Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F92F0D6CE4511EF9281F653762E951A.roa
File: 5F92F0D6CE4511EF9281F653762E951A.roa (raw, json)
Hash identifier: GHKlrXwKM/dmgDKDEMMz1Zu8+i9qLOlmXGXENBRGcKc=
Subject key identifier: DE:56:BA:44:A9:D2:84:E8:8F:57:E6:20:48:F5:A8:13:8A:4E:79:25
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010291
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F92F0D6CE4511EF9281F653762E951A.roa
Signing time: Thu 09 Jan 2025 04:51:22 +0000
ROA not before: Thu 09 Jan 2025 04:51:19 +0000
ROA not after: Fri 09 Jan 2026 04:51:19 +0000
asID: 17561
IP address blocks: 156.245.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66193 (0x10291)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 04:51:19 2025 GMT
Not After : Jan 9 04:51:19 2026 GMT
Subject: CN=677f55ca-69df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:43:e8:be:42:dc:a9:93:19:17:97:1d:b2:64:
19:d1:5c:be:c0:f9:cf:ae:71:dc:41:f1:94:e2:4f:
b1:64:69:cf:c9:0c:70:4c:c6:4d:4c:b4:5e:b6:ff:
76:c0:8b:11:7c:b3:a6:2c:38:b2:3b:17:1c:8a:18:
72:47:a0:3f:d3:f9:7a:2c:cc:85:3c:eb:e7:96:a5:
e9:af:84:e0:cd:8a:10:05:6e:8b:28:cc:c9:8e:06:
57:5c:e7:91:c2:fe:7c:9b:a2:91:fc:9a:08:a9:c9:
72:d7:df:38:78:f5:8b:95:e1:dc:1f:6c:a5:55:7b:
20:e1:39:ce:18:e1:ae:87:11:8f:ff:02:73:57:2e:
41:1e:4c:3f:62:ef:b5:3d:8b:c7:e6:35:4a:2c:b4:
0b:cf:cf:e2:c4:a2:72:1b:70:73:2d:98:e7:3a:82:
d0:37:28:a9:67:7d:f7:d5:b6:2b:12:41:63:22:cc:
1f:02:92:ed:a5:6b:c6:03:d9:8b:fd:a4:63:06:55:
86:10:29:73:93:cb:01:cb:e3:65:15:97:ed:2f:18:
64:1c:bb:57:85:f2:5e:aa:0c:8b:10:ae:dd:b1:fd:
6f:18:b7:f0:b2:8f:12:67:ea:0a:eb:a7:bc:5b:f1:
45:86:00:30:52:39:a1:f6:30:0d:33:4b:5a:a8:06:
cd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:56:BA:44:A9:D2:84:E8:8F:57:E6:20:48:F5:A8:13:8A:4E:79:25
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F92F0D6CE4511EF9281F653762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.124.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f2:69:64:ac:c9:2a:25:ae:cd:47:56:eb:70:dd:2f:c2:2c:
02:a9:58:90:5c:22:44:0c:38:66:8b:e7:25:5f:a7:f1:0b:2b:
f5:b4:41:24:06:be:b8:21:ca:7c:4e:b5:31:6b:7d:9e:4b:87:
61:dc:6d:cb:56:b8:d7:82:a0:99:e0:5a:44:29:a6:e7:83:de:
e8:d9:17:6d:49:71:97:74:99:83:55:e6:8e:bf:fb:73:dd:ce:
e1:fd:c7:73:07:ff:f8:0f:bf:be:f7:72:da:ab:0b:2b:99:e6:
dc:98:16:9f:8b:42:fc:8c:ff:18:7b:f4:41:96:57:9f:1b:3b:
b8:03:04:6e:10:be:f3:99:9f:64:82:7c:3c:e9:3f:e3:bc:33:
94:95:d3:ec:90:9e:40:76:41:b3:6b:62:82:23:db:c5:91:57:
03:99:6f:64:0c:0d:15:4b:71:75:94:0e:c7:e9:ac:6b:f7:e0:
67:76:fc:8c:fa:7b:e0:a6:a2:66:d5:4b:8c:7f:a6:8e:de:34:
5a:d0:2e:24:d3:4f:13:18:95:2f:3a:59:53:6a:60:8a:7c:53:
ef:33:d0:6c:b9:69:41:7e:1f:a1:89:5f:56:61:9e:2f:76:42:
61:cc:f6:2e:bd:ff:0b:6d:08:bd:61:e2:b2:16:35:30:58:da:
40:65:4b:5d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQKRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDQ1MTE5WhcNMjYwMTA5MDQ1MTE5WjAYMRYw
FAYDVQQDEw02NzdmNTVjYS02OWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/EPovkLcqZMZF5cdsmQZ0Vy+wPnPrnHcQfGU4k+xZGnPyQxwTMZNTLRe
tv92wIsRfLOmLDiyOxccihhyR6A/0/l6LMyFPOvnlqXpr4TgzYoQBW6LKMzJjgZX
XOeRwv58m6KR/JoIqcly1984ePWLleHcH2ylVXsg4TnOGOGuhxGP/wJzVy5BHkw/
Yu+1PYvH5jVKLLQLz8/ixKJyG3BzLZjnOoLQNyipZ3331bYrEkFjIswfApLtpWvG
A9mL/aRjBlWGEClzk8sBy+NlFZftLxhkHLtXhfJeqgyLEK7dsf1vGLfwso8SZ+oK
66e8W/FFhgAwUjmh9jANM0taqAbNVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN5W
ukSp0oToj1fmIEj1qBOKTnklMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjkyRjBENkNFNDUxMUVGOTI4MUY2NTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPV8MA0GCSqGSIb3DQEBCwUA
A4IBAQAn8mlkrMkqJa7NR1brcN0vwiwCqViQXCJEDDhmi+clX6fxCyv1tEEkBr64
Icp8TrUxa32eS4dh3G3LVrjXgqCZ4FpEKabng97o2RdtSXGXdJmDVeaOv/tz3c7h
/cdzB//4D7++93LaqwsrmebcmBafi0L8jP8Ye/RBllefGzu4AwRuEL7zmZ9kgnw8
6T/jvDOUldPskJ5AdkGza2KCI9vFkVcDmW9kDA0VS3F1lA7H6axr9+BndvyM+nvg
pqJm1UuMf6aO3jRa0C4k008TGJUvOllTamCKfFPvM9BsuWlBfh+hiV9WYZ4vdkJh
zPYuvf8LbQi9YeKyFjUwWNpAZUtd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:18 2025 by rpki-client