Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87EB819ECD9E11EFBAE6A2A4762E951A.roa
File: 87EB819ECD9E11EFBAE6A2A4762E951A.roa (raw, json)
Hash identifier: CFYi9Ba5omF+rGcZITwYz7Is+Ue2+reHcKtRQc5xcWQ=
Subject key identifier: 5D:D2:E8:CF:33:7A:8A:34:E2:30:E7:F7:E6:EA:82:4E:A2:F9:FF:2F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100B1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87EB819ECD9E11EFBAE6A2A4762E951A.roa
Signing time: Wed 08 Jan 2025 08:57:04 +0000
ROA not before: Wed 08 Jan 2025 08:57:00 +0000
ROA not after: Sat 13 Dec 2025 08:57:00 +0000
asID: 984
IP address blocks: 156.252.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65713 (0x100b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:57:00 2025 GMT
Not After : Dec 13 08:57:00 2025 GMT
Subject: CN=677e3de0-dcb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4f:51:b6:a3:6e:a3:b6:8d:aa:52:1b:6a:fe:
af:15:1a:f8:64:c2:19:b6:78:bf:b2:59:53:f4:ba:
ac:61:2b:77:27:01:c1:cc:22:ba:b6:8c:65:a4:09:
a5:ea:20:86:67:49:2c:29:fe:34:94:be:b7:60:ad:
8a:93:86:0f:d6:61:70:dc:2e:94:f7:68:e0:77:6d:
a8:34:d0:18:f2:26:9d:f6:43:1a:74:f5:81:bb:4f:
f4:4d:93:60:50:eb:fb:da:62:e3:4a:18:f9:ce:d4:
f3:0d:87:5f:d4:0f:30:f8:64:73:cd:79:64:fd:42:
2c:15:12:f1:85:0b:6a:8a:08:71:b7:d7:62:13:aa:
fe:d7:4e:4c:3f:f8:d9:d2:fd:d2:90:00:07:4d:a8:
93:e6:51:e1:28:8e:6d:fa:d7:ac:d3:95:14:da:c3:
ad:19:1d:58:a8:db:00:26:64:34:6a:f8:28:dd:93:
1d:49:91:eb:24:7b:c1:61:9d:ea:5d:fd:c3:13:d7:
a8:bf:b9:be:d8:da:31:30:74:ab:8a:d5:3d:69:5e:
7e:2f:4f:9b:2c:05:d6:0c:c7:70:c1:1b:da:65:a2:
7a:4c:f9:e6:38:42:80:a1:9f:be:21:a1:50:76:7c:
34:5a:56:88:f6:9a:1d:33:5d:90:ea:bc:4c:f4:87:
97:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D2:E8:CF:33:7A:8A:34:E2:30:E7:F7:E6:EA:82:4E:A2:F9:FF:2F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87EB819ECD9E11EFBAE6A2A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.61.0/24
Signature Algorithm: sha256WithRSAEncryption
87:76:96:0b:c8:48:dd:83:3a:15:59:55:f6:7b:7a:c4:e1:06:
5f:bb:81:dc:78:97:dd:68:2e:9f:58:b1:1b:01:28:b2:65:14:
ec:1c:31:9a:af:9e:b1:d0:90:f5:42:69:47:c9:fd:f4:53:f2:
2a:9a:6e:aa:28:a9:f2:f3:6d:a8:84:8f:ef:d0:8b:99:7e:61:
86:35:45:19:84:d3:bd:f0:d4:38:7b:80:41:52:c2:cc:96:17:
26:c6:68:49:0e:9c:85:c8:c8:33:ad:91:3d:0e:b7:7a:3d:47:
b9:7a:a0:0c:b1:aa:3b:c9:2a:a5:93:6c:73:59:e0:96:91:22:
60:d4:41:74:c5:cf:94:64:c1:18:85:d5:ec:fa:4c:82:54:5d:
b7:94:23:5f:02:87:90:b9:70:ca:25:75:64:ac:90:4c:cd:eb:
68:c8:57:21:89:24:8a:34:9b:6e:4c:74:cb:9a:ab:8b:cc:f5:
98:5c:22:83:85:7b:c0:31:eb:f4:f7:14:e7:3d:43:23:cd:0b:
f0:a1:45:6b:28:a5:65:89:e2:92:6e:4b:a0:7c:13:3e:b8:b3:
a0:e5:86:39:6f:6c:2b:27:91:81:da:7b:58:73:2a:5d:55:74:
aa:b3:c9:d0:2a:41:ab:dc:e1:4d:84:67:7f:bf:a2:78:de:2d:
a0:f1:12:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQCxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDg1NzAwWhcNMjUxMjEzMDg1NzAwWjAYMRYw
FAYDVQQDEw02NzdlM2RlMC1kY2I5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApk9RtqNuo7aNqlIbav6vFRr4ZMIZtni/sllT9LqsYSt3JwHBzCK6toxl
pAml6iCGZ0ksKf40lL63YK2Kk4YP1mFw3C6U92jgd22oNNAY8iad9kMadPWBu0/0
TZNgUOv72mLjShj5ztTzDYdf1A8w+GRzzXlk/UIsFRLxhQtqighxt9diE6r+105M
P/jZ0v3SkAAHTaiT5lHhKI5t+tes05UU2sOtGR1YqNsAJmQ0avgo3ZMdSZHrJHvB
YZ3qXf3DE9eov7m+2NoxMHSritU9aV5+L0+bLAXWDMdwwRvaZaJ6TPnmOEKAoZ++
IaFQdnw0WlaI9podM12Q6rxM9IeXrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF3S
6M8zeoo04jDn9+bqgk6i+f8vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84N0VCODE5RUNEOUUxMUVGQkFFNkEyQTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPw9MA0GCSqGSIb3DQEBCwUA
A4IBAQCHdpYLyEjdgzoVWVX2e3rE4QZfu4HceJfdaC6fWLEbASiyZRTsHDGar56x
0JD1QmlHyf30U/Iqmm6qKKny822ohI/v0IuZfmGGNUUZhNO98NQ4e4BBUsLMlhcm
xmhJDpyFyMgzrZE9Drd6PUe5eqAMsao7ySqlk2xzWeCWkSJg1EF0xc+UZMEYhdXs
+kyCVF23lCNfAoeQuXDKJXVkrJBMzetoyFchiSSKNJtuTHTLmquLzPWYXCKDhXvA
Mev09xTnPUMjzQvwoUVrKKVlieKSbkugfBM+uLOg5YY5b2wrJ5GB2ntYcypdVXSq
s8nQKkGr3OFNhGd/v6J43i2g8RKl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:18 2025 by rpki-client