Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/84BCCB06D2EC11EF92E6704B762E951A.roa
File: 84BCCB06D2EC11EF92E6704B762E951A.roa (raw, json)
Hash identifier: OuvZ9tqeu6CBdWvlffvtIrvzch/vrzQgKCdxaZ8JbaA=
Subject key identifier: DF:04:5F:C7:2B:2A:BA:F5:69:97:F3:18:A9:28:50:EA:7B:56:C6:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010761
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/84BCCB06D2EC11EF92E6704B762E951A.roa
Signing time: Wed 15 Jan 2025 02:57:55 +0000
ROA not before: Wed 15 Jan 2025 02:57:52 +0000
ROA not after: Sat 03 Jan 2026 02:57:52 +0000
asID: 984
IP address blocks: 156.233.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67425 (0x10761)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 02:57:52 2025 GMT
Not After : Jan 3 02:57:52 2026 GMT
Subject: CN=67872433-7440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6b:40:79:f0:ff:da:cc:f4:86:16:e5:08:c7:
5a:af:2d:72:62:e8:f7:93:6c:1a:14:d0:98:78:54:
61:43:6b:9d:90:dd:d4:83:f8:e9:a4:fd:1d:a8:cd:
43:ff:cc:af:2b:e0:00:3a:17:62:92:ec:8c:48:81:
d4:8d:c9:c2:12:3e:60:d4:d3:95:ed:92:d8:47:2e:
a5:a7:5a:e0:f2:ed:4b:b3:b4:83:e5:9d:05:ac:17:
32:70:3f:d4:f7:f5:c6:72:5a:c3:ec:35:00:a2:3b:
be:d9:ab:40:13:81:96:2c:d3:ee:a5:ae:33:51:33:
a2:fa:0a:27:79:ad:c0:e3:32:77:18:56:21:d3:7c:
0c:7f:82:5f:ec:c2:b6:89:0f:39:f4:ac:ce:91:06:
da:78:40:03:43:5e:53:dd:75:fa:be:b0:6d:d9:a4:
df:8a:4d:0d:76:bd:41:ca:c3:35:36:49:5b:bf:d3:
c5:21:f9:13:f4:dd:b4:2f:8f:d4:40:4b:b0:c0:cd:
26:a0:c2:2e:c5:e3:c4:d6:94:c6:5d:30:6a:15:9c:
ba:3e:ce:95:9a:56:86:ee:e6:9e:4e:7a:1f:46:e7:
26:35:4b:cd:e8:50:b8:5c:65:41:74:6d:d7:2b:f3:
26:fa:51:51:e4:6b:41:b5:94:e3:08:a8:e5:04:47:
a9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:04:5F:C7:2B:2A:BA:F5:69:97:F3:18:A9:28:50:EA:7B:56:C6:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/84BCCB06D2EC11EF92E6704B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.53.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ca:c3:b0:ec:88:e2:7f:59:2f:b4:c2:02:70:5f:0a:d8:8b:
07:c0:f6:3b:51:52:10:89:4f:be:b7:a1:b2:d5:8a:e8:99:e9:
75:be:bd:8b:67:e3:ec:ee:8d:22:60:3e:6a:e3:27:95:6c:c1:
19:91:65:a6:f3:0e:b6:54:69:2b:c6:9b:90:12:9b:00:4b:82:
08:e1:4b:37:56:0f:4e:58:5c:55:19:98:00:bb:eb:fd:58:eb:
04:3e:de:64:e6:ab:3c:84:72:04:c2:0d:42:74:91:e9:74:48:
f4:fd:64:ed:fe:c4:74:9f:08:f6:9f:2c:a9:b1:a0:ac:50:bf:
b9:2e:37:c7:8c:ba:1f:08:a1:49:db:ca:2d:d1:47:d4:c4:66:
00:91:5c:e9:52:ee:59:f2:0c:d9:c8:73:d3:70:e5:15:1d:6c:
28:95:cb:86:40:63:95:d8:a0:21:2f:d7:19:ea:e3:03:a1:32:
98:64:c5:18:60:a2:f1:d2:fe:a4:af:1f:26:3a:14:14:50:c0:
8b:dd:6d:81:6a:d5:3f:ae:ee:00:f3:cf:1f:e3:df:10:d0:16:
53:28:4d:3d:48:c1:e1:9c:53:f2:74:ab:a7:3f:de:93:a3:b0:
07:15:54:f6:c2:cc:76:98:a4:35:e0:d0:28:0e:f7:7c:36:46:
eb:2b:b2:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQdhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDI1NzUyWhcNMjYwMTAzMDI1NzUyWjAYMRYw
FAYDVQQDEw02Nzg3MjQzMy03NDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwGtAefD/2sz0hhblCMdary1yYuj3k2waFNCYeFRhQ2udkN3Ug/jppP0d
qM1D/8yvK+AAOhdikuyMSIHUjcnCEj5g1NOV7ZLYRy6lp1rg8u1Ls7SD5Z0FrBcy
cD/U9/XGclrD7DUAoju+2atAE4GWLNPupa4zUTOi+gonea3A4zJ3GFYh03wMf4Jf
7MK2iQ859KzOkQbaeEADQ15T3XX6vrBt2aTfik0Ndr1BysM1Nklbv9PFIfkT9N20
L4/UQEuwwM0moMIuxePE1pTGXTBqFZy6Ps6VmlaG7uaeTnofRucmNUvN6FC4XGVB
dG3XK/Mm+lFR5GtBtZTjCKjlBEepIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN8E
X8crKrr1aZfzGKkoUOp7VsbyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NEJDQ0IwNkQyRUMxMUVGOTJFNjcwNEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk1MA0GCSqGSIb3DQEBCwUA
A4IBAQBWysOw7Ijif1kvtMICcF8K2IsHwPY7UVIQiU++t6Gy1Yromel1vr2LZ+Ps
7o0iYD5q4yeVbMEZkWWm8w62VGkrxpuQEpsAS4II4Us3Vg9OWFxVGZgAu+v9WOsE
Pt5k5qs8hHIEwg1CdJHpdEj0/WTt/sR0nwj2nyypsaCsUL+5LjfHjLofCKFJ28ot
0UfUxGYAkVzpUu5Z8gzZyHPTcOUVHWwolcuGQGOV2KAhL9cZ6uMDoTKYZMUYYKLx
0v6krx8mOhQUUMCL3W2BatU/ru4A888f498Q0BZTKE09SMHhnFPydKunP96To7AH
FVT2wsx2mKQ14NAoDvd8NkbrK7JH
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:49 2025 by rpki-client