c8:60:
b7:24:cb:1f:50:30:5f:32:ff:8b:cc:ad:36:f0:50:c0:7a:38:
f8:32:0f:95:b6:87:72:d5:6a:44:e8:8a:7c:14:39:50:ff:ae:
e5:fe:1a:d3:a9:74:c4:0a:14:91:39:5a:4d:56:4c:9a:ed:7c:
62:2f:37:1f:38:03:8d:e3:33:c2:68:a8:86:1b:7c:07:86:1c:
91:b2:87:09:8f:0f:b1:cb:2c:dd:a1:37:9b:81:09:47:83:5b:
23:0e:63:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOqZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDExODMyWhcNMjUxMjEwMDExODMyWjAYMRYw
FAYDVQQDEw02NzZjYWVlYi0xYzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyEgWwVZan0dvJrYFAERch/Kt5T19HgvQBEovqOpVyL24Lk5THubfhoHR
SVLoV5AW8TKDmry3dWEd6nUfCdOMXJBuMWumyElJKwLKLN/7KQk4gBHFYtSoisRw
ynzcuMkGdLoZaMo8TcCusWcy2i2SYpUIicaTykOW58q4EFkJ6ltbNAtW87xFrta3
lJrhupoDD81myWJPIiBpdtYkVbjU/Y1n75+0zwvp5SQRHA/f3Pj4mRzhWwHTiV/D
21hloEAh5dHRvEcnaZJ3yyXOjRcmTt/TaU0XPC5p8vH9C1FXNWxfKnQ9qE7uhunQ
PKUj2V5jlWCX9LTapzlHR+TiUpcemQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOZi
hcLQlkF/3HsPlS4d2nOK4tjlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NDNDN0EwQUMzMjcxMUVGQTM3OTA5ODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPOMMA0GCSqGSIb3DQEBCwUA
A4IBAQCILixbV8tiP7wdJyM4MYFVm12hIzs1pnRRquq6TsZG1XR/APER4/eENh+e
j+dqbWtJVBgyguQhzaoOdknpbexa4St/KXNDG+3GjotK/eif+P0FJbkuUBBulIaa
hItyOisKmnUSGZyZ88l0j+nsRF8ZTqQxJp1YklaVS0ff29Qzh7sIuKmQlOGdt2J3
zPCxfEaT1NmPvVPYsiVoNJpYDG7wyGC3JMsfUDBfMv+LzK028FDAejj4Mg+Vtody
1WpE6Ip8FDlQ/67l/hrTqXTEChSROVpNVkya7XxiLzcfOAON4zPCaKiGG3wHhhyR
socJjw+xyyzdoTebgQlHg1sjDmMb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:48 2025 by rpki-client