Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6B646384CDCA11EF80F14ABA762E951A.roa
File: 6B646384CDCA11EF80F14ABA762E951A.roa (raw, json)
Hash identifier: +f0yMDgPglAsa95yBEczT72DXOaXYIHLTnDkUoTLcZw=
Subject key identifier: 54:C1:52:7D:8C:92:E8:3C:7C:74:FE:06:F1:3A:60:2D:46:26:B5:17
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101CE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6B646384CDCA11EF80F14ABA762E951A.roa
Signing time: Wed 08 Jan 2025 14:11:14 +0000
ROA not before: Wed 08 Jan 2025 14:11:10 +0000
ROA not after: Thu 25 Dec 2025 14:11:10 +0000
asID: 984
IP address blocks: 156.243.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65998 (0x101ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:11:10 2025 GMT
Not After : Dec 25 14:11:10 2025 GMT
Subject: CN=677e8782-50bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7d:0f:96:04:94:97:59:29:21:d5:7b:d9:51:
31:09:a5:6e:bf:9e:92:7d:1f:54:6b:11:c4:d9:e5:
c8:2e:2a:6d:d1:5f:51:d6:db:f7:57:e8:1f:72:64:
68:1c:b4:9a:b7:48:9d:0b:79:67:eb:1b:f5:69:f0:
45:e2:9d:c1:8c:e0:34:f3:63:9e:ca:8e:ed:bc:3a:
24:bd:3c:16:c2:bc:28:ff:60:58:03:d1:fd:19:4c:
06:45:b5:fd:c4:42:3f:c9:25:42:8d:74:e4:f2:b2:
b7:89:1c:7f:05:9d:38:1f:ea:58:14:66:10:fa:c8:
82:98:e1:be:48:c5:2b:62:dd:72:d3:28:b1:e8:ba:
78:a5:6c:cc:0f:00:9e:41:90:96:fb:77:45:f9:0b:
de:aa:10:29:8e:49:2f:7c:1e:96:78:7d:59:a5:01:
c0:af:44:49:8b:ed:cd:b5:cc:18:fe:41:df:c8:83:
aa:c2:35:1b:f7:eb:82:b3:2b:7a:f7:68:c9:1d:66:
0c:60:6c:48:c9:c5:62:e6:a3:5d:20:d2:c4:7a:a9:
9b:4d:e5:19:52:77:4f:03:d5:b5:fa:ab:7a:5a:fa:
71:02:fe:25:2d:a5:7d:cb:81:97:2f:44:e2:22:c0:
37:34:16:4c:7f:cd:53:12:cc:c1:73:6d:d6:53:92:
76:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C1:52:7D:8C:92:E8:3C:7C:74:FE:06:F1:3A:60:2D:46:26:B5:17
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6B646384CDCA11EF80F14ABA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.254.0/24
Signature Algorithm: sha256WithRSAEncryption
03:e3:21:a3:17:9a:ab:4c:9d:d5:e1:91:b2:57:b4:e0:99:3c:
0e:e6:7c:0a:34:21:bc:b0:ae:51:36:91:d2:ab:02:de:63:ac:
10:b0:d3:5d:db:90:cc:10:7e:e1:30:be:e5:4d:64:36:6a:0f:
d5:bf:a0:20:94:fd:7f:76:6a:5f:f1:f9:e3:93:e9:7d:d9:4a:
4c:51:ff:3e:57:0f:bb:30:4e:69:88:0e:3f:d5:07:d7:cb:72:
97:05:8f:d7:91:df:7f:fb:2a:32:c3:91:4a:12:f6:40:e2:e8:
53:84:ef:7e:23:bc:e5:9c:f2:00:5b:65:2c:b4:d0:92:a3:01:
e8:9c:c9:47:1f:bf:1e:8d:29:87:74:73:86:99:7b:17:4a:a4:
b6:54:6f:e6:55:ee:b2:2c:1a:f2:79:a3:db:6c:da:27:35:26:
df:82:76:d4:1f:a0:16:4a:c8:80:7c:4b:01:8e:17:b4:62:7a:
b3:64:2c:d2:64:26:cc:e7:b9:4b:7e:40:7a:3e:64:34:8b:4d:
f8:3e:a8:7d:7b:a1:64:dc:f7:26:f6:f9:27:45:38:43:41:85:
3a:ee:bf:d5:76:be:c3:54:98:66:d9:75:86:78:21:d8:1e:80:
47:0e:a4:73:aa:25:9c:94:59:eb:1d:c6:60:c8:ba:54:df:c5:
31:b0:49:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQHOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQxMTEwWhcNMjUxMjI1MTQxMTEwWjAYMRYw
FAYDVQQDEw02NzdlODc4Mi01MGJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArH0PlgSUl1kpIdV72VExCaVuv56SfR9UaxHE2eXILipt0V9R1tv3V+gf
cmRoHLSat0idC3ln6xv1afBF4p3BjOA082Oeyo7tvDokvTwWwrwo/2BYA9H9GUwG
RbX9xEI/ySVCjXTk8rK3iRx/BZ04H+pYFGYQ+siCmOG+SMUrYt1y0yix6Lp4pWzM
DwCeQZCW+3dF+QveqhApjkkvfB6WeH1ZpQHAr0RJi+3NtcwY/kHfyIOqwjUb9+uC
syt692jJHWYMYGxIycVi5qNdINLEeqmbTeUZUndPA9W1+qt6WvpxAv4lLaV9y4GX
L0TiIsA3NBZMf81TEszBc23WU5J27wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFTB
Un2Mkug8fHT+BvE6YC1GJrUXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82QjY0NjM4NENEQ0ExMUVGODBGMTRBQkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPP+MA0GCSqGSIb3DQEBCwUA
A4IBAQAD4yGjF5qrTJ3V4ZGyV7TgmTwO5nwKNCG8sK5RNpHSqwLeY6wQsNNd25DM
EH7hML7lTWQ2ag/Vv6AglP1/dmpf8fnjk+l92UpMUf8+Vw+7ME5piA4/1QfXy3KX
BY/Xkd9/+yoyw5FKEvZA4uhThO9+I7zlnPIAW2UstNCSowHonMlHH78ejSmHdHOG
mXsXSqS2VG/mVe6yLBryeaPbbNonNSbfgnbUH6AWSsiAfEsBjhe0YnqzZCzSZCbM
57lLfkB6PmQ0i034Pqh9e6Fk3Pcm9vknRThDQYU67r/Vdr7DVJhm2XWGeCHYHoBH
DqRzqiWclFnrHcZgyLpU38UxsElT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:58 2025 by rpki-client