Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6C380284CD6611EF95D757B9762E951A.roa
File: 6C380284CD6611EF95D757B9762E951A.roa (raw, json)
Hash identifier: G4lxlOMLjsbxEJoi9yJ+7GxesAWuZpUVGgzv9jRuMdM=
Subject key identifier: B2:A4:13:22:4B:79:F0:F1:A7:DB:F5:1B:D1:DE:46:B5:9C:4E:42:7C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF45
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6C380284CD6611EF95D757B9762E951A.roa
Signing time: Wed 08 Jan 2025 02:15:26 +0000
ROA not before: Wed 08 Jan 2025 02:15:22 +0000
ROA not after: Sat 13 Dec 2025 02:15:22 +0000
asID: 984
IP address blocks: 156.247.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65349 (0xff45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 02:15:22 2025 GMT
Not After : Dec 13 02:15:22 2025 GMT
Subject: CN=677ddfbe-6a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d2:32:90:a9:c1:62:8e:1a:3a:f7:f7:88:df:
90:3e:d3:dd:4f:6f:b6:1d:27:06:72:1d:88:7a:4f:
25:f1:c9:82:9d:ba:00:3c:b5:84:1a:ba:1d:e1:25:
c2:98:50:63:f2:e5:98:83:cf:61:8c:9a:e1:62:bb:
db:63:1d:33:a2:98:46:67:24:98:ed:4f:84:72:9a:
34:8a:98:dd:ca:2f:c1:95:9f:ec:58:4e:38:61:07:
47:fc:06:3e:ac:9b:78:96:8f:1f:a1:0a:cf:51:28:
6a:8a:e4:1e:8b:54:91:79:05:7a:37:aa:4e:0f:d6:
d4:43:e3:af:71:85:b7:95:d1:51:aa:c2:96:a3:1d:
6e:38:75:1f:23:b4:2e:5c:6e:c3:97:65:ab:71:6f:
58:33:53:e0:84:67:83:1f:9e:b7:6c:9f:9e:70:32:
32:95:7c:b9:fa:e8:98:d1:3e:e3:34:b3:39:61:ab:
bd:71:97:54:31:f9:46:06:64:64:72:70:a5:f4:93:
a9:4e:49:04:47:88:22:1d:7d:8b:1c:bd:5d:36:14:
3f:e6:4f:c9:81:10:0e:69:0a:c3:30:7c:5e:1d:aa:
3f:85:17:85:4e:3e:1d:89:ed:0d:5c:2b:38:eb:bc:
75:39:05:8d:86:47:2a:14:8f:81:2a:3d:50:e5:4d:
2b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A4:13:22:4B:79:F0:F1:A7:DB:F5:1B:D1:DE:46:B5:9C:4E:42:7C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6C380284CD6611EF95D757B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.109.0/24
Signature Algorithm: sha256WithRSAEncryption
92:76:f2:7c:e7:75:d6:cf:32:9b:4c:e4:65:d2:4b:70:aa:5c:
39:9d:62:bf:a4:61:da:fc:fb:18:d4:a1:b2:dd:67:bb:2c:44:
69:ca:13:59:ce:4d:c7:91:eb:70:fb:be:71:14:bf:31:9b:a4:
15:05:e5:2c:c2:c4:1b:e3:06:98:44:93:1d:59:ca:bb:ff:6c:
f9:50:c0:9c:dc:b9:04:9d:78:d9:8f:5d:55:98:a7:b9:17:c3:
c5:f9:09:b1:9c:c9:06:68:ca:ca:85:99:1f:77:31:41:e1:33:
d9:77:9f:02:07:6f:45:d2:cb:be:49:17:36:a1:5f:a4:7b:ea:
cd:58:35:c5:c7:ab:9f:5c:bb:c1:70:61:95:84:3a:81:a9:32:
4a:48:ff:84:d7:3c:f9:95:83:81:db:f8:79:6f:dd:fd:ac:71:
dd:73:99:fc:3a:0b:1d:b7:20:a9:3e:30:b5:47:f0:00:50:5a:
4b:9a:69:0c:b0:b4:cf:6a:c1:c3:53:a5:84:02:2d:ad:79:90:
04:45:1a:f7:f2:f6:5d:4f:e9:3e:7c:b6:70:5e:7f:87:28:39:
0c:43:ce:4f:e4:f9:b3:fa:04:cb:24:bd:d9:36:ca:0b:c4:2a:
b0:84:96:0e:db:97:f9:4c:e0:4f:a2:5f:db:4b:60:f7:44:1d:
fe:86:ea:89
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP9FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDIxNTIyWhcNMjUxMjEzMDIxNTIyWjAYMRYw
FAYDVQQDEw02NzdkZGZiZS02YTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoNIykKnBYo4aOvf3iN+QPtPdT2+2HScGch2Iek8l8cmCnboAPLWEGrod
4SXCmFBj8uWYg89hjJrhYrvbYx0zophGZySY7U+Ecpo0ipjdyi/BlZ/sWE44YQdH
/AY+rJt4lo8foQrPUShqiuQei1SReQV6N6pOD9bUQ+OvcYW3ldFRqsKWox1uOHUf
I7QuXG7Dl2WrcW9YM1PghGeDH563bJ+ecDIylXy5+uiY0T7jNLM5Yau9cZdUMflG
BmRkcnCl9JOpTkkER4giHX2LHL1dNhQ/5k/JgRAOaQrDMHxeHao/hReFTj4die0N
XCs467x1OQWNhkcqFI+BKj1Q5U0rDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLKk
EyJLefDxp9v1G9HeRrWcTkJ8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82QzM4MDI4NENENjYxMUVGOTVENzU3Qjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdtMA0GCSqGSIb3DQEBCwUA
A4IBAQCSdvJ853XWzzKbTORl0ktwqlw5nWK/pGHa/PsY1KGy3We7LERpyhNZzk3H
ketw+75xFL8xm6QVBeUswsQb4waYRJMdWcq7/2z5UMCc3LkEnXjZj11VmKe5F8PF
+QmxnMkGaMrKhZkfdzFB4TPZd58CB29F0su+SRc2oV+ke+rNWDXFx6ufXLvBcGGV
hDqBqTJKSP+E1zz5lYOB2/h5b939rHHdc5n8OgsdtyCpPjC1R/AAUFpLmmkMsLTP
asHDU6WEAi2teZAERRr38vZdT+k+fLZwXn+HKDkMQ85P5Pmz+gTLJL3ZNsoLxCqw
hJYO25f5TOBPol/bS2D3RB3+huqJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:03 2025 by rpki-client