Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91D45C62CD2611EFAF5AFD9B762E951A.roa
File: 91D45C62CD2611EFAF5AFD9B762E951A.roa (raw, json)
Hash identifier: E1oADL/X6Kp4hnPZt6AhCp5zNplhjKosuZQ4LNiEuv4=
Subject key identifier: 60:CB:15:C1:8D:5A:C8:E9:20:2E:CC:B6:AD:53:B2:5B:C0:18:15:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD9F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91D45C62CD2611EFAF5AFD9B762E951A.roa
Signing time: Tue 07 Jan 2025 18:38:21 +0000
ROA not before: Tue 07 Jan 2025 18:38:17 +0000
ROA not after: Sat 13 Dec 2025 18:38:17 +0000
asID: 984
IP address blocks: 156.241.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64927 (0xfd9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 18:38:17 2025 GMT
Not After : Dec 13 18:38:17 2025 GMT
Subject: CN=677d749d-cf27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c8:1e:2e:c6:48:a1:cc:87:22:c8:58:9a:7b:
22:7f:73:7e:84:7c:05:a0:b9:bf:cd:c4:41:88:10:
d9:7d:2e:dd:d7:62:75:a2:a7:3d:c0:58:9d:b6:97:
bf:d7:9c:9c:6d:0b:e4:a0:13:26:19:d1:b4:20:0a:
9f:2c:c4:d0:e7:b8:29:45:ca:e4:f1:3e:d8:4a:1d:
fd:9c:61:f2:05:83:37:24:78:13:c5:4c:17:0e:c9:
f2:5a:05:5f:da:bc:08:e2:df:a6:6e:09:4f:4e:86:
5c:25:5f:84:6c:63:3b:de:32:3f:dc:6f:6b:a5:af:
32:48:e4:ea:91:ac:31:d3:78:4f:29:ff:29:22:a1:
fa:37:08:bc:8e:b5:ae:a3:2b:fc:e6:05:31:a5:d1:
cf:d9:30:68:b3:b3:42:30:e4:f0:57:b4:7a:53:fe:
f4:c0:9d:56:5f:e2:48:91:fb:1a:5f:39:78:6c:d2:
a5:b2:9c:35:35:e8:d4:79:6f:79:af:51:db:7a:2e:
e7:5a:3c:c7:79:90:c9:ba:02:57:5d:e3:42:86:21:
4c:fd:8e:ec:67:fa:96:72:5f:ef:eb:5f:db:8a:46:
09:ad:10:0d:1e:21:2e:03:f5:c1:f1:12:fc:c1:8e:
50:e3:f3:fb:83:9d:5f:d5:00:2a:4d:59:7c:d5:ec:
bd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CB:15:C1:8D:5A:C8:E9:20:2E:CC:B6:AD:53:B2:5B:C0:18:15:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91D45C62CD2611EFAF5AFD9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.218.0/24
Signature Algorithm: sha256WithRSAEncryption
49:5e:72:a9:01:94:e8:e8:d2:ee:1b:8e:8f:c2:bf:a6:76:47:
f6:fb:d8:8a:a8:21:61:3e:b0:21:0b:44:00:03:a6:38:0c:e1:
90:93:91:d1:85:c8:91:e1:f5:3a:93:a6:82:a1:8a:ca:fe:08:
6b:39:89:10:32:21:51:c9:a5:0f:2f:8b:71:fd:cd:f4:82:9a:
5b:66:a6:9e:79:62:23:42:8f:70:58:8e:ef:af:f5:9c:e0:50:
bf:dd:dc:fd:ba:2d:41:40:6a:32:96:eb:d0:fa:d7:ed:a5:c4:
ff:3e:b2:b6:f2:97:a5:97:c7:4d:ea:60:bf:fe:28:48:82:dd:
9a:9c:03:ba:dd:e8:84:86:f5:8e:91:b8:46:21:9a:b3:45:52:
11:65:fd:a4:cc:94:fb:4f:aa:1b:d9:8b:26:fb:78:02:c6:64:
f6:ab:d4:9c:ac:d7:74:27:ae:d4:e2:03:2c:da:26:aa:48:7f:
d6:9a:f8:e0:70:07:5f:37:2d:cf:24:0c:3d:ae:c4:e9:5d:c4:
15:ff:a0:97:67:0d:0a:99:6a:32:a2:cf:ba:db:2f:8e:34:e1:
81:23:b3:21:63:6a:18:a1:0b:a9:b4:4e:1a:92:44:d3:cc:f7:
2d:ce:d8:34:aa:d3:d9:9b:0a:b7:c6:8c:72:08:3b:2e:3f:5b:
89:91:18:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP2fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTgzODE3WhcNMjUxMjEzMTgzODE3WjAYMRYw
FAYDVQQDEw02NzdkNzQ5ZC1jZjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzsgeLsZIocyHIshYmnsif3N+hHwFoLm/zcRBiBDZfS7d12J1oqc9wFid
tpe/15ycbQvkoBMmGdG0IAqfLMTQ57gpRcrk8T7YSh39nGHyBYM3JHgTxUwXDsny
WgVf2rwI4t+mbglPToZcJV+EbGM73jI/3G9rpa8ySOTqkawx03hPKf8pIqH6Nwi8
jrWuoyv85gUxpdHP2TBos7NCMOTwV7R6U/70wJ1WX+JIkfsaXzl4bNKlspw1NejU
eW95r1Hbei7nWjzHeZDJugJXXeNChiFM/Y7sZ/qWcl/v61/bikYJrRANHiEuA/XB
8RL8wY5Q4/P7g51f1QAqTVl81ey9kwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGDL
FcGNWsjpIC7Mtq1TslvAGBUOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MUQ0NUM2MkNEMjYxMUVGQUY1QUZEOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHaMA0GCSqGSIb3DQEBCwUA
A4IBAQBJXnKpAZTo6NLuG46Pwr+mdkf2+9iKqCFhPrAhC0QAA6Y4DOGQk5HRhciR
4fU6k6aCoYrK/ghrOYkQMiFRyaUPL4tx/c30gppbZqaeeWIjQo9wWI7vr/Wc4FC/
3dz9ui1BQGoyluvQ+tftpcT/PrK28pell8dN6mC//ihIgt2anAO63eiEhvWOkbhG
IZqzRVIRZf2kzJT7T6ob2Ysm+3gCxmT2q9ScrNd0J67U4gMs2iaqSH/WmvjgcAdf
Ny3PJAw9rsTpXcQV/6CXZw0KmWoyos+62y+ONOGBI7MhY2oYoQuptE4akkTTzPct
ztg0qtPZmwq3xoxyCDsuP1uJkRj2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:00 2025 by rpki-client