Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/741237D8CD0F11EFBCCE3A8A762E951A.roa
File: 741237D8CD0F11EFBCCE3A8A762E951A.roa (raw, json)
Hash identifier: x77JxyxzOl8EcMsEY/rUrXN75kOUDIBuyWVP1wKcQl8=
Subject key identifier: 46:17:70:B7:FC:87:A5:F5:FE:9F:6B:7C:3F:6B:AA:FA:81:37:58:24
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCE5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/741237D8CD0F11EFBCCE3A8A762E951A.roa
Signing time: Tue 07 Jan 2025 15:52:53 +0000
ROA not before: Tue 07 Jan 2025 15:52:49 +0000
ROA not after: Mon 13 Dec 2027 15:52:49 +0000
asID: 17561
IP address blocks: 156.239.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64741 (0xfce5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:52:49 2025 GMT
Not After : Dec 13 15:52:49 2027 GMT
Subject: CN=677d4dd5-2ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a4:36:4f:f4:65:c3:e4:71:36:fa:a4:88:8f:
ae:27:32:9b:9e:9c:d1:e9:6f:cd:1e:0d:1b:cd:c5:
41:bf:23:2d:7e:d6:56:ee:02:e2:b3:96:1a:7f:96:
83:d6:87:50:44:4f:a5:a6:d8:0e:88:14:fe:86:46:
95:f3:57:0b:00:96:e2:60:b8:35:b1:08:fc:57:fb:
d3:3d:51:04:48:54:53:70:70:07:50:64:7b:52:e1:
02:f3:4e:52:6f:0d:ad:24:e1:d5:bb:3e:ad:dd:68:
3d:f6:81:4c:a4:b7:e1:a8:17:bb:9a:02:28:e7:79:
25:89:0e:8e:59:66:57:34:6a:21:78:cf:2c:ba:0d:
b1:a0:cf:a7:89:31:55:ae:c2:f6:1a:9e:aa:8d:db:
1f:ac:a4:de:d3:21:01:cd:89:61:64:fc:bc:34:4b:
87:a8:f5:e2:dd:d2:a5:0c:86:41:b5:9e:32:1e:7e:
93:4c:8e:22:b5:4c:87:b5:76:f7:21:30:27:ad:c7:
cd:d1:76:3c:79:88:32:ce:d4:98:70:80:1c:8b:99:
b7:26:0c:68:8f:c1:36:0a:ac:7c:6e:89:1b:1b:85:
c5:2c:15:48:69:fc:01:b7:45:1e:2e:e8:5b:ca:8c:
c3:34:53:f4:58:71:5a:90:c2:9f:b9:74:1f:93:56:
0a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:17:70:B7:FC:87:A5:F5:FE:9F:6B:7C:3F:6B:AA:FA:81:37:58:24
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/741237D8CD0F11EFBCCE3A8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.149.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:23:f1:94:f9:59:91:5c:4e:7c:33:05:71:e6:68:81:12:3a:
bf:b8:26:d7:93:90:a3:68:11:66:0d:6d:4f:a1:9a:5b:3b:ea:
8c:a7:9b:e5:3d:34:fe:34:28:23:41:c2:f4:3f:f6:0e:b3:1f:
b1:3f:89:2a:28:00:0d:cd:c2:55:4b:8f:2f:8d:07:f3:80:2a:
a9:45:42:63:4c:15:ca:d9:28:d8:42:bb:4e:cd:a5:7d:b3:78:
d5:81:4e:8f:4c:af:9a:36:28:35:04:d8:ba:2c:d4:07:26:f2:
80:b9:c3:95:4e:ff:64:79:d0:37:49:09:28:cc:c5:ee:28:43:
1f:7b:62:ba:be:6c:b7:f7:31:b4:d9:a1:8d:d5:76:ed:bc:1c:
a4:fc:80:4f:81:75:9a:ee:2e:23:96:2a:92:17:86:50:25:aa:
c2:b9:ee:ff:54:21:08:68:dd:d8:e6:bf:c7:06:c0:ce:3f:19:
02:87:7c:aa:41:ba:be:85:b2:fe:43:0d:a1:95:f8:94:b4:42:
0e:1a:99:76:ff:98:1a:ee:4e:88:ab:4c:96:e4:4d:e9:48:f1:
99:20:05:1a:57:42:f7:e4:2e:dc:b9:f2:b8:8b:38:de:be:49:
c7:d1:68:df:ae:f0:79:5f:37:11:36:c4:f0:b4:24:9c:32:b5:
3c:99:11:9e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPzlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTU1MjQ5WhcNMjcxMjEzMTU1MjQ5WjAYMRYw
FAYDVQQDEw02NzdkNGRkNS0yZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz6Q2T/Rlw+RxNvqkiI+uJzKbnpzR6W/NHg0bzcVBvyMtftZW7gLis5Ya
f5aD1odQRE+lptgOiBT+hkaV81cLAJbiYLg1sQj8V/vTPVEESFRTcHAHUGR7UuEC
805Sbw2tJOHVuz6t3Wg99oFMpLfhqBe7mgIo53kliQ6OWWZXNGoheM8sug2xoM+n
iTFVrsL2Gp6qjdsfrKTe0yEBzYlhZPy8NEuHqPXi3dKlDIZBtZ4yHn6TTI4itUyH
tXb3ITAnrcfN0XY8eYgyztSYcIAci5m3Jgxoj8E2Cqx8bokbG4XFLBVIafwBt0Ue
LuhbyozDNFP0WHFakMKfuXQfk1YKxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEYX
cLf8h6X1/p9rfD9rqvqBN1gkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NDEyMzdEOENEMEYxMUVGQkNDRTNBOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+VMA0GCSqGSIb3DQEBCwUA
A4IBAQCdI/GU+VmRXE58MwVx5miBEjq/uCbXk5CjaBFmDW1PoZpbO+qMp5vlPTT+
NCgjQcL0P/YOsx+xP4kqKAANzcJVS48vjQfzgCqpRUJjTBXK2SjYQrtOzaV9s3jV
gU6PTK+aNig1BNi6LNQHJvKAucOVTv9kedA3SQkozMXuKEMfe2K6vmy39zG02aGN
1XbtvByk/IBPgXWa7i4jliqSF4ZQJarCue7/VCEIaN3Y5r/HBsDOPxkCh3yqQbq+
hbL+Qw2hlfiUtEIOGpl2/5ga7k6Iq0yW5E3pSPGZIAUaV0L35C7cufK4izjevknH
0WjfrvB5XzcRNsTwtCScMrU8mRGe
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:16 2025 by rpki-client