Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/907DFA48CDCC11EF95334149762E951A.roa
File: 907DFA48CDCC11EF95334149762E951A.roa (raw, json)
Hash identifier: UDOTvfO0BFqFY2XfNAEHtXa+88HzVj41iSShN3F4EgI=
Subject key identifier: A1:42:15:E0:10:06:91:0B:16:DD:BF:9D:2C:4B:99:B4:04:D8:F1:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101E8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/907DFA48CDCC11EF95334149762E951A.roa
Signing time: Wed 08 Jan 2025 14:26:35 +0000
ROA not before: Wed 08 Jan 2025 14:26:31 +0000
ROA not after: Thu 01 Jan 2026 14:26:31 +0000
asID: 984
IP address blocks: 156.228.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66024 (0x101e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:26:31 2025 GMT
Not After : Jan 1 14:26:31 2026 GMT
Subject: CN=677e8b1b-0eee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f1:3d:b8:ca:b9:ae:b6:9c:6a:33:5c:9d:f3:
c1:12:58:2f:ec:82:44:f6:31:1b:c4:33:9b:67:8b:
87:94:f7:99:07:f0:11:1a:3e:df:40:21:50:63:af:
83:f9:ee:ac:b0:c0:cc:d2:f3:e2:1e:5b:7e:de:8a:
68:e1:48:c6:6c:62:4a:1d:45:f6:f1:8c:56:fe:af:
1c:1e:aa:46:dc:d6:b7:34:62:cf:d6:ae:19:bb:a7:
7d:99:57:d9:9d:30:0b:ec:2c:b3:63:47:f3:22:19:
9a:b5:16:70:62:13:5c:c0:09:77:a4:e6:46:57:e1:
a6:cc:05:30:db:c6:5e:11:5b:53:6b:d4:0e:b5:f5:
4f:c8:a5:22:8a:dd:94:81:f3:80:ac:ff:d7:67:39:
ec:d0:d5:cf:49:17:26:b0:7f:2b:c0:69:77:8d:99:
0d:84:e7:f5:ca:81:1f:2a:c1:69:6e:8b:5c:e6:56:
48:58:05:74:8f:75:2e:68:e3:73:af:51:61:92:fa:
65:b3:66:67:9f:1d:63:93:74:b0:64:39:64:a9:2b:
73:12:ac:ae:f7:a1:7a:b4:63:07:61:6f:72:c0:a9:
1f:d3:62:aa:c8:30:c4:0b:fb:9f:91:1e:1d:6d:55:
ed:2c:22:03:82:36:73:69:02:15:8d:2a:7c:02:fc:
49:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:42:15:E0:10:06:91:0B:16:DD:BF:9D:2C:4B:99:B4:04:D8:F1:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/907DFA48CDCC11EF95334149762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.243.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:08:fa:ce:95:8f:ca:fb:e9:5d:20:b6:8e:75:79:59:49:ea:
bb:81:d9:29:86:42:f7:67:50:7a:f8:d1:8b:00:62:0a:a3:b7:
56:b4:63:fc:8c:60:ab:50:ad:5e:ce:8f:3f:89:85:f2:70:92:
e8:8e:1f:a7:9e:37:a3:d6:47:68:de:33:1a:06:05:b7:2c:89:
a0:af:51:44:ec:be:8b:53:07:04:64:52:24:b5:a8:32:f5:7b:
77:fa:7a:9e:67:3b:c0:7f:0a:cd:1d:43:0e:b1:73:25:f1:9a:
c4:82:24:0e:98:e2:ca:e2:bb:8f:c6:85:17:b1:61:3a:65:f4:
aa:29:40:eb:d8:02:20:98:a6:50:3f:14:29:91:9d:a7:20:b0:
98:65:a0:20:5a:f1:0b:c8:b8:aa:c2:9a:d8:9e:32:88:dc:55:
7c:6b:cf:a8:54:8e:87:8c:9e:2a:13:aa:ba:99:36:3b:df:b3:
8d:5a:57:d1:08:a0:b7:18:72:e0:a3:30:dd:16:56:b6:21:5d:
e8:18:51:d2:38:29:fa:69:8d:0c:70:5e:b8:84:d8:ad:56:d5:
73:ae:31:e2:a0:88:d0:b2:8c:1b:43:6f:49:7d:4d:2b:dc:25:
13:5c:27:01:83:2d:58:b0:27:20:9c:e1:63:b8:82:19:f0:44:
c3:b1:b8:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQHoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQyNjMxWhcNMjYwMTAxMTQyNjMxWjAYMRYw
FAYDVQQDEw02NzdlOGIxYi0wZWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArfE9uMq5rracajNcnfPBElgv7IJE9jEbxDObZ4uHlPeZB/ARGj7fQCFQ
Y6+D+e6ssMDM0vPiHlt+3opo4UjGbGJKHUX28YxW/q8cHqpG3Na3NGLP1q4Zu6d9
mVfZnTAL7CyzY0fzIhmatRZwYhNcwAl3pOZGV+GmzAUw28ZeEVtTa9QOtfVPyKUi
it2UgfOArP/XZzns0NXPSRcmsH8rwGl3jZkNhOf1yoEfKsFpbotc5lZIWAV0j3Uu
aONzr1Fhkvpls2Znnx1jk3SwZDlkqStzEqyu96F6tGMHYW9ywKkf02KqyDDEC/uf
kR4dbVXtLCIDgjZzaQIVjSp8AvxJswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKFC
FeAQBpELFt2/nSxLmbQE2PFpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MDdERkE0OENEQ0MxMUVGOTUzMzQxNDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTzMA0GCSqGSIb3DQEBCwUA
A4IBAQCuCPrOlY/K++ldILaOdXlZSeq7gdkphkL3Z1B6+NGLAGIKo7dWtGP8jGCr
UK1ezo8/iYXycJLojh+nnjej1kdo3jMaBgW3LImgr1FE7L6LUwcEZFIktagy9Xt3
+nqeZzvAfwrNHUMOsXMl8ZrEgiQOmOLK4ruPxoUXsWE6ZfSqKUDr2AIgmKZQPxQp
kZ2nILCYZaAgWvELyLiqwprYnjKI3FV8a8+oVI6HjJ4qE6q6mTY737ONWlfRCKC3
GHLgozDdFla2IV3oGFHSOCn6aY0McF64hNitVtVzrjHioIjQsowbQ29JfU0r3CUT
XCcBgy1YsCcgnOFjuIIZ8ETDsbgs
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:59 2025 by rpki-client