Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80D8D488CD3A11EF95F95499762E951A.roa
File: 80D8D488CD3A11EF95F95499762E951A.roa (raw, json)
Hash identifier: QFvQ4RSYkKV3v1Q4GNWGGorQo7wdAmZEkd46BWDgIao=
Subject key identifier: 7E:9C:2E:E7:BE:EA:82:A7:64:13:2A:FD:D8:67:7F:F9:E5:FD:2A:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE3D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80D8D488CD3A11EF95F95499762E951A.roa
Signing time: Tue 07 Jan 2025 21:01:03 +0000
ROA not before: Tue 07 Jan 2025 21:00:59 +0000
ROA not after: Sat 13 Dec 2025 21:00:59 +0000
asID: 984
IP address blocks: 156.243.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65085 (0xfe3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:00:59 2025 GMT
Not After : Dec 13 21:00:59 2025 GMT
Subject: CN=677d960e-8aa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:21:9d:68:31:30:46:b5:23:c9:45:24:0d:88:
b0:ee:63:99:5b:77:df:5f:46:35:b9:90:6f:b7:a0:
aa:86:42:d7:99:9a:3f:61:a6:f8:52:39:19:57:43:
3d:dc:a6:41:32:a2:5a:0c:d3:76:a2:62:6b:e4:02:
c4:f6:f9:c6:2f:7b:4c:ae:a5:d3:4d:a2:45:15:e6:
9d:b7:85:91:6b:53:ab:53:af:4c:a6:57:04:62:d7:
23:b7:7e:56:5b:1e:f3:13:31:3c:bf:97:81:05:39:
47:1d:8e:63:18:79:d1:93:84:2e:62:12:dc:92:e3:
8e:d0:84:a6:6b:67:38:7d:fb:1b:3c:30:0c:c0:12:
0b:db:68:49:50:d6:10:89:ef:a9:e1:85:05:64:f9:
f9:eb:3d:b5:6b:ff:89:e2:a2:5e:ab:81:06:a1:0f:
80:87:88:09:38:ae:7f:a8:14:a3:8b:0a:6d:59:b1:
cb:af:a7:64:e2:e6:85:27:d9:18:07:c0:10:5e:f8:
6d:12:a3:0c:0a:28:b8:cf:35:a1:db:25:33:bb:94:
96:01:46:22:47:59:9f:e2:a6:6e:70:d9:29:1d:c6:
f3:30:78:b4:92:dc:39:74:30:17:e3:85:e5:c1:ba:
3b:6c:c0:be:36:69:d8:19:82:b1:d3:2a:37:df:42:
88:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:9C:2E:E7:BE:EA:82:A7:64:13:2A:FD:D8:67:7F:F9:E5:FD:2A:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80D8D488CD3A11EF95F95499762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.71.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:0e:36:92:ef:88:21:a0:c5:c2:57:22:95:d5:26:10:8e:17:
7b:70:95:fe:6c:33:ab:89:45:aa:77:2d:74:c8:66:9b:2e:2f:
d5:93:b0:53:7c:80:39:eb:c5:64:a4:94:01:e0:2c:8f:55:a2:
91:db:ce:38:f5:7d:b3:63:e1:35:12:31:1c:cf:02:51:cc:6e:
02:2a:e3:07:4f:78:f1:35:a2:88:66:79:1f:f8:76:98:8f:4d:
8d:53:fc:f0:db:a8:86:ed:a0:0e:0b:45:ec:c2:45:ab:c5:78:
11:e6:16:ca:86:c5:3b:db:f8:c1:1e:65:5a:99:c3:aa:b1:33:
3f:1b:2a:07:fa:22:67:68:b6:f7:30:f7:f1:52:da:e3:16:5d:
b3:0b:f2:d9:f5:d8:41:b5:0a:9e:2b:71:9f:86:57:43:e6:11:
f6:30:2c:e5:c6:56:5d:f1:e3:57:9f:94:22:10:72:e1:d6:a8:
c6:c1:89:42:53:bc:c2:57:69:e3:cb:9d:27:5d:d0:58:26:9c:
7d:7a:ff:b4:da:f6:a9:78:70:ee:b1:dd:bb:55:60:30:f2:d8:
df:90:a7:b2:27:92:29:76:a7:3a:a9:b9:96:43:0e:40:7b:0d:
33:e7:81:e6:d1:7e:e0:d7:29:5a:7f:9f:54:78:2b:94:75:cf:
df:2c:2f:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP49MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjEwMDU5WhcNMjUxMjEzMjEwMDU5WjAYMRYw
FAYDVQQDEw02NzdkOTYwZS04YWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvCGdaDEwRrUjyUUkDYiw7mOZW3ffX0Y1uZBvt6CqhkLXmZo/Yab4UjkZ
V0M93KZBMqJaDNN2omJr5ALE9vnGL3tMrqXTTaJFFeadt4WRa1OrU69MplcEYtcj
t35WWx7zEzE8v5eBBTlHHY5jGHnRk4QuYhLckuOO0ISma2c4ffsbPDAMwBIL22hJ
UNYQie+p4YUFZPn56z21a/+J4qJeq4EGoQ+Ah4gJOK5/qBSjiwptWbHLr6dk4uaF
J9kYB8AQXvhtEqMMCii4zzWh2yUzu5SWAUYiR1mf4qZucNkpHcbzMHi0ktw5dDAX
44Xlwbo7bMC+NmnYGYKx0yo330KIeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH6c
Lue+6oKnZBMq/dhnf/nl/Sr0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MEQ4RDQ4OENEM0ExMUVGOTVGOTU0OTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNHMA0GCSqGSIb3DQEBCwUA
A4IBAQCwDjaS74ghoMXCVyKV1SYQjhd7cJX+bDOriUWqdy10yGabLi/Vk7BTfIA5
68VkpJQB4CyPVaKR28449X2zY+E1EjEczwJRzG4CKuMHT3jxNaKIZnkf+HaYj02N
U/zw26iG7aAOC0XswkWrxXgR5hbKhsU72/jBHmVamcOqsTM/GyoH+iJnaLb3MPfx
UtrjFl2zC/LZ9dhBtQqeK3GfhldD5hH2MCzlxlZd8eNXn5QiEHLh1qjGwYlCU7zC
V2njy50nXdBYJpx9ev+02vapeHDusd27VWAw8tjfkKeyJ5Ipdqc6qbmWQw5Aew0z
54Hm0X7g1ylaf59UeCuUdc/fLC/d
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:33 2025 by rpki-client