Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BE41162C32C11EFBA748BAD762E951A.roa
File: 7BE41162C32C11EFBA748BAD762E951A.roa (raw, json)
Hash identifier: WEbfodAWicO5pRqlu3a3DWtdqXEdla3JDNu2+3vMasM=
Subject key identifier: 88:5C:FC:EB:F3:BF:45:98:53:FF:44:F2:57:13:77:68:92:B6:6D:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAD7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BE41162C32C11EFBA748BAD762E951A.roa
Signing time: Thu 26 Dec 2024 01:55:30 +0000
ROA not before: Thu 26 Dec 2024 01:55:26 +0000
ROA not after: Wed 10 Dec 2025 01:55:26 +0000
asID: 984
IP address blocks: 156.243.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60119 (0xead7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:55:26 2024 GMT
Not After : Dec 10 01:55:26 2025 GMT
Subject: CN=676cb791-aa7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ec:4e:43:08:f3:dc:6e:87:e8:f6:2f:54:61:
87:9d:62:81:02:9f:89:d0:15:15:81:8f:22:76:ba:
bd:63:17:35:a7:b0:2a:8e:5b:de:61:1a:e3:34:d3:
b6:3d:ef:5a:bf:55:75:07:fb:d8:4c:04:69:ad:63:
1a:1f:e0:e6:8e:85:1f:e4:3c:6b:ee:fc:e4:6f:65:
ae:14:f8:47:93:7c:dd:df:59:ff:18:de:13:1c:07:
d7:4b:40:64:e9:8a:35:60:87:1b:36:3c:c1:06:44:
6c:db:29:c3:1a:13:2d:a8:52:f6:16:70:66:58:45:
e4:f4:41:4d:52:ff:29:d7:18:3b:c6:a1:a6:f9:f0:
12:f7:49:ba:a1:ea:b6:a4:8b:b8:9f:09:b2:8c:e1:
bf:e4:df:d8:48:57:dd:c1:7f:8f:8a:88:4b:3e:d3:
07:f1:12:70:4f:23:10:5b:08:a9:24:a9:4b:ff:e7:
76:a0:22:28:c3:37:7d:31:bf:b2:08:49:19:9f:38:
87:47:a9:52:d1:d3:a8:42:2f:44:4c:9c:7e:10:29:
20:e8:80:64:56:72:dd:5f:1b:6b:76:85:ca:2e:79:
bc:00:d1:97:fb:80:ab:4d:32:5e:89:df:78:c9:6b:
d3:cf:57:ec:81:65:5c:ef:89:54:3e:d4:06:97:f4:
f3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:5C:FC:EB:F3:BF:45:98:53:FF:44:F2:57:13:77:68:92:B6:6D:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BE41162C32C11EFBA748BAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.204.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:4e:de:ec:96:78:3f:ad:ba:84:fa:24:4c:87:92:56:77:b4:
17:60:75:a3:a8:cf:97:63:be:dd:fc:0a:5c:06:f7:b0:1d:81:
38:56:29:99:f7:ae:00:47:34:81:bd:9c:b0:e5:77:b2:4a:5a:
b3:a9:f1:42:cc:b8:68:e1:38:22:34:63:bb:c5:51:81:c8:07:
28:ea:56:ba:12:4e:48:73:0c:f0:d0:0f:d9:21:ce:3b:d4:1e:
08:05:6e:3f:bf:31:99:9f:ec:e2:0f:a5:02:7c:cd:6a:c5:b5:
66:f3:48:93:e3:be:c3:0a:2a:af:6f:1e:ae:74:28:da:96:e7:
c0:c7:59:5d:ff:c7:f1:f7:69:43:8a:38:f5:6b:83:f7:04:74:
b3:50:1e:93:76:0c:ef:e8:f8:90:5b:83:10:a4:b7:c2:0d:d0:
20:14:f8:3d:7b:34:ef:21:2c:20:2b:eb:be:2b:f1:5b:59:be:
61:8e:dc:60:24:1f:ac:42:93:f0:28:57:f3:2c:2c:8a:b0:62:
53:5e:08:46:7f:69:ff:29:94:5a:43:0f:0a:15:f0:bb:60:fd:
e0:be:41:38:f1:b0:6f:a3:25:d3:29:25:e9:87:1a:33:72:18:
25:f9:c9:f1:cb:84:38:b0:6b:b0:bc:48:13:23:8c:2d:ae:12:
5b:c8:5b:3b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDE1NTI2WhcNMjUxMjEwMDE1NTI2WjAYMRYw
FAYDVQQDEw02NzZjYjc5MS1hYTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0uxOQwjz3G6H6PYvVGGHnWKBAp+J0BUVgY8idrq9Yxc1p7AqjlveYRrj
NNO2Pe9av1V1B/vYTARprWMaH+DmjoUf5Dxr7vzkb2WuFPhHk3zd31n/GN4THAfX
S0Bk6Yo1YIcbNjzBBkRs2ynDGhMtqFL2FnBmWEXk9EFNUv8p1xg7xqGm+fAS90m6
oeq2pIu4nwmyjOG/5N/YSFfdwX+PiohLPtMH8RJwTyMQWwipJKlL/+d2oCIowzd9
Mb+yCEkZnziHR6lS0dOoQi9ETJx+ECkg6IBkVnLdXxtrdoXKLnm8ANGX+4CrTTJe
id94yWvTz1fsgWVc74lUPtQGl/TzowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIhc
/Ovzv0WYU/9E8lcTd2iStm0iMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QkU0MTE2MkMzMkMxMUVGQkE3NDhCQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPMMA0GCSqGSIb3DQEBCwUA
A4IBAQCtTt7slng/rbqE+iRMh5JWd7QXYHWjqM+XY77d/ApcBvewHYE4VimZ964A
RzSBvZyw5XeySlqzqfFCzLho4TgiNGO7xVGByAco6la6Ek5Icwzw0A/ZIc471B4I
BW4/vzGZn+ziD6UCfM1qxbVm80iT477DCiqvbx6udCjalufAx1ld/8fx92lDijj1
a4P3BHSzUB6Tdgzv6PiQW4MQpLfCDdAgFPg9ezTvISwgK+u+K/FbWb5hjtxgJB+s
QpPwKFfzLCyKsGJTXghGf2n/KZRaQw8KFfC7YP3gvkE48bBvoyXTKSXphxozchgl
+cnxy4Q4sGuwvEgTI4wtrhJbyFs7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:40 2025 by rpki-client