Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61DC1E98CCFC11EF8E984692762E951A.roa
File: 61DC1E98CCFC11EF8E984692762E951A.roa (raw, json)
Hash identifier: T0Ghsjixfmp1PkB4yjhcUjzerZEnNohoC3sUKuqmaic=
Subject key identifier: 3C:55:BB:C4:2A:0C:F4:CF:27:43:0B:12:9D:9E:86:4B:89:17:72:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC4B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61DC1E98CCFC11EF8E984692762E951A.roa
Signing time: Tue 07 Jan 2025 13:36:22 +0000
ROA not before: Tue 07 Jan 2025 13:36:18 +0000
ROA not after: Sat 13 Dec 2025 13:36:18 +0000
asID: 984
IP address blocks: 156.238.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64587 (0xfc4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 13:36:18 2025 GMT
Not After : Dec 13 13:36:18 2025 GMT
Subject: CN=677d2dd6-e06a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0b:c3:58:3d:e4:4b:ae:a9:e8:72:af:48:cc:
5f:35:4f:61:ae:b3:90:da:68:f9:a3:b4:f5:da:6f:
97:c8:56:c9:68:06:20:e8:5b:15:ce:f5:83:66:40:
4f:6b:05:52:0f:f0:c8:2c:4c:fd:01:c9:18:b1:55:
69:d3:ea:ca:fa:32:2c:30:3c:6b:11:ec:9a:d5:a3:
34:98:ef:cc:cd:0d:b6:22:1c:db:f2:3b:c2:36:87:
69:4a:80:44:f1:e0:e8:4a:64:cc:ef:28:8b:18:bb:
13:84:3a:0f:01:12:84:6b:cc:84:8e:28:3b:35:55:
5d:95:82:0b:b1:06:04:f5:73:e2:63:35:c9:b2:98:
8e:be:5d:53:ca:51:19:7e:6b:9d:ce:f6:78:c1:ab:
f2:9f:a6:b5:99:ca:e7:ef:9e:bb:b5:8c:90:b8:25:
06:b1:29:5a:42:d3:36:39:0f:d4:42:05:b6:d5:b6:
88:9d:8f:f9:b6:10:fc:19:f7:c5:2d:57:d7:f2:e0:
e3:e4:2c:d3:67:41:f5:50:71:e6:34:07:a9:17:12:
d9:04:a9:c9:6e:34:f1:4b:9b:58:e1:1c:b6:e2:14:
17:4b:de:0d:c5:3f:5a:c2:f2:21:31:c5:50:32:11:
53:8a:b4:ba:d3:40:be:ef:e9:03:56:9b:aa:8d:72:
19:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:55:BB:C4:2A:0C:F4:CF:27:43:0B:12:9D:9E:86:4B:89:17:72:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61DC1E98CCFC11EF8E984692762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.90.0/24
Signature Algorithm: sha256WithRSAEncryption
59:c0:38:5b:4d:97:87:ee:95:3a:cd:a7:20:20:db:e8:7a:5d:
b8:88:c2:78:ac:4d:a3:69:a8:0c:34:06:0c:c0:52:24:3d:41:
79:2c:c0:69:da:b9:df:06:08:df:fa:c6:ea:e2:73:52:ad:2b:
b2:f4:65:ad:57:96:26:ce:a6:be:ca:59:df:eb:3f:89:b3:e1:
7d:20:a6:d9:63:06:81:d2:05:54:79:fd:43:c0:41:fc:d4:54:
e4:62:fe:6b:40:cd:29:c3:d3:de:3c:d0:c5:a0:2a:89:2f:25:
78:f4:ed:72:c2:cf:d8:9a:ad:ca:31:85:52:b2:7a:6c:c2:c2:
16:27:82:97:81:54:d6:93:ba:ec:c1:6f:c2:72:03:cb:16:10:
dd:6a:d2:26:43:4b:86:a3:18:35:cd:6f:ea:9f:8e:f0:bb:e0:
63:0a:e7:08:e1:ce:44:80:ca:53:b3:40:2e:89:2c:69:2c:dd:
37:2d:78:b4:8c:ee:db:df:51:65:17:02:48:d1:6a:0e:b3:4f:
ba:59:27:39:fe:51:34:b7:dc:ae:ec:22:bd:12:7d:f3:ac:bb:
7c:ae:7e:67:6d:f7:43:18:a7:65:1e:02:78:5b:27:cc:89:ce:
f6:c6:52:5b:4f:57:b8:1e:ae:f5:2a:1e:25:a7:96:23:72:13:
6a:fc:53:df
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPxLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTMzNjE4WhcNMjUxMjEzMTMzNjE4WjAYMRYw
FAYDVQQDEw02NzdkMmRkNi1lMDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5QvDWD3kS66p6HKvSMxfNU9hrrOQ2mj5o7T12m+XyFbJaAYg6FsVzvWD
ZkBPawVSD/DILEz9AckYsVVp0+rK+jIsMDxrEeya1aM0mO/MzQ22Ihzb8jvCNodp
SoBE8eDoSmTM7yiLGLsThDoPARKEa8yEjig7NVVdlYILsQYE9XPiYzXJspiOvl1T
ylEZfmudzvZ4wavyn6a1mcrn7567tYyQuCUGsSlaQtM2OQ/UQgW21baInY/5thD8
GffFLVfX8uDj5CzTZ0H1UHHmNAepFxLZBKnJbjTxS5tY4Ry24hQXS94NxT9awvIh
McVQMhFTirS600C+7+kDVpuqjXIZBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDxV
u8QqDPTPJ0MLEp2ehkuJF3IcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MURDMUU5OENDRkMxMUVGOEU5ODQ2OTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5aMA0GCSqGSIb3DQEBCwUA
A4IBAQBZwDhbTZeH7pU6zacgINvoel24iMJ4rE2jaagMNAYMwFIkPUF5LMBp2rnf
Bgjf+sbq4nNSrSuy9GWtV5Ymzqa+ylnf6z+Js+F9IKbZYwaB0gVUef1DwEH81FTk
Yv5rQM0pw9PePNDFoCqJLyV49O1yws/Ymq3KMYVSsnpswsIWJ4KXgVTWk7rswW/C
cgPLFhDdatImQ0uGoxg1zW/qn47wu+BjCucI4c5EgMpTs0AuiSxpLN03LXi0jO7b
31FlFwJI0WoOs0+6WSc5/lE0t9yu7CK9En3zrLt8rn5nbfdDGKdlHgJ4WyfMic72
xlJbT1e4Hq71Kh4lp5YjchNq/FPf
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:25 2025 by rpki-client