Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C663A0ACADD11EFB6704D91762E951A.roa
File: 5C663A0ACADD11EFB6704D91762E951A.roa (raw, json)
Hash identifier: 8e2hJsBVYcJr3ipkbKrXQArjAqFxPqXrEIdG9/gfZFI=
Subject key identifier: 38:D3:4F:29:96:23:EE:0F:4B:89:AB:E6:81:32:19:3D:D7:68:2D:9E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7AA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C663A0ACADD11EFB6704D91762E951A.roa
Signing time: Sat 04 Jan 2025 20:49:16 +0000
ROA not before: Sun 05 Jan 2025 20:49:12 +0000
ROA not after: Sat 10 Jan 2026 20:49:12 +0000
asID: 43260
IP address blocks: 156.243.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63402 (0xf7aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:49:12 2025 GMT
Not After : Jan 10 20:49:12 2026 GMT
Subject: CN=67799ecc-cd71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:04:ab:be:22:0a:b7:2e:2e:06:29:92:f5:a5:
c1:c5:f6:97:7a:52:52:fd:43:8f:0f:0d:e8:f7:08:
2f:3e:99:71:20:e4:bb:c4:83:e0:d3:ff:4e:45:7c:
04:68:04:f7:8a:9e:1b:bd:6c:58:0f:80:48:ce:ce:
d2:60:f2:20:16:54:51:16:42:6b:a0:e2:04:2e:87:
98:0a:59:01:48:d8:ad:bb:ac:48:3f:64:80:86:d3:
27:15:5d:32:61:e7:c6:fe:ab:fb:48:52:1c:7d:23:
30:72:87:73:c4:b4:65:de:1c:a1:ab:18:46:15:fc:
07:26:5e:a0:47:32:00:49:9e:f1:dd:2d:91:83:71:
e0:92:19:5e:08:cd:9b:53:a2:1a:a0:64:ad:de:63:
e5:99:a7:eb:ae:44:cd:4f:99:e0:d0:cb:a3:e8:44:
37:f8:b6:8f:79:c2:18:d2:f6:46:07:30:45:3b:67:
33:17:b6:ab:de:cb:27:a9:f6:c3:55:d5:55:9d:46:
97:2d:a6:71:fa:b9:26:90:16:ea:9b:31:b3:1c:6f:
d9:e7:69:3d:e1:16:98:2c:3d:42:f1:a0:8b:ac:fe:
04:19:67:8c:79:c4:f0:e8:55:da:9c:c7:6f:03:ca:
ef:84:4a:a2:21:77:fe:51:ba:0c:5d:50:8e:e4:23:
4d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D3:4F:29:96:23:EE:0F:4B:89:AB:E6:81:32:19:3D:D7:68:2D:9E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C663A0ACADD11EFB6704D91762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.157.0/24
Signature Algorithm: sha256WithRSAEncryption
82:45:33:d6:47:4b:6d:c9:87:46:43:79:03:c4:1a:a1:7e:e3:
58:9b:28:a7:40:52:3d:fb:09:df:14:a1:40:24:a4:7c:69:0d:
4d:86:9c:32:ab:60:2e:9d:6c:09:9c:4f:f2:73:56:da:70:d2:
1e:75:1f:45:bb:ad:df:85:a9:da:f4:dc:6c:14:6f:66:e7:ab:
ea:91:37:e0:4e:27:5e:20:e2:6c:03:31:fd:49:f5:83:5c:2b:
fd:f0:f2:3f:df:05:1b:ce:c7:0f:08:2f:a3:76:ea:36:2d:b1:
88:a8:dc:ca:80:32:e9:6b:ae:b4:8b:e5:c1:4f:8d:a8:ad:13:
1e:77:21:3e:ce:cf:77:a1:1b:e0:4a:d1:53:ba:38:dc:6b:e8:
7d:dc:a7:60:06:c8:62:a0:b5:73:5b:5f:c8:7d:8d:89:c9:9a:
77:05:bd:19:0e:5d:01:67:99:54:0a:eb:bf:f4:1d:86:ad:91:
9c:e7:9a:6e:bf:ab:fc:64:00:37:2a:97:da:20:29:d4:ef:85:
99:92:a5:5f:75:00:5e:4d:d6:ff:2d:19:20:94:d0:9e:cb:88:
fc:b3:20:97:35:2f:87:e9:39:5d:d2:96:1f:e0:0d:aa:91:22:
d4:3c:e2:05:c9:ab:59:ad:d8:8a:6f:9c:c3:bd:13:72:6a:d2:
24:45:14:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjA0OTEyWhcNMjYwMTEwMjA0OTEyWjAYMRYw
FAYDVQQDEw02Nzc5OWVjYy1jZDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQSrviIKty4uBimS9aXBxfaXelJS/UOPDw3o9wgvPplxIOS7xIPg0/9O
RXwEaAT3ip4bvWxYD4BIzs7SYPIgFlRRFkJroOIELoeYClkBSNitu6xIP2SAhtMn
FV0yYefG/qv7SFIcfSMwcodzxLRl3hyhqxhGFfwHJl6gRzIASZ7x3S2Rg3Hgkhle
CM2bU6IaoGSt3mPlmafrrkTNT5ng0Muj6EQ3+LaPecIY0vZGBzBFO2czF7ar3ssn
qfbDVdVVnUaXLaZx+rkmkBbqmzGzHG/Z52k94RaYLD1C8aCLrP4EGWeMecTw6FXa
nMdvA8rvhEqiIXf+UboMXVCO5CNNbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDjT
TymWI+4PS4mr5oEyGT3XaC2eMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QzY2M0EwQUNBREQxMUVGQjY3MDREOTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPOdMA0GCSqGSIb3DQEBCwUA
A4IBAQCCRTPWR0ttyYdGQ3kDxBqhfuNYmyinQFI9+wnfFKFAJKR8aQ1Nhpwyq2Au
nWwJnE/yc1bacNIedR9Fu63fhana9NxsFG9m56vqkTfgTideIOJsAzH9SfWDXCv9
8PI/3wUbzscPCC+jduo2LbGIqNzKgDLpa660i+XBT42orRMedyE+zs93oRvgStFT
ujjca+h93KdgBshioLVzW1/IfY2JyZp3Bb0ZDl0BZ5lUCuu/9B2GrZGc55puv6v8
ZAA3KpfaICnU74WZkqVfdQBeTdb/LRkglNCey4j8syCXNS+H6Tld0pYf4A2qkSLU
POIFyatZrdiKb5zDvRNyatIkRRSC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:45 2025 by rpki-client