Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7CE48DE0C32B11EF8FBAFAA4762E951A.roa
File: 7CE48DE0C32B11EF8FBAFAA4762E951A.roa (raw, json)
Hash identifier: vnzfJBp9WntsoOmOJoQ4X/308GJctO78ATgYsuumNto=
Subject key identifier: 97:29:87:3B:0F:BC:8F:19:AF:71:61:F9:A0:B4:3C:91:5D:72:B1:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EACB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7CE48DE0C32B11EF8FBAFAA4762E951A.roa
Signing time: Thu 26 Dec 2024 01:48:22 +0000
ROA not before: Thu 26 Dec 2024 01:48:18 +0000
ROA not after: Wed 10 Dec 2025 01:48:18 +0000
asID: 984
IP address blocks: 156.243.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60107 (0xeacb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:48:18 2024 GMT
Not After : Dec 10 01:48:18 2025 GMT
Subject: CN=676cb5e6-e2e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c3:26:7b:24:95:9a:cd:0a:97:9f:2d:c1:1c:
12:25:be:06:68:16:85:35:33:e2:1b:29:e6:28:85:
5e:8d:b7:4c:9d:13:67:7f:bd:c4:3e:6f:44:e9:15:
0b:af:1c:fd:6a:96:cc:57:da:f6:dc:50:43:19:7d:
2d:ac:be:04:61:33:83:78:b3:ac:9a:f3:6b:e5:ae:
32:18:78:68:75:43:fc:5a:56:e3:26:f1:95:34:4e:
04:b0:97:9f:b2:7d:30:ef:b4:39:e5:f1:9c:16:98:
10:96:39:79:dd:b2:34:38:9c:b5:93:2a:41:3c:01:
c1:00:94:70:98:fe:46:c3:3f:40:39:14:30:7a:3c:
9e:3b:2b:45:da:1c:c0:d3:1b:90:73:6a:0e:56:2e:
ce:42:56:3f:ac:33:79:c7:48:be:a1:22:0c:3a:25:
86:75:cd:68:c9:87:65:dd:86:c6:5c:fe:59:12:1f:
39:ed:83:1d:91:9c:6e:b9:da:8f:12:02:7e:bc:5a:
86:76:d1:0a:d3:75:c1:c8:f4:d2:bb:49:84:5c:41:
f4:5d:7d:93:a3:df:62:ba:92:8b:40:cf:7f:d4:75:
ad:61:48:c1:b6:8e:ed:89:64:75:47:3b:f1:cc:67:
d7:ff:c8:1b:e3:85:c6:d2:f8:3f:23:56:d1:6e:e6:
f3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:29:87:3B:0F:BC:8F:19:AF:71:61:F9:A0:B4:3C:91:5D:72:B1:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7CE48DE0C32B11EF8FBAFAA4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.198.0/24
Signature Algorithm: sha256WithRSAEncryption
46:e3:51:a1:ec:2a:05:14:4c:e6:0c:dd:ff:2a:05:a9:53:11:
5d:f4:35:5e:93:21:8e:bb:08:e2:8a:8a:ea:0b:31:c7:2c:46:
1f:1b:88:67:1e:89:62:a7:bf:da:19:71:94:a3:eb:98:4a:22:
67:b7:a4:14:2a:df:5a:3c:32:b8:51:9c:96:28:d3:d5:5c:2c:
c4:56:c2:64:26:8e:95:23:69:09:1c:85:94:c0:a9:47:d7:e6:
d2:7f:41:50:a1:6b:c3:f5:ef:42:d6:5d:53:7d:81:7a:d8:a8:
b0:08:69:7a:ca:2a:61:3f:42:df:cc:1b:bd:a1:ee:aa:79:2a:
ad:7a:07:42:fb:48:11:e0:21:e0:09:73:8d:02:c8:12:b8:b0:
0e:84:a7:43:ad:83:6d:0d:70:69:8d:e6:09:9b:27:85:7d:57:
d5:b1:e3:be:ac:bb:4c:7a:80:d1:df:a7:94:70:28:1c:c2:42:
8d:25:78:1b:3f:40:9b:92:15:ff:54:1c:9e:b4:1e:5d:1f:d2:
cc:23:2c:9e:c1:88:1c:70:d6:8b:46:66:25:94:74:71:ae:86:
0d:b8:69:9e:92:62:c5:41:a8:5a:08:53:9b:22:a0:d5:50:0b:
1a:1f:0f:4c:16:20:cb:50:c1:09:6c:d2:0a:d8:b3:1d:f7:3e:
ef:f7:ad:37
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDE0ODE4WhcNMjUxMjEwMDE0ODE4WjAYMRYw
FAYDVQQDEw02NzZjYjVlNi1lMmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyMMmeySVms0Kl58twRwSJb4GaBaFNTPiGynmKIVejbdMnRNnf73EPm9E
6RULrxz9apbMV9r23FBDGX0trL4EYTODeLOsmvNr5a4yGHhodUP8WlbjJvGVNE4E
sJefsn0w77Q55fGcFpgQljl53bI0OJy1kypBPAHBAJRwmP5Gwz9AORQwejyeOytF
2hzA0xuQc2oOVi7OQlY/rDN5x0i+oSIMOiWGdc1oyYdl3YbGXP5ZEh857YMdkZxu
udqPEgJ+vFqGdtEK03XByPTSu0mEXEH0XX2To99iupKLQM9/1HWtYUjBto7tiWR1
RzvxzGfX/8gb44XG0vg/I1bRbubzSQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJcp
hzsPvI8Zr3Fh+aC0PJFdcrFNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Q0U0OERFMEMzMkIxMUVGOEZCQUZBQTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPGMA0GCSqGSIb3DQEBCwUA
A4IBAQBG41Gh7CoFFEzmDN3/KgWpUxFd9DVekyGOuwjiiorqCzHHLEYfG4hnHoli
p7/aGXGUo+uYSiJnt6QUKt9aPDK4UZyWKNPVXCzEVsJkJo6VI2kJHIWUwKlH1+bS
f0FQoWvD9e9C1l1TfYF62KiwCGl6yiphP0LfzBu9oe6qeSqtegdC+0gR4CHgCXON
AsgSuLAOhKdDrYNtDXBpjeYJmyeFfVfVseO+rLtMeoDR36eUcCgcwkKNJXgbP0Cb
khX/VByetB5dH9LMIyyewYgccNaLRmYllHRxroYNuGmekmLFQahaCFObIqDVUAsa
Hw9MFiDLUMEJbNIK2LMd9z7v9603
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:30 2025 by rpki-client