Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/73B8E0DAC95311EF868F0C4A762E951A.roa
File: 73B8E0DAC95311EF868F0C4A762E951A.roa (raw, json)
Hash identifier: 0pRb3ZVgr2ZJZB8IhyHi9CYPCNjyOqVpClc+keYHd2A=
Subject key identifier: 4A:70:01:F1:D1:57:27:71:BE:18:D9:AB:CB:EC:E3:AD:FA:EA:A3:7D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3DE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/73B8E0DAC95311EF868F0C4A762E951A.roa
Signing time: Thu 02 Jan 2025 21:49:33 +0000
ROA not before: Thu 02 Jan 2025 21:49:30 +0000
ROA not after: Sat 13 Dec 2025 21:49:30 +0000
asID: 984
IP address blocks: 156.226.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62430 (0xf3de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:49:30 2025 GMT
Not After : Dec 13 21:49:30 2025 GMT
Subject: CN=677709ed-2c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:52:8c:d1:43:83:08:80:08:4c:ea:48:40:f8:
3b:a0:42:63:df:e2:63:25:93:2a:50:91:38:90:00:
c4:cc:57:e0:60:a0:af:26:ac:cc:f0:bf:26:7e:9f:
f7:21:b8:42:71:25:8b:7a:c6:6b:35:43:a0:1d:ab:
50:8b:1e:09:81:07:6a:76:ea:37:30:7d:29:75:e2:
03:e3:49:73:ee:79:d3:67:a2:40:93:34:61:87:b8:
58:68:2e:2a:0a:33:05:0b:c4:34:33:8f:cb:bf:16:
e3:bd:4f:0e:54:07:6e:20:e7:80:0d:30:f3:cd:f9:
5b:ff:28:ae:c7:3a:ca:b4:ec:47:cd:4d:d3:dd:d9:
f2:1f:ac:e8:6f:f4:e9:42:e5:ce:49:0b:fb:a0:ed:
c8:6e:e7:82:3e:13:bc:fc:53:bd:f1:7c:ab:a6:e1:
02:e1:48:9d:6e:f2:92:af:03:e0:ab:d3:79:9b:b8:
ba:a0:9c:8e:1b:97:75:7f:f9:c2:d4:e1:6e:8f:a4:
d0:d0:e5:c2:b2:ea:f5:0f:dc:7d:37:38:c8:ed:73:
aa:ad:9a:5a:9e:b5:6b:13:2f:e7:a5:6e:ae:bf:9a:
05:f2:ad:24:d4:6a:32:39:d8:14:19:25:62:42:8a:
ad:d8:28:53:52:fa:4b:68:04:11:9a:6a:e6:7e:1e:
39:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:70:01:F1:D1:57:27:71:BE:18:D9:AB:CB:EC:E3:AD:FA:EA:A3:7D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/73B8E0DAC95311EF868F0C4A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.135.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:b5:c2:7f:0a:85:6f:38:7f:8b:38:3e:83:00:7a:16:b7:5b:
8c:22:4d:74:c2:e3:b4:c8:1a:55:ae:8f:bc:4a:b3:78:35:37:
50:6a:86:b7:b0:26:89:46:9e:4d:b5:af:11:26:1a:62:b9:bb:
b6:80:c7:5a:f3:84:b9:5f:ee:5b:60:7c:7d:b3:fc:99:1b:34:
91:84:2b:df:11:5e:0a:f6:a3:56:00:64:b8:d2:79:24:8a:bc:
66:c8:54:48:a0:84:7d:a1:7b:2d:70:da:28:90:1f:5f:6e:34:
62:e6:ff:9a:e4:76:8a:4d:cc:ec:54:aa:ba:9e:19:d4:cc:5f:
b1:7c:8b:67:89:9c:3b:44:65:40:ec:47:1e:10:86:87:4b:f9:
1a:41:c1:d8:a9:df:f0:65:7b:1c:c1:61:18:dd:ae:5c:68:bb:
0d:73:ab:bb:db:c2:f2:2f:c8:b1:f1:60:4d:55:08:4c:33:0d:
26:97:58:f6:13:f2:98:a6:ca:41:f1:df:b0:2a:6e:87:29:51:
ce:9d:0f:e7:ea:cd:46:ef:f2:45:64:84:a4:5d:51:b8:ad:b1:
8b:4b:ab:35:6f:76:d5:4f:56:75:36:b3:36:90:a2:cd:7a:a3:
85:70:77:15:42:10:65:76:96:b6:15:f4:1d:d9:bb:cc:ee:94:
93:3a:30:a7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPPeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjE0OTMwWhcNMjUxMjEzMjE0OTMwWjAYMRYw
FAYDVQQDEw02Nzc3MDllZC0yYzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz1KM0UODCIAITOpIQPg7oEJj3+JjJZMqUJE4kADEzFfgYKCvJqzM8L8m
fp/3IbhCcSWLesZrNUOgHatQix4JgQdqduo3MH0pdeID40lz7nnTZ6JAkzRhh7hY
aC4qCjMFC8Q0M4/LvxbjvU8OVAduIOeADTDzzflb/yiuxzrKtOxHzU3T3dnyH6zo
b/TpQuXOSQv7oO3IbueCPhO8/FO98XyrpuEC4UidbvKSrwPgq9N5m7i6oJyOG5d1
f/nC1OFuj6TQ0OXCsur1D9x9NzjI7XOqrZpanrVrEy/npW6uv5oF8q0k1GoyOdgU
GSViQoqt2ChTUvpLaAQRmmrmfh45UwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEpw
AfHRVydxvhjZq8vs46366qN9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83M0I4RTBEQUM5NTMxMUVGODY4RjBDNEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKHMA0GCSqGSIb3DQEBCwUA
A4IBAQBqtcJ/CoVvOH+LOD6DAHoWt1uMIk10wuO0yBpVro+8SrN4NTdQaoa3sCaJ
Rp5Nta8RJhpiubu2gMda84S5X+5bYHx9s/yZGzSRhCvfEV4K9qNWAGS40nkkirxm
yFRIoIR9oXstcNookB9fbjRi5v+a5HaKTczsVKq6nhnUzF+xfItniZw7RGVA7Ece
EIaHS/kaQcHYqd/wZXscwWEY3a5caLsNc6u728LyL8ix8WBNVQhMMw0ml1j2E/KY
pspB8d+wKm6HKVHOnQ/n6s1G7/JFZISkXVG4rbGLS6s1b3bVT1Z1NrM2kKLNeqOF
cHcVQhBldpa2FfQd2bvM7pSTOjCn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:15 2025 by rpki-client