Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64FBA9C0CE3911EFB66B1488762E951A.roa
File: 64FBA9C0CE3911EFB66B1488762E951A.roa (raw, json)
Hash identifier: 6BjWq+Ah85r0RRw55ywA9Um3zEFjRI10WExMSiG9Y+c=
Subject key identifier: CA:D1:A9:BC:1D:C2:7F:DA:40:71:F9:41:79:72:E3:49:67:8A:25:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010239
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64FBA9C0CE3911EFB66B1488762E951A.roa
Signing time: Thu 09 Jan 2025 03:25:37 +0000
ROA not before: Thu 09 Jan 2025 03:25:34 +0000
ROA not after: Fri 09 Jan 2026 03:25:34 +0000
asID: 17561
IP address blocks: 156.247.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66105 (0x10239)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 03:25:34 2025 GMT
Not After : Jan 9 03:25:34 2026 GMT
Subject: CN=677f41b1-49f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:46:53:ff:81:cc:04:c5:b5:57:79:e7:76:dc:
26:9a:91:a6:a5:00:17:08:d1:e9:07:30:3b:31:26:
3a:e9:f9:72:b4:3b:a4:54:b0:c1:ac:76:b0:6f:0d:
25:53:dd:93:7c:01:73:7b:92:78:39:65:3a:0d:7a:
4e:57:5b:0a:2f:1c:0f:14:a6:05:19:d3:e6:ef:26:
69:ef:24:2f:a5:3c:d4:5f:bb:d0:b8:82:82:fc:af:
1f:62:25:1d:b3:69:8e:a5:7a:f2:ba:cc:bc:03:4d:
6c:1e:6a:f6:c5:e0:a2:69:ab:54:a0:6d:32:72:bc:
79:12:82:2b:7e:c4:79:ca:82:72:15:d2:fd:93:da:
62:1e:b0:8e:4c:37:6c:94:8c:1f:cc:a3:99:50:04:
c2:e4:ba:6d:3c:ae:a0:86:98:2b:f8:7c:69:b2:3e:
08:5b:8c:5d:f5:ac:11:40:bb:7c:69:a6:aa:f6:3e:
07:d5:4a:a2:1f:38:e4:54:b1:5d:6c:9d:4f:51:10:
98:b2:14:87:eb:0f:1c:b2:00:5d:eb:8a:7a:5f:49:
35:e6:a6:ff:ca:96:ad:0a:0c:50:3b:7a:32:1a:0a:
cc:92:f2:f2:93:ab:06:ff:a6:28:4f:e3:14:3d:8d:
13:e9:eb:41:6c:8c:c2:6a:1c:cd:09:31:f4:16:e8:
df:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D1:A9:BC:1D:C2:7F:DA:40:71:F9:41:79:72:E3:49:67:8A:25:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64FBA9C0CE3911EFB66B1488762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.48.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:f8:6b:13:45:03:d3:02:15:45:b1:60:ff:fc:af:fa:dc:b1:
63:8c:dd:64:c4:1e:ff:13:81:cd:ea:01:20:0b:f4:d6:bf:70:
92:09:90:2c:b1:60:25:6d:83:dc:63:c2:d4:5a:a3:b8:38:3c:
ae:92:b5:97:26:cf:cd:b4:d6:c1:1e:17:22:4c:77:b7:8f:1d:
c1:9c:ba:5e:9e:ee:11:05:e4:94:82:74:83:cb:4a:4d:13:aa:
4f:52:86:20:be:06:c5:e9:33:71:31:8d:22:4b:26:23:b6:aa:
b3:5a:7b:4c:f4:13:b3:ac:3f:3e:41:c5:95:79:9a:e8:30:6a:
ac:c6:d2:11:c1:9d:4a:89:99:b1:fb:0d:be:16:14:bf:64:8b:
14:f4:21:94:ee:af:b8:92:94:41:cf:f2:2b:91:0c:f8:f9:0a:
3b:50:1d:f2:b2:3f:7b:9b:fb:9e:56:96:e0:e7:4e:6f:ca:36:
ef:41:e5:1f:61:1d:e3:20:4e:34:1a:68:7c:cf:a5:82:af:36:
e0:8c:e4:14:2f:f5:66:da:79:72:72:bd:1f:9c:84:20:24:e6:
78:58:20:1a:02:78:42:c1:3b:a6:c6:4c:2c:58:c6:3a:37:3e:
d4:41:d2:bc:55:0c:97:9e:da:7d:8a:52:9c:93:06:a8:ef:f5:
00:5f:02:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQI5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDMyNTM0WhcNMjYwMTA5MDMyNTM0WjAYMRYw
FAYDVQQDEw02NzdmNDFiMS00OWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuEZT/4HMBMW1V3nndtwmmpGmpQAXCNHpBzA7MSY66flytDukVLDBrHaw
bw0lU92TfAFze5J4OWU6DXpOV1sKLxwPFKYFGdPm7yZp7yQvpTzUX7vQuIKC/K8f
YiUds2mOpXryusy8A01sHmr2xeCiaatUoG0ycrx5EoIrfsR5yoJyFdL9k9piHrCO
TDdslIwfzKOZUATC5LptPK6ghpgr+Hxpsj4IW4xd9awRQLt8aaaq9j4H1UqiHzjk
VLFdbJ1PURCYshSH6w8csgBd64p6X0k15qb/ypatCgxQO3oyGgrMkvLyk6sG/6Yo
T+MUPY0T6etBbIzCahzNCTH0FujffQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMrR
qbwdwn/aQHH5QXly40lniiVnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NEZCQTlDMENFMzkxMUVGQjY2QjE0ODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcwMA0GCSqGSIb3DQEBCwUA
A4IBAQCo+GsTRQPTAhVFsWD//K/63LFjjN1kxB7/E4HN6gEgC/TWv3CSCZAssWAl
bYPcY8LUWqO4ODyukrWXJs/NtNbBHhciTHe3jx3BnLpenu4RBeSUgnSDy0pNE6pP
UoYgvgbF6TNxMY0iSyYjtqqzWntM9BOzrD8+QcWVeZroMGqsxtIRwZ1KiZmx+w2+
FhS/ZIsU9CGU7q+4kpRBz/IrkQz4+Qo7UB3ysj97m/ueVpbg505vyjbvQeUfYR3j
IE40Gmh8z6WCrzbgjOQUL/Vm2nlycr0fnIQgJOZ4WCAaAnhCwTumxkwsWMY6Nz7U
QdK8VQyXntp9ilKckwao7/UAXwIi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:29 2025 by rpki-client