Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/652EE9A0CD5011EFB18D5BA3762E951A.roa
File: 652EE9A0CD5011EFB18D5BA3762E951A.roa (raw, json)
Hash identifier: M0fxQSgAiuO+qR3ej3LYTequwLYsnuoWGNmSAy0o2VU=
Subject key identifier: B4:E8:76:E7:A8:48:7C:D5:7A:E0:B7:F3:0B:4D:DC:8E:5C:C5:1E:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEE7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/652EE9A0CD5011EFB18D5BA3762E951A.roa
Signing time: Tue 07 Jan 2025 23:37:45 +0000
ROA not before: Tue 07 Jan 2025 23:37:41 +0000
ROA not after: Sat 13 Dec 2025 23:37:41 +0000
asID: 984
IP address blocks: 156.247.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65255 (0xfee7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 23:37:41 2025 GMT
Not After : Dec 13 23:37:41 2025 GMT
Subject: CN=677dbac9-61bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b0:65:82:3d:21:7a:61:69:ac:ef:d9:1d:b2:
d3:00:35:5e:f7:fb:82:e9:09:f5:88:46:f5:3c:c7:
b5:ca:17:c5:79:d6:a4:6b:6f:eb:6b:28:51:4a:7a:
89:6c:e0:03:9f:f8:1c:30:c2:8a:d1:63:30:22:db:
34:ee:59:c1:c7:84:94:0e:7d:2e:82:c0:09:49:a7:
9f:a4:09:5c:5c:67:49:06:68:3b:bb:84:02:68:3c:
56:e4:e0:7b:40:c9:c3:df:ed:36:15:b3:d2:1f:58:
ae:b6:9e:f7:3a:fc:f5:b0:99:2f:ac:87:d8:29:94:
5b:d0:22:57:8d:6d:7c:0f:c5:5c:9c:01:9d:13:ce:
f0:23:63:41:41:05:da:2c:3b:3c:67:3d:d7:d6:1c:
ca:74:ed:00:0d:08:74:0a:2d:ce:04:57:5a:88:51:
ee:0b:2c:6f:cd:f6:dc:48:a1:78:0d:0e:14:08:38:
95:63:5c:60:17:8c:99:8f:cd:33:8a:f5:b4:ac:07:
b9:53:5d:ba:9a:71:00:7f:10:f1:79:ac:8d:1e:a5:
3d:57:65:a8:e6:f3:91:9a:f0:ff:35:25:28:dd:8b:
08:3f:5b:e3:ae:3a:b8:3c:e0:87:c9:81:ba:b8:68:
bc:1c:8a:a9:a6:64:34:ec:3a:2e:6c:a2:1d:16:6e:
4f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E8:76:E7:A8:48:7C:D5:7A:E0:B7:F3:0B:4D:DC:8E:5C:C5:1E:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/652EE9A0CD5011EFB18D5BA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.28.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:33:77:64:46:71:a2:12:4d:28:95:e0:99:9e:1e:6d:1b:c6:
85:15:0a:b1:ee:ea:7d:85:c3:42:c1:fc:d3:c3:84:f9:02:8a:
fa:6c:72:b9:3e:4f:50:48:3a:e5:28:38:cf:e0:f2:74:e5:3a:
fa:1a:7b:d9:c1:85:9b:5f:27:f5:36:eb:37:48:19:38:7e:9d:
82:74:00:f7:88:91:e4:3e:67:2b:e5:68:c0:73:7d:a9:74:8c:
82:6a:0f:0d:96:49:4a:36:a4:a0:a3:29:18:cf:13:70:12:bf:
2b:4b:1b:71:b0:ba:6c:62:ae:94:33:02:6a:76:0a:10:60:c9:
3c:9c:0f:ad:7d:4b:fb:7c:fc:dd:9c:de:27:29:97:b2:12:3c:
bf:42:4a:14:be:17:34:8f:80:fb:11:df:c5:9a:af:01:f7:7b:
4a:3f:b6:0e:49:7b:9b:b5:15:aa:c2:4d:60:cb:bd:8f:79:12:
94:19:bf:39:86:5e:33:3d:df:e7:bf:ce:72:bb:52:d0:aa:26:
3f:d7:36:d2:5f:1d:01:0b:bf:ed:58:80:dc:66:fb:02:c5:e0:
94:89:97:a1:ed:1c:8f:b8:e2:f3:03:c4:45:5a:0d:f8:13:da:
3b:b5:e4:0d:c1:d4:9b:0c:ca:02:44:1b:c1:d9:69:59:7b:19:
fc:88:a6:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP7nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjMzNzQxWhcNMjUxMjEzMjMzNzQxWjAYMRYw
FAYDVQQDEw02NzdkYmFjOS02MWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsrBlgj0hemFprO/ZHbLTADVe9/uC6Qn1iEb1PMe1yhfFedaka2/rayhR
SnqJbOADn/gcMMKK0WMwIts07lnBx4SUDn0ugsAJSaefpAlcXGdJBmg7u4QCaDxW
5OB7QMnD3+02FbPSH1iutp73Ovz1sJkvrIfYKZRb0CJXjW18D8VcnAGdE87wI2NB
QQXaLDs8Zz3X1hzKdO0ADQh0Ci3OBFdaiFHuCyxvzfbcSKF4DQ4UCDiVY1xgF4yZ
j80zivW0rAe5U126mnEAfxDxeayNHqU9V2Wo5vORmvD/NSUo3YsIP1vjrjq4POCH
yYG6uGi8HIqppmQ07DoubKIdFm5PIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLTo
dueoSHzVeuC38wtN3I5cxR4MMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NTJFRTlBMENENTAxMUVGQjE4RDVCQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPccMA0GCSqGSIb3DQEBCwUA
A4IBAQA9M3dkRnGiEk0oleCZnh5tG8aFFQqx7up9hcNCwfzTw4T5Aor6bHK5Pk9Q
SDrlKDjP4PJ05Tr6GnvZwYWbXyf1Nus3SBk4fp2CdAD3iJHkPmcr5WjAc32pdIyC
ag8NlklKNqSgoykYzxNwEr8rSxtxsLpsYq6UMwJqdgoQYMk8nA+tfUv7fPzdnN4n
KZeyEjy/QkoUvhc0j4D7Ed/Fmq8B93tKP7YOSXubtRWqwk1gy72PeRKUGb85hl4z
Pd/nv85yu1LQqiY/1zbSXx0BC7/tWIDcZvsCxeCUiZeh7RyPuOLzA8RFWg34E9o7
teQNwdSbDMoCRBvB2WlZexn8iKYJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:40 2025 by rpki-client