Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/54ACE644CCB111EFB8EA8BB8762E951A.roa
File: 54ACE644CCB111EFB8EA8BB8762E951A.roa (raw, json)
Hash identifier: FiiO3dAqp6a3A9ID/ZqxXdCfowMOLdpLeVEp+uF6EFY=
Subject key identifier: FF:56:96:6D:9A:D9:B5:AF:72:31:53:9D:79:7F:11:8A:54:91:C8:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9FC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/54ACE644CCB111EFB8EA8BB8762E951A.roa
Signing time: Tue 07 Jan 2025 04:39:07 +0000
ROA not before: Tue 07 Jan 2025 04:39:04 +0000
ROA not after: Sat 13 Dec 2025 04:39:04 +0000
asID: 984
IP address blocks: 156.233.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63996 (0xf9fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:39:04 2025 GMT
Not After : Dec 13 04:39:04 2025 GMT
Subject: CN=677cafeb-cd51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:01:c7:8a:80:3d:bc:32:0d:fe:74:bc:a8:d5:
1f:57:69:be:3b:4f:96:61:7f:eb:18:d0:e3:76:82:
50:1b:9d:5f:92:93:f5:ea:ab:18:f9:97:e2:74:8a:
0f:fc:f1:ad:c6:f0:2a:f4:1d:0f:b4:44:14:95:7d:
51:ee:84:69:e0:1f:f6:42:72:1d:16:40:48:08:32:
da:c4:01:93:3d:89:c1:cf:0e:44:ab:56:01:92:60:
92:84:fe:4c:5c:25:16:5e:00:ca:c1:48:03:4a:93:
4b:b0:7e:3b:ab:fc:97:25:c7:c2:d3:4c:bd:46:0a:
72:bd:b9:c8:02:50:2b:06:d5:2f:f8:5b:fe:56:53:
5b:1b:9c:48:5e:0f:da:67:0f:0b:33:ee:59:92:f9:
17:90:a3:0b:f9:82:c3:5f:93:a7:6a:30:5e:9b:47:
3c:21:e6:20:72:25:a5:c7:ba:24:cf:65:13:ad:a2:
1c:d2:cc:3c:a7:af:8e:c2:5c:e9:fc:65:a2:34:60:
b6:fc:31:e8:4a:1f:6f:35:c4:ab:14:71:b4:f2:31:
46:18:08:64:08:4d:60:3e:5a:e3:4c:31:6a:b4:e8:
b6:1d:e4:bd:9a:5b:bb:4a:7f:31:75:f3:fc:00:c3:
39:a8:ea:d8:dd:b7:e4:7d:9b:26:78:d9:74:ca:56:
ca:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:56:96:6D:9A:D9:B5:AF:72:31:53:9D:79:7F:11:8A:54:91:C8:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/54ACE644CCB111EFB8EA8BB8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.8.0/24
Signature Algorithm: sha256WithRSAEncryption
38:5f:6f:f6:94:43:ae:30:e6:95:04:2d:8a:da:b7:53:44:24:
03:40:12:1b:bd:98:85:77:0d:e6:cb:bd:35:7c:a8:61:6b:09:
04:43:45:9f:18:7b:18:67:71:ee:16:00:d7:93:82:a4:4f:4d:
bf:93:0d:f2:55:6c:47:60:19:a9:4e:8d:41:b8:f8:75:bf:31:
00:74:1c:36:a0:21:9b:ed:a4:79:ac:54:cc:fc:e5:42:49:6d:
08:53:ab:b1:d4:f3:37:84:34:9f:c0:60:70:2c:4a:93:74:d9:
8c:09:2b:72:ab:1e:f8:33:18:12:fc:63:13:62:91:1c:6c:98:
40:8d:67:f3:86:8d:48:4e:2e:19:29:4d:f2:62:39:fe:cd:1a:
1b:6f:f3:29:b6:03:1a:87:10:37:86:1b:a3:f0:72:4d:c5:c9:
31:85:43:a9:14:8e:31:ae:5e:37:ec:81:46:94:58:07:8d:48:
c2:9e:c7:13:ff:f7:9b:8e:b0:ea:60:0d:27:f7:f9:93:f8:30:
4f:8e:e6:3e:fb:e9:22:0b:30:67:63:84:44:97:f6:e8:d6:ea:
46:de:b3:6f:af:32:96:23:ca:27:2a:ec:fc:39:44:96:4f:3c:
ad:36:cb:2f:7d:52:86:2d:8a:a8:59:89:a8:49:1e:98:45:d0:
8d:5f:1c:8e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPn8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQzOTA0WhcNMjUxMjEzMDQzOTA0WjAYMRYw
FAYDVQQDEw02NzdjYWZlYi1jZDUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxgHHioA9vDIN/nS8qNUfV2m+O0+WYX/rGNDjdoJQG51fkpP16qsY+Zfi
dIoP/PGtxvAq9B0PtEQUlX1R7oRp4B/2QnIdFkBICDLaxAGTPYnBzw5Eq1YBkmCS
hP5MXCUWXgDKwUgDSpNLsH47q/yXJcfC00y9RgpyvbnIAlArBtUv+Fv+VlNbG5xI
Xg/aZw8LM+5ZkvkXkKML+YLDX5OnajBem0c8IeYgciWlx7okz2UTraIc0sw8p6+O
wlzp/GWiNGC2/DHoSh9vNcSrFHG08jFGGAhkCE1gPlrjTDFqtOi2HeS9mlu7Sn8x
dfP8AMM5qOrY3bfkfZsmeNl0ylbKIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP9W
lm2a2bWvcjFTnXl/EYpUkcjlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NEFDRTY0NENDQjExMUVGQjhFQThCQjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkIMA0GCSqGSIb3DQEBCwUA
A4IBAQA4X2/2lEOuMOaVBC2K2rdTRCQDQBIbvZiFdw3my701fKhhawkEQ0WfGHsY
Z3HuFgDXk4KkT02/kw3yVWxHYBmpTo1BuPh1vzEAdBw2oCGb7aR5rFTM/OVCSW0I
U6ux1PM3hDSfwGBwLEqTdNmMCStyqx74MxgS/GMTYpEcbJhAjWfzho1ITi4ZKU3y
Yjn+zRobb/MptgMahxA3hhuj8HJNxckxhUOpFI4xrl437IFGlFgHjUjCnscT//eb
jrDqYA0n9/mT+DBPjuY+++kiCzBnY4REl/bo1upG3rNvrzKWI8onKuz8OUSWTzyt
NssvfVKGLYqoWYmoSR6YRdCNXxyO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:08 2025 by rpki-client