Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72FDC8A2CCE811EFA802A095762E951A.roa
File: 72FDC8A2CCE811EFA802A095762E951A.roa (raw, json)
Hash identifier: 41s+f/ts6KXdOratNkgu2Y9rsGW9nhH/JgTmBZkXtlc=
Subject key identifier: EE:78:C9:F0:3A:B6:57:31:83:7E:58:58:FC:90:50:03:38:BB:AC:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBE3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72FDC8A2CCE811EFA802A095762E951A.roa
Signing time: Tue 07 Jan 2025 11:13:40 +0000
ROA not before: Tue 07 Jan 2025 11:13:37 +0000
ROA not after: Sat 13 Dec 2025 11:13:37 +0000
asID: 984
IP address blocks: 156.235.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64483 (0xfbe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 11:13:37 2025 GMT
Not After : Dec 13 11:13:37 2025 GMT
Subject: CN=677d0c64-7b7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:20:ee:56:c3:19:8b:9e:38:cf:a9:13:e6:
5a:86:74:da:a9:64:b2:80:28:3f:16:99:ea:e0:96:
35:34:ef:97:8b:4d:d2:2c:ed:7b:05:f9:05:e0:6a:
cb:c7:5b:50:90:8f:8b:c7:30:72:6c:63:7a:89:97:
10:9a:dc:9c:b2:ae:1e:a9:d9:a1:30:27:ec:69:72:
6f:60:5e:53:fe:da:98:e0:6c:ad:7e:81:84:cc:a3:
09:a8:cb:df:c6:4f:fb:57:5b:9e:ab:6e:ef:8d:7c:
42:16:11:ca:86:07:ab:d1:40:1b:1d:81:08:17:39:
a8:b4:05:78:85:d1:f0:da:08:26:29:75:60:db:71:
58:36:07:66:08:26:9b:f0:9e:cf:74:9e:9e:63:c7:
7b:b5:0e:22:7f:0f:cc:b5:02:58:0e:5b:ba:a9:29:
40:ef:f5:a1:ae:94:7e:56:70:67:dd:ff:db:d9:08:
84:0e:88:bc:27:4f:05:ae:66:ef:be:6a:1a:eb:ad:
2a:ed:0c:f3:d6:eb:47:b3:6b:a6:19:5e:48:6d:14:
e8:9d:3a:bf:78:97:64:0e:e8:a1:7d:a2:8e:77:2d:
35:2e:73:dd:fb:82:d5:ae:21:cd:52:12:2a:77:3a:
cd:1b:f0:f1:78:c4:a3:0b:1e:44:9f:6f:e5:95:30:
71:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:78:C9:F0:3A:B6:57:31:83:7E:58:58:FC:90:50:03:38:BB:AC:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72FDC8A2CCE811EFA802A095762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.92.0/24
Signature Algorithm: sha256WithRSAEncryption
57:1b:69:63:30:90:22:dc:34:bf:35:30:2f:3d:4c:63:a8:d6:
4b:a5:8e:f1:55:ec:90:42:2d:8c:4e:01:00:3c:59:d2:d2:a2:
41:7f:f5:8f:b2:2a:60:f3:9e:86:71:a4:e0:68:b1:6c:a8:02:
3b:0c:3d:ae:2f:d8:28:fa:4e:97:6e:b0:a1:97:95:9b:12:f4:
f9:74:1b:71:97:c7:72:7f:3b:3d:34:f7:9c:94:ef:9d:db:dd:
12:fc:41:a4:a7:00:16:91:e6:66:96:2b:f2:07:9b:9f:fe:0a:
ad:76:ae:33:77:83:79:9b:54:a0:86:36:69:c2:f2:fe:bf:c0:
67:f5:c3:e9:46:f1:89:0e:6b:86:07:e1:9c:6a:b9:8d:8d:1e:
bc:fe:6a:74:9a:b4:a4:22:ec:fa:ee:14:16:5c:83:26:4a:3e:
2b:07:cb:8a:e1:2d:3b:f3:63:1f:9b:51:12:2f:0a:41:28:e0:
78:10:bc:39:fb:3b:5d:21:40:2b:43:6f:b8:a9:22:c6:51:89:
dd:52:32:e3:2d:25:de:6e:6b:34:a9:1e:1c:73:7c:ea:f8:0b:
e6:40:37:2f:0d:33:cd:7f:3b:be:1e:b4:d8:fc:01:bc:96:1d:
12:23:74:97:e5:5b:be:fa:7f:ff:de:79:c0:e4:d2:6f:6b:01:
6d:81:44:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTExMzM3WhcNMjUxMjEzMTExMzM3WjAYMRYw
FAYDVQQDEw02NzdkMGM2NC03YjdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsYEg7lbDGYueOM+pE+ZahnTaqWSygCg/Fpnq4JY1NO+Xi03SLO17BfkF
4GrLx1tQkI+LxzBybGN6iZcQmtycsq4eqdmhMCfsaXJvYF5T/tqY4GytfoGEzKMJ
qMvfxk/7V1ueq27vjXxCFhHKhger0UAbHYEIFzmotAV4hdHw2ggmKXVg23FYNgdm
CCab8J7PdJ6eY8d7tQ4ifw/MtQJYDlu6qSlA7/WhrpR+VnBn3f/b2QiEDoi8J08F
rmbvvmoa660q7Qzz1utHs2umGV5IbRTonTq/eJdkDuihfaKOdy01LnPd+4LVriHN
UhIqdzrNG/DxeMSjCx5En2/llTBxGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO54
yfA6tlcxg35YWPyQUAM4u6ymMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MkZEQzhBMkNDRTgxMUVGQTgwMkEwOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOtcMA0GCSqGSIb3DQEBCwUA
A4IBAQBXG2ljMJAi3DS/NTAvPUxjqNZLpY7xVeyQQi2MTgEAPFnS0qJBf/WPsipg
856GcaTgaLFsqAI7DD2uL9go+k6XbrChl5WbEvT5dBtxl8dyfzs9NPeclO+d290S
/EGkpwAWkeZmlivyB5uf/gqtdq4zd4N5m1SghjZpwvL+v8Bn9cPpRvGJDmuGB+Gc
armNjR68/mp0mrSkIuz67hQWXIMmSj4rB8uK4S0782Mfm1ESLwpBKOB4ELw5+ztd
IUArQ2+4qSLGUYndUjLjLSXebms0qR4cc3zq+AvmQDcvDTPNfzu+HrTY/AG8lh0S
I3SX5Vu++n//3nnA5NJvawFtgURj
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:49 2025 by rpki-client