Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B279D50CE3E11EFA66836A7762E951A.roa
File: 5B279D50CE3E11EFA66836A7762E951A.roa (raw, json)
Hash identifier: C51/mBje5lXe+Weh30aRR1Kkp+ilOWTYsEtl3vnmMi4=
Subject key identifier: 08:17:7C:6A:90:75:7A:B6:55:A9:93:42:CA:13:F1:65:5D:F0:E5:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01025D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B279D50CE3E11EFA66836A7762E951A.roa
Signing time: Thu 09 Jan 2025 04:01:08 +0000
ROA not before: Thu 09 Jan 2025 04:01:05 +0000
ROA not after: Fri 09 Jan 2026 04:01:05 +0000
asID: 17561
IP address blocks: 156.245.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66141 (0x1025d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 04:01:05 2025 GMT
Not After : Jan 9 04:01:05 2026 GMT
Subject: CN=677f4a04-88b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:b1:b5:68:d5:e6:a2:01:be:2b:f1:9b:9d:0d:
22:f0:42:dd:1f:0d:67:f7:03:18:79:06:f6:98:72:
75:88:dc:89:fd:66:5e:bd:c2:81:5d:4b:eb:be:72:
88:35:8a:17:aa:c7:91:9f:4f:5a:30:c5:2a:1f:48:
23:6a:1c:3c:39:fa:ef:a7:63:7a:fa:bd:55:92:4f:
40:c0:6c:1e:0a:52:1e:1e:fc:3d:66:f3:99:e6:58:
18:9c:18:6d:50:f6:00:f9:4a:3c:af:b2:58:d0:0c:
e6:4c:52:8a:26:29:e9:50:56:97:57:af:82:b0:0f:
7b:25:4e:fd:86:dc:8a:fd:f4:79:bd:94:98:9b:5b:
55:02:6b:8a:39:99:93:64:90:f8:78:c0:2a:ea:df:
51:ac:06:26:08:83:9e:b3:8b:e7:8f:f9:a2:a3:67:
9a:0d:7f:27:ac:18:e7:43:b7:a2:cc:1c:1f:d6:51:
eb:79:2b:32:82:c9:bf:cb:f6:8a:cb:6a:81:98:26:
7f:59:6b:0a:ac:a0:a3:15:31:aa:e5:e5:73:55:c1:
04:e4:12:02:be:ce:8c:90:ae:06:13:4f:6a:ce:77:
67:24:e7:b8:88:f6:2a:42:59:de:61:f0:f8:03:d4:
3d:2f:fb:3c:60:35:63:23:07:de:3c:a6:de:c5:fa:
ce:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:17:7C:6A:90:75:7A:B6:55:A9:93:42:CA:13:F1:65:5D:F0:E5:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B279D50CE3E11EFA66836A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.98.0/24
Signature Algorithm: sha256WithRSAEncryption
34:3f:7d:b2:62:9a:7a:88:e1:9b:73:e8:a2:4e:2c:32:7c:ba:
8c:64:52:c7:45:e7:b2:a4:85:cc:b5:2b:30:9b:d9:76:84:88:
0c:e3:0d:30:73:07:1b:cc:0d:6b:9a:7e:ca:61:35:4e:25:ac:
d7:7b:62:b4:ae:28:83:f4:38:4c:40:46:bb:fb:ba:dc:32:96:
a2:e6:0a:4a:51:df:a4:a6:45:3a:49:e6:c6:aa:e3:04:59:1c:
3e:92:aa:0a:65:4d:69:3d:54:a8:ab:dd:15:31:bb:5d:50:4b:
2f:b2:ca:c9:82:59:6e:c0:28:a7:af:8b:08:42:59:03:44:ff:
76:92:20:86:db:94:b4:74:50:30:e3:c8:4a:31:99:49:d7:3f:
be:fe:fc:59:f4:bb:cd:76:87:43:ca:42:b0:6e:9f:da:96:fc:
f3:29:84:d3:db:f6:fc:36:23:35:6e:8e:f9:be:41:ed:61:69:
ef:6d:3f:0b:7b:6f:5b:9e:a6:ec:6d:f3:e7:fb:8a:97:98:0f:
07:c8:cc:4b:e7:91:6b:8b:be:6e:e7:ba:65:d2:03:c8:53:73:
42:77:b5:ba:eb:7e:86:38:cb:6a:1c:d6:86:72:33:d1:ec:71:
df:f8:db:b8:93:73:83:ab:ee:03:62:b9:46:d8:54:40:9f:d6:
81:a1:b2:33
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQJdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDQwMTA1WhcNMjYwMTA5MDQwMTA1WjAYMRYw
FAYDVQQDEw02NzdmNGEwNC04OGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/bG1aNXmogG+K/GbnQ0i8ELdHw1n9wMYeQb2mHJ1iNyJ/WZevcKBXUvr
vnKINYoXqseRn09aMMUqH0gjahw8Ofrvp2N6+r1Vkk9AwGweClIeHvw9ZvOZ5lgY
nBhtUPYA+Uo8r7JY0AzmTFKKJinpUFaXV6+CsA97JU79htyK/fR5vZSYm1tVAmuK
OZmTZJD4eMAq6t9RrAYmCIOes4vnj/mio2eaDX8nrBjnQ7eizBwf1lHreSsygsm/
y/aKy2qBmCZ/WWsKrKCjFTGq5eVzVcEE5BICvs6MkK4GE09qzndnJOe4iPYqQlne
YfD4A9Q9L/s8YDVjIwfePKbexfrOXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAgX
fGqQdXq2VamTQsoT8WVd8OXAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QjI3OUQ1MENFM0UxMUVGQTY2ODM2QTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPViMA0GCSqGSIb3DQEBCwUA
A4IBAQA0P32yYpp6iOGbc+iiTiwyfLqMZFLHReeypIXMtSswm9l2hIgM4w0wcwcb
zA1rmn7KYTVOJazXe2K0riiD9DhMQEa7+7rcMpai5gpKUd+kpkU6SebGquMEWRw+
kqoKZU1pPVSoq90VMbtdUEsvssrJglluwCinr4sIQlkDRP92kiCG25S0dFAw48hK
MZlJ1z++/vxZ9LvNdodDykKwbp/alvzzKYTT2/b8NiM1bo75vkHtYWnvbT8Le29b
nqbsbfPn+4qXmA8HyMxL55Fri75u57pl0gPIU3NCd7W6636GOMtqHNaGcjPR7HHf
+Nu4k3ODq+4DYrlG2FRAn9aBobIz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:04 2025 by rpki-client