Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81DC3AFACF6011EF98FE6B56762E951A.roa
File: 81DC3AFACF6011EF98FE6B56762E951A.roa (raw, json)
Hash identifier: 7B2c3xe2WMeWDNwMDegONIcR1+7JdU4uMF8HQaw7voo=
Subject key identifier: 31:EC:CC:EB:FC:84:2E:D1:96:8E:C2:7E:59:22:F4:EF:F2:78:8E:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010561
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81DC3AFACF6011EF98FE6B56762E951A.roa
Signing time: Fri 10 Jan 2025 14:38:07 +0000
ROA not before: Fri 10 Jan 2025 14:38:04 +0000
ROA not after: Wed 05 Feb 2025 14:38:04 +0000
asID: 23764
IP address blocks: 156.242.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 05 Feb 2025 14:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66913 (0x10561)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 14:38:04 2025 GMT
Not After : Feb 5 14:38:04 2025 GMT
Subject: CN=678130cf-931f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c4:99:67:b8:89:78:8c:e4:b5:6b:2c:24:02:
76:47:d2:0d:5b:8f:24:7a:ef:12:09:2c:ef:de:ed:
24:70:48:75:b5:ab:1e:02:41:f6:05:61:20:96:b7:
85:c9:f3:4b:28:21:18:13:72:d6:90:bd:d4:05:11:
6f:2e:0f:44:44:87:71:29:26:26:a6:f8:6b:b8:83:
af:ef:f0:2e:7a:e4:94:09:28:a7:53:95:8c:f1:8c:
32:5d:5b:f8:d9:d1:20:c7:c5:f0:bc:d6:0c:45:07:
bb:42:6b:b7:1a:a2:05:e6:32:8a:d6:0c:5a:b5:8a:
d1:49:bf:fd:45:91:3a:6e:19:bf:f9:8c:48:4f:1b:
8e:dd:8d:04:1e:d1:40:07:f7:54:03:ce:f1:12:15:
d1:fd:b4:44:51:a7:7b:b7:23:2e:5d:b3:08:c9:fc:
29:ad:62:fe:40:1c:32:0f:5f:8b:d7:f4:a5:ce:c5:
f1:6d:df:0e:f3:cf:08:79:03:6d:33:79:01:2b:12:
f3:11:47:b1:c2:b3:0a:dd:2d:27:6a:64:ff:80:1c:
1f:53:d1:30:af:e3:34:cf:9f:51:c1:9e:bb:33:6c:
e0:4a:57:34:ce:5f:55:d8:c6:36:99:67:ad:1d:9d:
16:e0:f7:41:41:f6:09:00:0a:e8:a9:ed:14:51:55:
74:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:EC:CC:EB:FC:84:2E:D1:96:8E:C2:7E:59:22:F4:EF:F2:78:8E:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/81DC3AFACF6011EF98FE6B56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.4.0/24
Signature Algorithm: sha256WithRSAEncryption
80:ed:d2:8e:74:1f:c6:d3:bd:28:87:d9:ed:46:49:d4:b0:c1:
ff:1f:2c:3d:c1:8c:20:a1:2f:52:0a:04:7c:87:6a:eb:80:13:
5e:a7:78:58:f9:56:48:e0:a3:0f:9e:c6:b9:73:7e:1f:f4:8c:
cc:2f:86:a6:9d:34:2e:5f:6a:9a:a1:4f:49:a9:3a:81:0b:9c:
1d:7b:69:38:05:5d:dd:51:7f:d4:81:0d:eb:74:9e:73:8e:02:
74:4f:05:17:0b:22:30:d3:c6:49:97:db:c0:65:ac:f4:02:f9:
5f:68:66:e2:fe:85:f0:5d:88:b5:c5:87:8e:2f:38:58:ce:d7:
a0:57:c4:68:7f:5f:c0:e4:75:ce:7f:ca:11:7b:87:fc:bb:e6:
ed:11:a7:ec:29:06:5a:29:c7:dd:04:73:a7:af:a4:53:0a:9f:
bb:03:58:c1:b6:91:cb:0e:02:7f:31:71:7a:67:be:37:20:54:
38:90:59:e6:be:9d:a2:b9:d1:88:72:94:fb:a9:d9:3c:6a:a9:
47:47:16:50:d5:d0:24:54:91:74:b8:cd:cc:73:85:cb:0c:b2:
36:b2:de:10:bc:f3:78:45:f3:a4:d1:1e:4b:73:1a:70:24:fa:
01:f3:3c:1b:06:fa:c1:04:62:04:27:dd:2f:92:4e:5e:35:12:
f7:e7:3b:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTQzODA0WhcNMjUwMjA1MTQzODA0WjAYMRYw
FAYDVQQDEw02NzgxMzBjZi05MzFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApMSZZ7iJeIzktWssJAJ2R9INW48keu8SCSzv3u0kcEh1taseAkH2BWEg
lreFyfNLKCEYE3LWkL3UBRFvLg9ERIdxKSYmpvhruIOv7/AueuSUCSinU5WM8Ywy
XVv42dEgx8XwvNYMRQe7Qmu3GqIF5jKK1gxatYrRSb/9RZE6bhm/+YxITxuO3Y0E
HtFAB/dUA87xEhXR/bREUad7tyMuXbMIyfwprWL+QBwyD1+L1/SlzsXxbd8O888I
eQNtM3kBKxLzEUexwrMK3S0namT/gBwfU9Ewr+M0z59RwZ67M2zgSlc0zl9V2MY2
mWetHZ0W4PdBQfYJAAroqe0UUVV0nwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDHs
zOv8hC7Rlo7Cflki9O/yeI44MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MURDM0FGQUNGNjAxMUVGOThGRTZCNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPIEMA0GCSqGSIb3DQEBCwUA
A4IBAQCA7dKOdB/G070oh9ntRknUsMH/Hyw9wYwgoS9SCgR8h2rrgBNep3hY+VZI
4KMPnsa5c34f9IzML4amnTQuX2qaoU9JqTqBC5wde2k4BV3dUX/UgQ3rdJ5zjgJ0
TwUXCyIw08ZJl9vAZaz0AvlfaGbi/oXwXYi1xYeOLzhYztegV8Rof1/A5HXOf8oR
e4f8u+btEafsKQZaKcfdBHOnr6RTCp+7A1jBtpHLDgJ/MXF6Z743IFQ4kFnmvp2i
udGIcpT7qdk8aqlHRxZQ1dAkVJF0uM3Mc4XLDLI2st4QvPN4RfOk0R5LcxpwJPoB
8zwbBvrBBGIEJ90vkk5eNRL35zsb
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:15 2025 by rpki-client