Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/544A4994C9B911EF849BC063762E951A.roa
File: 544A4994C9B911EF849BC063762E951A.roa (raw, json)
Hash identifier: za+92oAL8p/D4HxjDy3Mcxf6tdX+jU+0hGzvd8bodLA=
Subject key identifier: B2:C4:4D:01:C8:F2:3D:3A:DC:27:2E:11:26:DA:1A:E3:9E:72:1A:5E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6DF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/544A4994C9B911EF849BC063762E951A.roa
Signing time: Fri 03 Jan 2025 09:58:49 +0000
ROA not before: Fri 03 Jan 2025 09:58:45 +0000
ROA not after: Mon 07 Apr 2025 09:58:45 +0000
asID: 17561
IP address blocks: 156.248.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63199 (0xf6df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 09:58:45 2025 GMT
Not After : Apr 7 09:58:45 2025 GMT
Subject: CN=6777b4d9-7e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:61:40:2f:3e:74:fa:b0:48:a2:9b:6f:65:25:
95:e9:fe:94:78:00:11:5e:c2:30:e1:a4:63:35:ba:
2c:2f:8f:58:a1:87:19:45:68:62:ef:51:04:aa:8b:
f0:61:54:a8:cb:12:fb:a1:77:3b:0e:0d:22:04:8c:
10:bd:d7:8b:99:14:d7:7f:7a:c4:05:8c:74:5c:ec:
36:27:ce:50:f6:b6:d5:c2:77:c5:44:06:11:7f:8b:
99:02:48:b8:7b:c2:b6:05:15:75:90:a3:19:98:61:
d1:7d:55:f7:00:68:53:88:92:73:ea:88:29:ea:46:
9b:97:68:22:bb:f2:72:b2:0b:6c:eb:08:1a:00:f3:
e6:6f:cf:51:44:fc:d8:0f:08:09:53:75:bf:7e:ea:
62:3b:38:91:7c:c8:04:d8:09:85:e7:95:54:27:4d:
c1:63:c4:78:20:0a:6e:db:f4:a3:a1:fa:13:d2:f1:
6d:ce:ac:e7:1d:5a:39:c1:17:25:59:7b:55:d4:70:
de:73:a2:61:20:12:ed:62:fb:78:01:9e:06:e7:48:
08:74:15:8e:da:f0:90:1a:0c:8e:a0:47:3a:0a:1b:
9d:c6:11:b6:90:90:eb:02:c1:c0:e8:82:43:b4:25:
fd:1f:54:2b:59:3f:65:6d:39:ac:27:61:5b:77:04:
22:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C4:4D:01:C8:F2:3D:3A:DC:27:2E:11:26:DA:1A:E3:9E:72:1A:5E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/544A4994C9B911EF849BC063762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.8.0/21
Signature Algorithm: sha256WithRSAEncryption
7f:a6:07:40:fc:c3:ce:29:17:53:6d:4f:61:2a:91:93:9a:95:
ae:1b:37:9f:d8:e5:2c:10:e6:e4:e3:fa:2b:f5:b0:f1:96:61:
e5:a6:55:ef:31:df:81:50:de:1c:9e:4a:2c:cb:15:a4:48:90:
91:b6:8b:49:04:28:35:27:97:6c:a4:4b:6b:74:ed:ef:aa:03:
f2:bb:1e:fc:78:9b:c8:2b:ea:55:d1:02:ba:7d:5b:fa:01:5b:
2e:63:ad:48:8f:bf:57:79:89:a0:2b:59:68:de:4e:6d:e4:01:
43:69:62:ea:69:4d:46:ba:bb:56:1a:be:f0:d6:bc:e2:ab:a4:
a4:46:99:e5:78:eb:7b:d7:3f:1c:d9:45:c6:7d:a2:8b:de:08:
14:13:98:bd:12:42:1b:cd:19:87:f9:8b:f6:da:ae:e3:cc:e2:
77:7f:e2:e9:83:1c:44:19:70:c6:18:26:f9:6c:5d:fb:0d:02:
a2:a6:69:c6:c3:4f:d4:39:62:3d:58:3d:02:11:d3:f8:fe:1a:
02:70:50:da:3d:71:e0:90:52:51:59:75:36:57:0a:b8:7c:da:
e1:79:eb:47:63:45:2f:25:e9:f0:fb:8d:71:20:9c:88:b6:ff:
ab:a8:fa:57:d1:ad:2a:98:29:af:50:50:1c:31:57:0a:0e:af:
99:94:e3:86
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPbfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDk1ODQ1WhcNMjUwNDA3MDk1ODQ1WjAYMRYw
FAYDVQQDEw02Nzc3YjRkOS03ZTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGFALz50+rBIoptvZSWV6f6UeAARXsIw4aRjNbosL49YoYcZRWhi71EE
qovwYVSoyxL7oXc7Dg0iBIwQvdeLmRTXf3rEBYx0XOw2J85Q9rbVwnfFRAYRf4uZ
Aki4e8K2BRV1kKMZmGHRfVX3AGhTiJJz6ogp6kabl2giu/Jysgts6wgaAPPmb89R
RPzYDwgJU3W/fupiOziRfMgE2AmF55VUJ03BY8R4IApu2/SjofoT0vFtzqznHVo5
wRclWXtV1HDec6JhIBLtYvt4AZ4G50gIdBWO2vCQGgyOoEc6ChudxhG2kJDrAsHA
6IJDtCX9H1QrWT9lbTmsJ2FbdwQi5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLLE
TQHI8j063CcuESbaGuOechpeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NDRBNDk5NEM5QjkxMUVGODQ5QkMwNjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPgIMA0GCSqGSIb3DQEBCwUA
A4IBAQB/pgdA/MPOKRdTbU9hKpGTmpWuGzef2OUsEObk4/or9bDxlmHlplXvMd+B
UN4cnkosyxWkSJCRtotJBCg1J5dspEtrdO3vqgPyux78eJvIK+pV0QK6fVv6AVsu
Y61Ij79XeYmgK1lo3k5t5AFDaWLqaU1GurtWGr7w1rziq6SkRpnleOt71z8c2UXG
faKL3ggUE5i9EkIbzRmH+Yv22q7jzOJ3f+LpgxxEGXDGGCb5bF37DQKipmnGw0/U
OWI9WD0CEdP4/hoCcFDaPXHgkFJRWXU2Vwq4fNrheetHY0UvJenw+41xIJyItv+r
qPpX0a0qmCmvUFAcMVcKDq+ZlOOG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:56 2025 by rpki-client