Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55CD5808C95D11EFA2E25388762E951A.roa
File: 55CD5808C95D11EFA2E25388762E951A.roa (raw, json)
Hash identifier: RE7Kl0HNc9YSCyvvvTrtMSMGYazoGTmISin7/AMLQAU=
Subject key identifier: F0:A1:B8:2F:5B:8F:E9:F7:ED:EF:37:12:DE:CB:80:14:EA:44:04:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F43C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55CD5808C95D11EFA2E25388762E951A.roa
Signing time: Thu 02 Jan 2025 23:00:18 +0000
ROA not before: Thu 02 Jan 2025 23:00:14 +0000
ROA not after: Sat 13 Dec 2025 23:00:14 +0000
asID: 984
IP address blocks: 156.226.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62524 (0xf43c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 23:00:14 2025 GMT
Not After : Dec 13 23:00:14 2025 GMT
Subject: CN=67771a82-2a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f4:4f:8a:63:66:ef:80:ef:af:c1:1d:8c:e2:
d7:fc:62:7e:c8:ef:90:c1:1b:fe:1d:8b:82:db:76:
b7:28:9d:24:c4:e9:c0:44:3e:04:ab:ac:0f:43:96:
5b:34:55:9d:dd:3c:9d:52:cc:c6:0a:2e:f7:a4:6a:
c1:4e:21:ef:62:a6:cb:59:1f:c4:bd:08:a2:22:f1:
94:78:4a:67:5b:6e:dd:de:65:2a:d5:61:48:81:66:
aa:3a:52:d4:2f:db:de:08:f7:3a:a7:ea:ff:3d:a6:
50:e8:0e:76:2a:4c:cb:b8:f3:97:32:9b:28:cb:c3:
b3:bd:b1:12:6f:47:be:3b:b8:e6:ae:7b:f4:c5:38:
79:cb:a5:04:b4:34:19:72:69:ad:06:3b:a0:9b:bc:
e2:7b:a0:0a:1d:03:42:40:cf:4d:9f:62:e6:60:ec:
94:20:44:b9:75:fe:78:95:76:63:e9:44:fd:52:b4:
85:42:da:4c:5a:5d:dc:d1:77:f3:0a:ca:b2:ca:f7:
68:05:57:f9:a2:ea:75:32:02:8c:50:ff:20:0d:aa:
87:63:4b:b1:bc:d8:38:f7:e4:bb:ed:54:58:00:81:
a5:76:fb:1a:30:5c:70:1e:a7:21:47:34:1f:85:1e:
e5:26:6e:96:e2:b1:9b:f3:4a:7d:8c:c6:97:d1:d9:
3a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A1:B8:2F:5B:8F:E9:F7:ED:EF:37:12:DE:CB:80:14:EA:44:04:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55CD5808C95D11EFA2E25388762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.208.0/24
Signature Algorithm: sha256WithRSAEncryption
42:1c:63:5a:9b:f0:39:26:35:4d:f0:75:59:07:db:2d:e0:7e:
f6:56:97:45:16:54:ba:b2:cf:8a:37:7f:cf:42:6f:ac:8c:33:
03:c2:c4:24:c7:bd:21:44:47:9c:3d:8a:11:2c:da:6c:e2:88:
cf:13:aa:96:5d:f9:f4:10:68:53:43:8e:aa:4b:b9:82:08:d1:
32:64:4a:bd:de:1f:91:61:fc:ea:ff:e7:62:c4:a4:54:bf:d8:
50:e9:3a:e0:ba:ba:7f:e3:07:a6:b0:ca:38:02:c3:71:2f:e9:
69:bb:fa:de:88:a3:53:f2:f5:83:b2:8c:76:56:e3:bc:e3:b4:
96:6f:0a:e3:7e:4c:d3:f4:9c:1c:d8:a5:af:01:44:b6:d4:12:
b4:8b:6c:8b:8b:0e:dd:be:20:47:3e:1c:33:58:d9:ac:ef:1f:
18:da:a1:0c:40:c3:a4:c4:9d:00:88:e2:22:80:33:e2:27:b9:
94:d8:ee:a6:56:37:a3:85:92:28:29:6b:0f:b3:2f:06:1c:c7:
09:fb:2d:dd:42:39:70:c7:d6:2e:6e:b9:c9:43:9c:b9:7b:ae:
a2:6a:08:4c:17:1a:79:e4:c2:f8:54:d3:40:a9:af:76:c8:24:
56:dd:52:f5:c9:2b:b3:5a:7c:94:5a:66:72:49:2d:db:30:a8:
40:6e:fc:75
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPQ8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjMwMDE0WhcNMjUxMjEzMjMwMDE0WjAYMRYw
FAYDVQQDEw02Nzc3MWE4Mi0yYTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuPRPimNm74Dvr8EdjOLX/GJ+yO+QwRv+HYuC23a3KJ0kxOnARD4Eq6wP
Q5ZbNFWd3TydUszGCi73pGrBTiHvYqbLWR/EvQiiIvGUeEpnW27d3mUq1WFIgWaq
OlLUL9veCPc6p+r/PaZQ6A52KkzLuPOXMpsoy8OzvbESb0e+O7jmrnv0xTh5y6UE
tDQZcmmtBjugm7zie6AKHQNCQM9Nn2LmYOyUIES5df54lXZj6UT9UrSFQtpMWl3c
0XfzCsqyyvdoBVf5oup1MgKMUP8gDaqHY0uxvNg49+S77VRYAIGldvsaMFxwHqch
RzQfhR7lJm6W4rGb80p9jMaX0dk6UwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPCh
uC9bj+n37e83Et7LgBTqRAR3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NUNENTgwOEM5NUQxMUVGQTJFMjUzODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLQMA0GCSqGSIb3DQEBCwUA
A4IBAQBCHGNam/A5JjVN8HVZB9st4H72VpdFFlS6ss+KN3/PQm+sjDMDwsQkx70h
REecPYoRLNps4ojPE6qWXfn0EGhTQ46qS7mCCNEyZEq93h+RYfzq/+dixKRUv9hQ
6Trgurp/4wemsMo4AsNxL+lpu/reiKNT8vWDsox2VuO847SWbwrjfkzT9Jwc2KWv
AUS21BK0i2yLiw7dviBHPhwzWNms7x8Y2qEMQMOkxJ0AiOIigDPiJ7mU2O6mVjej
hZIoKWsPsy8GHMcJ+y3dQjlwx9YubrnJQ5y5e66iaghMFxp55ML4VNNAqa92yCRW
3VL1ySuzWnyUWmZySS3bMKhAbvx1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:07 2025 by rpki-client