Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80B8BDCCCD6E11EFA5DD9975762E951A.roa
File: 80B8BDCCCD6E11EFA5DD9975762E951A.roa (raw, json)
Hash identifier: iy7VYfGa6OdnaMnJU8xmimKy/qjmRWM2xLMjzNZfNro=
Subject key identifier: 03:3C:DB:69:A8:46:EB:8F:C1:93:19:1D:D3:46:D8:C5:52:5F:CE:8D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF77
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80B8BDCCCD6E11EFA5DD9975762E951A.roa
Signing time: Wed 08 Jan 2025 03:13:16 +0000
ROA not before: Wed 08 Jan 2025 03:13:13 +0000
ROA not after: Mon 13 Dec 2027 03:13:13 +0000
asID: 17561
IP address blocks: 156.248.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65399 (0xff77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 03:13:13 2025 GMT
Not After : Dec 13 03:13:13 2027 GMT
Subject: CN=677ded4c-4d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c1:b7:7e:44:98:dd:e3:63:b1:dc:c8:87:98:
c6:e0:dd:f6:ba:f7:5f:c2:74:09:ed:50:0f:c3:7d:
4e:eb:3d:a2:5c:e3:4c:24:34:40:1a:d6:b9:1a:de:
d1:2b:90:b6:49:9b:7a:ec:41:1b:85:27:f0:8c:bb:
be:6d:7b:f8:38:f7:42:8a:ba:af:63:f5:89:11:53:
08:74:45:7d:46:af:f9:8e:5f:18:ef:2f:6f:bc:1c:
9c:b2:5d:91:60:20:6d:f6:9c:66:d4:e6:0f:c7:e2:
bc:4d:f1:54:2a:27:70:62:af:ba:30:27:0e:ac:83:
e4:c2:09:b8:8c:2b:01:1d:44:6a:bf:ef:d0:fe:3c:
7e:56:d2:42:46:1a:19:7d:84:a6:7f:36:0c:3e:8f:
be:5b:d2:b1:a2:b9:f2:e1:92:89:e1:55:3b:99:1d:
e5:52:d8:5e:ba:12:b9:92:36:53:e9:ce:36:4d:ff:
14:9e:90:5b:88:a6:56:fd:86:af:e6:52:bc:3b:00:
4b:8d:6b:0c:c7:f4:dc:1c:68:17:b9:ab:d1:76:7e:
49:6f:9a:b9:a6:28:81:6d:c4:01:18:43:d2:e5:13:
3c:ed:c2:17:92:5f:61:fd:2a:19:b9:24:67:b9:ff:
ee:af:57:0e:f4:1b:6f:8f:25:e6:e8:d1:11:5f:ef:
35:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:3C:DB:69:A8:46:EB:8F:C1:93:19:1D:D3:46:D8:C5:52:5F:CE:8D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80B8BDCCCD6E11EFA5DD9975762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.21.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:79:f9:20:53:84:07:e8:ab:9d:3c:8a:51:a4:a9:32:d4:ad:
65:a3:05:4c:9e:1c:2d:f6:7a:08:1c:4d:9f:96:ee:7b:de:e0:
d7:c9:9b:61:38:1f:95:59:dd:9a:9a:3e:8b:ee:5e:7f:d9:da:
40:82:d9:02:6d:90:d1:fd:63:12:93:2f:cc:d8:ab:85:e4:90:
43:56:9f:76:28:35:46:b1:40:bb:30:0e:53:4f:34:62:f7:55:
23:d7:6c:8b:1c:fa:23:c5:84:74:25:2f:d6:23:7e:8a:b3:c3:
ba:0a:da:49:08:d2:3d:a0:67:5a:7e:f9:0e:fb:da:9e:d8:bb:
3c:66:6d:6b:55:24:14:ec:a7:c0:31:b6:f7:35:b2:b8:67:f1:
a3:89:99:d0:7b:00:44:78:6a:e1:32:62:f7:2d:a3:15:14:12:
48:75:f6:b0:00:61:12:71:80:2e:8c:b2:7c:0b:fc:33:af:d2:
07:b1:bd:6b:2d:c6:2c:64:b8:7b:40:b2:0a:02:22:60:74:9b:
8f:ae:85:c0:ee:1e:76:e7:ae:72:6f:74:9e:bb:d4:65:05:5b:
75:14:5a:8a:61:7b:5b:aa:ce:ea:6c:b1:14:2f:16:58:7f:eb:
11:cb:06:df:69:5c:2b:ae:20:b5:24:4d:cc:0f:5b:ca:ce:73:
77:8e:58:76
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP93MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDMxMzEzWhcNMjcxMjEzMDMxMzEzWjAYMRYw
FAYDVQQDEw02NzdkZWQ0Yy00ZDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8G3fkSY3eNjsdzIh5jG4N32uvdfwnQJ7VAPw31O6z2iXONMJDRAGta5
Gt7RK5C2SZt67EEbhSfwjLu+bXv4OPdCirqvY/WJEVMIdEV9Rq/5jl8Y7y9vvByc
sl2RYCBt9pxm1OYPx+K8TfFUKidwYq+6MCcOrIPkwgm4jCsBHURqv+/Q/jx+VtJC
RhoZfYSmfzYMPo++W9Kxorny4ZKJ4VU7mR3lUtheuhK5kjZT6c42Tf8UnpBbiKZW
/Yav5lK8OwBLjWsMx/TcHGgXuavRdn5Jb5q5piiBbcQBGEPS5RM87cIXkl9h/SoZ
uSRnuf/ur1cO9BtvjyXm6NERX+81qwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAM8
22moRuuPwZMZHdNG2MVSX86NMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MEI4QkRDQ0NENkUxMUVGQTVERDk5NzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPgVMA0GCSqGSIb3DQEBCwUA
A4IBAQBNefkgU4QH6KudPIpRpKky1K1lowVMnhwt9noIHE2flu573uDXyZthOB+V
Wd2amj6L7l5/2dpAgtkCbZDR/WMSky/M2KuF5JBDVp92KDVGsUC7MA5TTzRi91Uj
12yLHPojxYR0JS/WI36Ks8O6CtpJCNI9oGdafvkO+9qe2Ls8Zm1rVSQU7KfAMbb3
NbK4Z/GjiZnQewBEeGrhMmL3LaMVFBJIdfawAGEScYAujLJ8C/wzr9IHsb1rLcYs
ZLh7QLIKAiJgdJuProXA7h52565yb3Seu9RlBVt1FFqKYXtbqs7qbLEULxZYf+sR
ywbfaVwrriC1JE3MD1vKznN3jlh2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:12 2025 by rpki-client