Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/861BCA68CD2111EF923E0B7B762E951A.roa
File: 861BCA68CD2111EF923E0B7B762E951A.roa (raw, json)
Hash identifier: 0xOQJDgZberTf4T5HQ2IyQEv0AN8vM0aX3cOicrAtsI=
Subject key identifier: D9:13:FE:59:61:D6:92:07:2A:C2:3C:29:1A:32:4E:A9:DA:1F:06:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD77
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/861BCA68CD2111EF923E0B7B762E951A.roa
Signing time: Tue 07 Jan 2025 18:02:14 +0000
ROA not before: Tue 07 Jan 2025 18:02:10 +0000
ROA not after: Sat 13 Dec 2025 18:02:10 +0000
asID: 984
IP address blocks: 156.241.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64887 (0xfd77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 18:02:10 2025 GMT
Not After : Dec 13 18:02:10 2025 GMT
Subject: CN=677d6c26-5f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:13:4c:a8:56:62:da:1c:e9:55:3f:75:2a:8b:
d4:b2:e5:60:f0:a7:c9:8f:2d:1e:e8:4c:a3:70:ff:
3a:5c:5d:91:b0:71:38:9b:89:f3:30:19:6d:e7:38:
cc:de:61:dc:74:dd:57:45:bf:09:ad:d7:ad:b9:34:
7a:5e:6d:ab:6b:fb:cc:1f:f2:12:f5:32:ec:62:10:
75:e5:cc:6b:bd:ff:18:a3:7c:a5:83:be:65:35:37:
23:7f:07:b6:10:ae:82:2d:04:dd:99:22:54:cb:21:
76:eb:f3:59:20:64:67:a9:c7:db:35:7f:de:8e:14:
96:9f:e6:3b:df:a2:09:21:93:1e:88:80:d7:3a:af:
2f:49:80:fa:f0:94:a7:1e:8c:60:08:e3:93:cb:92:
0e:21:1f:b2:7d:06:c1:4c:f9:50:d9:04:44:28:e4:
fa:c4:2d:fc:5e:2f:67:43:48:3b:c1:2e:59:23:8a:
a1:27:41:d5:0d:53:c0:da:69:63:49:c6:cd:bf:96:
15:a9:c5:9e:00:e7:d8:55:ec:7a:18:87:94:a7:b9:
ff:40:d4:17:54:d1:f2:2d:0f:3e:75:5f:b7:b3:ca:
b8:1d:de:27:27:5a:8f:ec:0e:81:7e:20:8d:6d:72:
6f:41:7c:c9:c1:8c:88:57:62:f1:4d:1f:c0:fd:13:
a4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:13:FE:59:61:D6:92:07:2A:C2:3C:29:1A:32:4E:A9:DA:1F:06:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/861BCA68CD2111EF923E0B7B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.198.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:9c:2d:7d:2e:b8:28:22:e6:7f:1d:57:29:20:a9:54:87:5b:
e9:44:25:29:fc:a8:f5:9a:1c:e4:5e:98:76:e6:a7:e1:2f:2c:
47:3d:ef:74:f6:a3:71:59:d2:5c:5b:d5:6d:25:41:7d:e2:b5:
9e:23:9d:d5:cf:44:6a:a8:80:a6:a1:a4:fb:09:71:56:b2:4d:
d9:79:69:6c:d5:f0:f2:4d:57:0b:c2:ff:e8:15:24:9a:09:e9:
eb:2f:5a:1f:01:08:89:9a:c1:a5:ec:a9:5d:82:3a:e2:6b:6a:
0c:3b:ff:f5:81:42:66:a2:3a:46:36:6c:64:a4:0f:09:99:6f:
0f:4c:4c:63:30:ba:e4:18:73:2e:42:0c:cb:74:c2:1f:c4:28:
bf:a9:24:7b:fb:b9:a3:e0:ee:21:f8:a9:52:12:1a:8a:77:91:
98:33:b9:a3:ec:29:04:11:e2:82:34:c2:df:67:85:78:50:07:
d2:b3:48:c1:82:e7:58:94:fa:91:13:85:c0:1a:c4:ad:c6:6a:
94:0c:1e:85:6e:54:59:a6:4c:de:a1:ab:d1:d1:a0:12:d2:47:
9e:1d:3e:04:28:c3:6b:64:50:f1:76:8b:04:96:8e:3b:9f:68:
47:32:6a:79:50:b4:41:d4:32:9c:65:c1:7d:75:9c:97:e2:86:
1b:a4:c9:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP13MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTgwMjEwWhcNMjUxMjEzMTgwMjEwWjAYMRYw
FAYDVQQDEw02NzdkNmMyNi01ZjNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwBNMqFZi2hzpVT91KovUsuVg8KfJjy0e6EyjcP86XF2RsHE4m4nzMBlt
5zjM3mHcdN1XRb8JrdetuTR6Xm2ra/vMH/IS9TLsYhB15cxrvf8Yo3ylg75lNTcj
fwe2EK6CLQTdmSJUyyF26/NZIGRnqcfbNX/ejhSWn+Y736IJIZMeiIDXOq8vSYD6
8JSnHoxgCOOTy5IOIR+yfQbBTPlQ2QREKOT6xC38Xi9nQ0g7wS5ZI4qhJ0HVDVPA
2mljScbNv5YVqcWeAOfYVex6GIeUp7n/QNQXVNHyLQ8+dV+3s8q4Hd4nJ1qP7A6B
fiCNbXJvQXzJwYyIV2LxTR/A/ROkXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNkT
/llh1pIHKsI8KRoyTqnaHwa3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NjFCQ0E2OENEMjExMUVGOTIzRTBCN0I3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHGMA0GCSqGSIb3DQEBCwUA
A4IBAQCbnC19LrgoIuZ/HVcpIKlUh1vpRCUp/Kj1mhzkXph25qfhLyxHPe909qNx
WdJcW9VtJUF94rWeI53Vz0RqqICmoaT7CXFWsk3ZeWls1fDyTVcLwv/oFSSaCenr
L1ofAQiJmsGl7Kldgjria2oMO//1gUJmojpGNmxkpA8JmW8PTExjMLrkGHMuQgzL
dMIfxCi/qSR7+7mj4O4h+KlSEhqKd5GYM7mj7CkEEeKCNMLfZ4V4UAfSs0jBgudY
lPqRE4XAGsStxmqUDB6FblRZpkzeoavR0aAS0keeHT4EKMNrZFDxdosElo47n2hH
Mmp5ULRB1DKcZcF9dZyX4oYbpMl9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:00 2025 by rpki-client