Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/84653190CDC711EFAD98C1A8762E951A.roa
File: 84653190CDC711EFAD98C1A8762E951A.roa (raw, json)
Hash identifier: k5kR2+2/TwxD1RnzlFMvjRgrYV1pdZkjWO8EsCg0KAQ=
Subject key identifier: 39:CE:70:68:DF:DB:5E:CD:5D:71:D5:C0:46:BE:19:49:C8:8F:AF:B0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101A7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/84653190CDC711EFAD98C1A8762E951A.roa
Signing time: Wed 08 Jan 2025 13:50:27 +0000
ROA not before: Wed 08 Jan 2025 13:50:24 +0000
ROA not after: Thu 16 Dec 2027 13:50:24 +0000
asID: 17561
IP address blocks: 156.249.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65959 (0x101a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 13:50:24 2025 GMT
Not After : Dec 16 13:50:24 2027 GMT
Subject: CN=677e82a3-03aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:21:94:5a:72:0a:d5:de:58:81:d1:d5:f3:4d:
61:58:c7:ce:c0:2a:a4:72:3c:bd:11:c9:db:33:60:
b7:7d:6a:5a:5c:80:c8:c0:0a:86:45:c0:17:6a:53:
3c:ed:ea:41:44:87:4e:85:8a:8e:86:21:e0:47:c3:
7e:be:e4:d7:83:05:83:2f:f8:86:27:5b:51:e8:5a:
4f:0d:48:3d:00:c9:6b:cd:ab:56:19:43:b5:76:54:
e6:58:7c:a9:18:de:c9:42:75:cb:fc:00:f8:25:23:
76:86:75:f5:82:b9:85:1f:52:30:ee:a0:31:3c:72:
8e:28:bd:5d:59:5b:11:c7:d9:7b:6c:0b:5e:28:92:
44:58:69:ea:76:46:8b:f1:ff:b2:f6:ca:27:2a:d5:
80:7d:77:0c:f4:a9:8c:3a:d9:4f:82:28:ff:a0:50:
db:6b:6e:fc:13:28:6e:ea:de:fc:be:1e:e5:b6:dd:
0b:3d:cf:62:1f:80:73:39:ff:c3:34:0e:f3:6e:13:
fa:33:4b:a0:c6:5e:a2:3b:09:bc:49:dd:1e:7a:5d:
7a:c3:f1:02:da:b8:c9:bf:f9:1b:9f:57:11:98:10:
b0:e5:c2:af:8a:b9:c7:a2:d2:56:74:5d:f9:1b:9e:
92:a4:15:17:9f:b0:6c:d0:aa:04:6e:1a:25:ee:82:
e6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:CE:70:68:DF:DB:5E:CD:5D:71:D5:C0:46:BE:19:49:C8:8F:AF:B0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/84653190CDC711EFAD98C1A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.50.0/24
Signature Algorithm: sha256WithRSAEncryption
15:93:18:21:36:c7:c9:1d:eb:71:bf:1b:cf:c4:9e:47:31:f2:
31:1f:0f:01:47:2a:24:11:9f:d9:d4:29:cc:01:9d:11:5d:4c:
b6:b7:f7:da:61:09:6c:02:5e:04:97:d6:3d:69:5a:7c:b7:26:
c7:f9:77:a4:3b:4d:5b:fe:9c:5f:9e:b3:29:29:3d:c9:11:d6:
8a:d3:ec:bc:97:0f:82:3f:99:13:a2:be:b0:4e:1c:43:dd:a9:
28:5f:3e:ca:dc:82:ea:7f:24:27:01:8b:5f:93:e9:60:09:aa:
0d:56:78:15:f1:4c:26:cd:56:d0:a5:2f:bd:e6:e8:a4:bf:f2:
9f:c0:a2:7d:90:86:ba:b1:b1:0e:13:ea:7f:b1:ad:7e:c8:f1:
ef:f4:3d:2f:57:cb:d1:dd:43:d1:e0:7f:22:f0:fa:b1:da:2e:
4e:89:e0:e5:b9:dc:ba:c7:44:85:f8:14:b7:51:cc:0d:52:01:
d5:75:ce:43:ea:3f:7a:8f:a6:31:72:ea:3c:9f:c2:96:d5:e9:
d6:40:1b:d9:d0:43:53:73:66:08:b0:75:ee:e3:18:04:a8:7b:
d5:01:e6:8e:43:74:49:d5:e1:25:fe:fb:45:71:7e:d7:e2:8f:
f3:7d:60:29:cd:0e:ad:8d:d9:1f:d0:e7:82:bb:85:a7:6b:3a:
ac:00:cb:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQGnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTM1MDI0WhcNMjcxMjE2MTM1MDI0WjAYMRYw
FAYDVQQDEw02NzdlODJhMy0wM2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1iGUWnIK1d5YgdHV801hWMfOwCqkcjy9EcnbM2C3fWpaXIDIwAqGRcAX
alM87epBRIdOhYqOhiHgR8N+vuTXgwWDL/iGJ1tR6FpPDUg9AMlrzatWGUO1dlTm
WHypGN7JQnXL/AD4JSN2hnX1grmFH1Iw7qAxPHKOKL1dWVsRx9l7bAteKJJEWGnq
dkaL8f+y9sonKtWAfXcM9KmMOtlPgij/oFDba278Eyhu6t78vh7ltt0LPc9iH4Bz
Of/DNA7zbhP6M0ugxl6iOwm8Sd0eel16w/EC2rjJv/kbn1cRmBCw5cKvirnHotJW
dF35G56SpBUXn7Bs0KoEbhol7oLmJwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDnO
cGjf217NXXHVwEa+GUnIj6+wMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NDY1MzE5MENEQzcxMUVGQUQ5OEMxQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPkyMA0GCSqGSIb3DQEBCwUA
A4IBAQAVkxghNsfJHetxvxvPxJ5HMfIxHw8BRyokEZ/Z1CnMAZ0RXUy2t/faYQls
Al4El9Y9aVp8tybH+XekO01b/pxfnrMpKT3JEdaK0+y8lw+CP5kTor6wThxD3ako
Xz7K3ILqfyQnAYtfk+lgCaoNVngV8UwmzVbQpS+95uikv/KfwKJ9kIa6sbEOE+p/
sa1+yPHv9D0vV8vR3UPR4H8i8Pqx2i5OieDludy6x0SF+BS3UcwNUgHVdc5D6j96
j6Yxcuo8n8KW1enWQBvZ0ENTc2YIsHXu4xgEqHvVAeaOQ3RJ1eEl/vtFcX7X4o/z
fWApzQ6tjdkf0OeCu4WnazqsAMuL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:45 2025 by rpki-client