Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/814EB5E0CD9911EF933E2985762E951A.roa
File: 814EB5E0CD9911EF933E2985762E951A.roa (raw, json)
Hash identifier: yXaghEFiuUBEN8LEymhcG2+61HL7/Z9eaSUiFuflRiU=
Subject key identifier: A8:39:15:88:DF:DB:F7:FB:DC:78:69:D5:BC:5C:3F:28:FB:97:53:A4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010077
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/814EB5E0CD9911EF933E2985762E951A.roa
Signing time: Wed 08 Jan 2025 08:21:05 +0000
ROA not before: Wed 08 Jan 2025 08:21:02 +0000
ROA not after: Tue 16 Dec 2025 08:21:02 +0000
asID: 984
IP address blocks: 156.249.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65655 (0x10077)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:21:02 2025 GMT
Not After : Dec 16 08:21:02 2025 GMT
Subject: CN=677e3571-9123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:80:ca:8f:17:20:ab:f2:9d:b3:37:8d:c7:a3:
5a:96:ba:66:11:b8:ad:6e:ba:8c:66:bb:32:e6:4e:
c4:96:ce:a3:5a:3a:cc:39:b2:eb:01:7a:d9:06:89:
b3:87:86:c9:46:1f:6d:f6:02:c4:4c:1f:ff:31:02:
76:ea:fd:62:49:af:8b:99:75:96:12:ff:42:f3:ce:
8a:9a:7e:44:b8:1b:88:fd:d5:7d:ef:37:12:f3:e7:
6e:f8:8e:c9:6e:39:47:40:b3:6f:0a:bf:89:5e:4e:
86:b0:79:e1:0f:e3:67:07:36:27:00:97:a9:7a:13:
8f:4f:86:fb:4f:cc:7e:7e:b5:58:a7:1c:89:16:3f:
51:70:0f:18:a3:06:a1:f6:22:82:5a:2e:ca:a3:aa:
6b:bc:64:fa:51:db:95:5d:da:5a:23:8f:2e:76:ab:
df:02:a8:1f:60:39:b2:c2:da:64:e9:22:3a:ef:1a:
7f:3a:7f:56:73:79:6a:93:f0:a6:a3:9e:b8:6b:a1:
2e:96:cc:b5:26:8b:76:f0:c0:7c:fd:66:18:a0:68:
66:38:46:94:6c:bd:98:e2:99:75:4a:90:96:0b:64:
35:cc:b5:fe:1a:19:fc:de:df:13:1a:62:99:b1:14:
fe:d6:ad:fd:dd:92:4d:0e:95:a5:c8:92:e5:d2:19:
e8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:39:15:88:DF:DB:F7:FB:DC:78:69:D5:BC:5C:3F:28:FB:97:53:A4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/814EB5E0CD9911EF933E2985762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.78.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:15:93:52:62:a3:a1:15:e0:4d:3e:1f:c4:88:0d:6a:c7:00:
16:02:13:19:a9:cb:15:6f:4e:fb:e5:05:36:c4:d3:9d:1b:78:
47:30:df:2d:a1:6a:8f:1d:b5:07:a2:db:5c:2e:43:38:28:90:
c8:11:91:20:54:fa:4d:0f:ce:d1:ea:6f:0d:75:7c:09:74:29:
06:22:5c:bf:5f:d9:ca:07:80:00:26:25:f7:01:39:b3:ae:10:
12:a6:58:b1:64:40:04:fe:f5:79:1b:ec:d5:40:fe:3d:1b:61:
fd:ac:08:df:57:bc:91:23:df:76:66:89:ad:79:16:44:69:da:
77:a0:c7:d5:74:e3:b6:08:97:1d:02:94:fa:9f:ec:98:95:93:
11:c5:05:49:19:f7:7e:3e:6b:04:28:12:06:85:65:12:e0:ca:
ac:e7:08:93:e7:c5:d4:c1:d7:e5:2a:46:4f:97:3b:b2:32:0b:
db:88:2f:f6:68:ae:70:68:3c:e7:b6:77:38:78:27:61:43:e1:
65:1b:43:7d:0c:89:e1:fc:e3:d2:27:cc:70:27:f5:0f:2c:dd:
b0:ba:f0:fa:75:98:00:fb:13:bc:46:28:bf:a1:68:19:e9:eb:
b0:f6:df:d3:ee:71:1b:c7:16:6e:c5:65:ef:21:c8:13:14:14:
be:e9:9b:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQB3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDgyMTAyWhcNMjUxMjE2MDgyMTAyWjAYMRYw
FAYDVQQDEw02NzdlMzU3MS05MTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvoDKjxcgq/KdszeNx6NalrpmEbitbrqMZrsy5k7Els6jWjrMObLrAXrZ
Bomzh4bJRh9t9gLETB//MQJ26v1iSa+LmXWWEv9C886Kmn5EuBuI/dV97zcS8+du
+I7JbjlHQLNvCr+JXk6GsHnhD+NnBzYnAJepehOPT4b7T8x+frVYpxyJFj9RcA8Y
owah9iKCWi7Ko6prvGT6UduVXdpaI48udqvfAqgfYDmywtpk6SI67xp/On9Wc3lq
k/Cmo564a6Eulsy1Jot28MB8/WYYoGhmOEaUbL2Y4pl1SpCWC2Q1zLX+Ghn83t8T
GmKZsRT+1q393ZJNDpWlyJLl0hnozQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKg5
FYjf2/f73Hhp1bxcPyj7l1OkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MTRFQjVFMENEOTkxMUVGOTMzRTI5ODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlOMA0GCSqGSIb3DQEBCwUA
A4IBAQCMFZNSYqOhFeBNPh/EiA1qxwAWAhMZqcsVb0775QU2xNOdG3hHMN8toWqP
HbUHottcLkM4KJDIEZEgVPpND87R6m8NdXwJdCkGIly/X9nKB4AAJiX3ATmzrhAS
plixZEAE/vV5G+zVQP49G2H9rAjfV7yRI992ZomteRZEadp3oMfVdOO2CJcdApT6
n+yYlZMRxQVJGfd+PmsEKBIGhWUS4Mqs5wiT58XUwdflKkZPlzuyMgvbiC/2aK5w
aDzntnc4eCdhQ+FlG0N9DInh/OPSJ8xwJ/UPLN2wuvD6dZgA+xO8Rii/oWgZ6euw
9t/T7nEbxxZuxWXvIcgTFBS+6Zs0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:47 2025 by rpki-client