Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/645AE970CD4111EF8467F245762E951A.roa
File: 645AE970CD4111EF8467F245762E951A.roa (raw, json)
Hash identifier: SPppKyiUiDdtyFd7pqFDgRqPxcaRG1TnQjCT8QKw2E8=
Subject key identifier: 73:CC:6F:A3:DE:34:E1:3E:E0:E9:81:A5:DB:33:FE:7B:8E:E6:66:82
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE73
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/645AE970CD4111EF8467F245762E951A.roa
Signing time: Tue 07 Jan 2025 21:50:21 +0000
ROA not before: Tue 07 Jan 2025 21:50:18 +0000
ROA not after: Mon 13 Dec 2027 21:50:18 +0000
asID: 17561
IP address blocks: 156.243.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65139 (0xfe73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:50:18 2025 GMT
Not After : Dec 13 21:50:18 2027 GMT
Subject: CN=677da19d-cc43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:10:ad:b6:2b:b4:f7:38:e8:da:97:de:99:36:
91:b6:76:bb:e9:20:c7:18:84:11:5d:1c:b1:3f:7a:
f6:46:60:66:73:b0:e8:fb:a0:a1:d7:76:9e:b5:df:
c9:da:05:1b:cc:ad:45:db:77:91:f9:90:bc:1e:97:
b3:9b:eb:7b:5c:ff:46:cb:65:da:cc:04:c2:71:e6:
c8:da:07:fc:50:b4:e4:3c:78:06:f9:45:92:f2:43:
46:c3:40:65:bf:61:38:69:de:18:a4:c1:94:69:d9:
42:bb:06:e7:49:af:dd:a8:61:e9:c9:5e:67:cc:f5:
ea:0c:df:45:81:de:4c:da:b9:a3:1b:13:29:d2:e5:
ac:b5:f7:f4:89:40:51:e5:40:36:d8:94:64:4a:94:
d3:9d:97:b3:da:4f:08:2f:0a:44:7a:7b:ad:a1:a8:
0c:7b:77:4c:52:69:13:03:58:79:50:93:a9:24:10:
46:ce:1f:77:d5:93:b0:61:34:bc:a5:82:e5:8b:4b:
7b:47:7f:6a:87:53:64:6c:4b:05:30:ad:fe:01:9e:
37:74:2c:3a:b0:51:1d:a5:6d:75:da:65:a8:84:c3:
65:b8:4a:a3:f6:83:b8:30:da:01:01:59:ab:19:3d:
96:59:f2:d4:40:a1:22:09:34:9a:0c:ad:51:53:30:
2c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:CC:6F:A3:DE:34:E1:3E:E0:E9:81:A5:DB:33:FE:7B:8E:E6:66:82
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/645AE970CD4111EF8467F245762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.99.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:84:08:13:88:8a:2d:90:55:e7:2d:88:ff:40:72:b7:94:03:
31:94:a5:0a:9c:5c:7e:04:13:7c:f6:19:61:86:89:78:ee:5f:
48:e2:5e:c9:c1:d6:0f:c7:6a:00:32:e7:e4:1c:12:f1:da:7f:
a4:98:2a:02:0b:be:1f:ff:67:c0:32:c8:42:06:5f:13:67:d6:
40:8f:ec:d1:47:92:48:32:55:b5:7d:ed:2a:57:ab:c5:cd:2b:
c1:22:30:75:cc:2c:1c:57:c3:5f:72:3c:97:1f:59:c0:e4:d3:
a3:95:9a:03:1a:96:a2:ff:93:fb:d7:02:32:f3:0b:30:d9:7b:
68:34:62:fb:bb:15:0c:96:16:31:6d:93:73:04:82:0d:8e:f0:
2f:e2:29:bf:cb:9f:65:1a:49:14:b4:23:81:98:d3:ac:ec:f4:
61:f9:92:ff:b0:18:e4:04:8f:25:38:d5:1b:b7:9a:00:d2:ed:
31:65:70:1f:a0:50:ff:99:15:0f:7c:46:20:ce:a2:a3:dc:d0:
75:42:90:40:20:8e:1c:9e:2f:59:09:48:40:41:14:f3:16:2b:
43:20:2f:7f:70:d4:48:b6:96:af:e5:b7:93:d4:96:40:6b:a3:
8f:38:27:75:31:fc:f7:8f:b6:ee:dc:86:74:c6:a0:dc:4d:f2:
74:7b:0f:2e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP5zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjE1MDE4WhcNMjcxMjEzMjE1MDE4WjAYMRYw
FAYDVQQDEw02NzdkYTE5ZC1jYzQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6RCttiu09zjo2pfemTaRtna76SDHGIQRXRyxP3r2RmBmc7Do+6Ch13ae
td/J2gUbzK1F23eR+ZC8Hpezm+t7XP9Gy2XazATCcebI2gf8ULTkPHgG+UWS8kNG
w0Blv2E4ad4YpMGUadlCuwbnSa/dqGHpyV5nzPXqDN9Fgd5M2rmjGxMp0uWstff0
iUBR5UA22JRkSpTTnZez2k8ILwpEenutoagMe3dMUmkTA1h5UJOpJBBGzh931ZOw
YTS8pYLli0t7R39qh1NkbEsFMK3+AZ43dCw6sFEdpW112mWohMNluEqj9oO4MNoB
AVmrGT2WWfLUQKEiCTSaDK1RUzAsVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHPM
b6PeNOE+4OmBpdsz/nuO5maCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NDVBRTk3MENENDExMUVGODQ2N0YyNDU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNjMA0GCSqGSIb3DQEBCwUA
A4IBAQCOhAgTiIotkFXnLYj/QHK3lAMxlKUKnFx+BBN89hlhhol47l9I4l7JwdYP
x2oAMufkHBLx2n+kmCoCC74f/2fAMshCBl8TZ9ZAj+zRR5JIMlW1fe0qV6vFzSvB
IjB1zCwcV8NfcjyXH1nA5NOjlZoDGpai/5P71wIy8wsw2XtoNGL7uxUMlhYxbZNz
BIINjvAv4im/y59lGkkUtCOBmNOs7PRh+ZL/sBjkBI8lONUbt5oA0u0xZXAfoFD/
mRUPfEYgzqKj3NB1QpBAII4cni9ZCUhAQRTzFitDIC9/cNRItpav5beT1JZAa6OP
OCd1Mfz3j7bu3IZ0xqDcTfJ0ew8u
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:16 2025 by rpki-client