Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B13DD30CCC511EF81AC55B5762E951A.roa
File: 5B13DD30CCC511EF81AC55B5762E951A.roa (raw, json)
Hash identifier: /DziKh9OylPoEoHDm/9/oDNGiKpCVX4shtxxOKdtN3w=
Subject key identifier: 9B:4C:9D:82:D8:2D:3F:40:C1:66:67:48:99:31:5E:DB:73:53:BD:94
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA52
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B13DD30CCC511EF81AC55B5762E951A.roa
Signing time: Tue 07 Jan 2025 07:02:28 +0000
ROA not before: Tue 07 Jan 2025 07:02:24 +0000
ROA not after: Sat 13 Dec 2025 07:02:24 +0000
asID: 984
IP address blocks: 156.233.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64082 (0xfa52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 07:02:24 2025 GMT
Not After : Dec 13 07:02:24 2025 GMT
Subject: CN=677cd184-7144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f8:57:4b:48:fb:d9:58:b7:15:52:23:5e:b0:
30:c3:a8:39:81:e9:1c:28:8a:45:18:22:5d:f6:fa:
2e:39:c3:04:cd:e5:0d:6a:15:4c:01:cc:69:4e:8a:
3a:f0:5e:41:69:35:1e:9b:05:70:0b:10:cd:bc:91:
72:31:f3:6e:e8:83:7c:a6:fd:d8:0c:0e:ea:07:58:
d3:2f:51:6a:94:b9:67:50:5b:80:d2:4c:eb:06:40:
2b:d7:39:97:31:fc:67:7e:17:1e:bc:9b:fc:c9:ea:
20:2b:f5:b4:43:81:d2:7e:42:18:09:22:2f:ca:88:
12:c8:c4:02:d5:3b:44:a6:58:5a:ad:c0:ea:b1:d0:
21:e5:7d:04:21:40:28:ad:a2:27:a0:b1:d4:56:f6:
7a:f8:05:61:6c:4a:30:21:07:03:28:51:1d:12:43:
a7:8f:92:49:c9:9d:e8:d1:15:6a:b5:c4:50:99:82:
40:d1:f1:00:2d:81:b9:ac:9c:9d:fc:52:83:09:03:
fd:bb:48:2e:18:05:e9:52:9e:62:9b:39:7b:13:dd:
24:dc:a7:0b:35:1d:0e:7b:ba:57:4b:4c:3d:2c:51:
ea:d2:5e:73:ae:ad:28:55:ee:62:95:2c:5e:49:e4:
e4:0e:f0:c3:93:7d:21:75:7a:44:ac:91:26:7d:fb:
aa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:4C:9D:82:D8:2D:3F:40:C1:66:67:48:99:31:5E:DB:73:53:BD:94
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B13DD30CCC511EF81AC55B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.61.0/24
Signature Algorithm: sha256WithRSAEncryption
11:da:1b:02:73:c0:34:db:59:60:69:46:2e:0a:ca:f7:02:ab:
cb:ce:4c:90:58:ce:d9:ac:a6:65:0a:50:70:01:c5:61:86:3f:
8a:11:95:9b:23:e7:55:65:b2:5e:49:51:af:f6:88:04:d8:52:
6e:46:fb:2d:9c:78:cb:a0:84:35:a3:02:4f:fb:b3:c4:f1:e5:
08:98:3c:f8:9c:a6:21:29:d0:d7:0f:60:95:bb:9c:12:52:7e:
0a:7c:76:b8:1f:d3:0c:57:24:70:af:8d:27:de:75:6c:08:ea:
77:5e:18:95:64:5b:e3:fe:d8:eb:24:3a:94:a9:66:0a:26:86:
80:88:2f:3b:de:d9:7e:54:67:19:9b:1f:78:a3:eb:b8:7d:d1:
f4:ea:2e:d6:95:db:fd:9f:7c:0f:83:ee:7f:98:66:68:23:8e:
10:12:66:7b:56:45:35:47:c8:f7:17:b1:43:89:59:64:3b:1f:
40:1b:35:84:2c:95:57:34:45:2a:02:f2:40:72:cd:3c:38:e0:
cb:49:49:5a:49:ed:e2:de:42:a4:62:d2:40:9b:05:2f:91:7f:
0e:55:e4:5a:05:0f:6b:99:71:05:a2:ee:f7:90:b6:bf:2a:f9:
0a:9a:5e:40:4d:40:38:02:09:d0:d2:02:59:bb:a3:00:51:60:
0c:34:a1:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPpSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDcwMjI0WhcNMjUxMjEzMDcwMjI0WjAYMRYw
FAYDVQQDEw02NzdjZDE4NC03MTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0fhXS0j72Vi3FVIjXrAww6g5gekcKIpFGCJd9vouOcMEzeUNahVMAcxp
Too68F5BaTUemwVwCxDNvJFyMfNu6IN8pv3YDA7qB1jTL1FqlLlnUFuA0kzrBkAr
1zmXMfxnfhcevJv8yeogK/W0Q4HSfkIYCSIvyogSyMQC1TtEplharcDqsdAh5X0E
IUAoraInoLHUVvZ6+AVhbEowIQcDKFEdEkOnj5JJyZ3o0RVqtcRQmYJA0fEALYG5
rJyd/FKDCQP9u0guGAXpUp5imzl7E90k3KcLNR0Oe7pXS0w9LFHq0l5zrq0oVe5i
lSxeSeTkDvDDk30hdXpErJEmffuqbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJtM
nYLYLT9AwWZnSJkxXttzU72UMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QjEzREQzMENDQzUxMUVGODFBQzU1QjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk9MA0GCSqGSIb3DQEBCwUA
A4IBAQAR2hsCc8A021lgaUYuCsr3AqvLzkyQWM7ZrKZlClBwAcVhhj+KEZWbI+dV
ZbJeSVGv9ogE2FJuRvstnHjLoIQ1owJP+7PE8eUImDz4nKYhKdDXD2CVu5wSUn4K
fHa4H9MMVyRwr40n3nVsCOp3XhiVZFvj/tjrJDqUqWYKJoaAiC873tl+VGcZmx94
o+u4fdH06i7Wldv9n3wPg+5/mGZoI44QEmZ7VkU1R8j3F7FDiVlkOx9AGzWELJVX
NEUqAvJAcs08OODLSUlaSe3i3kKkYtJAmwUvkX8OVeRaBQ9rmXEFou73kLa/KvkK
ml5ATUA4AgnQ0gJZu6MAUWAMNKEy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:39 2025 by rpki-client