Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/940DF43CCD2811EFB57ED7A8762E951A.roa
File: 940DF43CCD2811EFB57ED7A8762E951A.roa (raw, json)
Hash identifier: OL0Sm4A/EGrxjBbhHuc555dPBpoI98BRH+qJMpn18zo=
Subject key identifier: C4:AD:C1:16:37:84:B8:81:EA:9F:52:CA:57:CE:09:E4:61:0F:CB:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDAF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/940DF43CCD2811EFB57ED7A8762E951A.roa
Signing time: Tue 07 Jan 2025 18:52:44 +0000
ROA not before: Tue 07 Jan 2025 18:52:40 +0000
ROA not after: Mon 13 Dec 2027 18:52:40 +0000
asID: 17561
IP address blocks: 156.241.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64943 (0xfdaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 18:52:40 2025 GMT
Not After : Dec 13 18:52:40 2027 GMT
Subject: CN=677d77fc-4c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:48:df:5f:6e:33:86:9a:ed:87:f6:77:0e:e0:
7e:95:fc:d7:a6:8c:06:44:fb:40:79:92:8e:60:a1:
0b:27:1c:0d:ec:6c:75:c2:12:a4:d6:d2:66:3c:de:
e6:a2:50:bb:cf:a9:65:8e:91:b8:84:3c:0d:61:5b:
65:89:e5:9f:e2:03:c2:b2:c8:7b:d1:8b:a0:13:b9:
e7:70:ef:13:9e:b9:7c:ca:47:25:52:bb:4f:83:3b:
29:41:1d:96:32:ca:d5:da:90:a3:f6:e0:f0:dd:05:
6e:9c:56:24:9e:67:aa:8b:79:30:4c:3b:ce:98:dd:
77:f6:f5:3a:66:d9:aa:7d:f2:07:a6:fb:ac:eb:44:
b5:ff:2c:98:2f:4a:41:21:7b:71:d6:77:f4:34:ad:
ee:ed:24:73:5a:bb:ed:0f:5c:f8:97:96:73:c1:02:
8b:63:49:f5:c9:ba:a0:45:07:56:39:65:dd:10:4e:
00:ad:3b:f1:e5:41:ea:4c:39:f7:b2:73:de:d2:e9:
db:f6:c2:8f:8a:86:69:72:26:26:3d:e9:4e:6d:2a:
ff:4d:28:c6:ac:fb:b3:70:ba:bc:31:5d:bb:75:11:
94:99:0a:84:e4:57:e5:64:d6:7e:54:52:59:be:60:
36:9a:b4:8a:1b:85:81:0e:9a:56:ca:33:3a:e4:85:
69:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AD:C1:16:37:84:B8:81:EA:9F:52:CA:57:CE:09:E4:61:0F:CB:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/940DF43CCD2811EFB57ED7A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.227.0/24
Signature Algorithm: sha256WithRSAEncryption
53:12:fb:d4:ce:04:13:f6:f1:b1:20:c5:95:df:b8:99:f2:52:
77:3f:64:1b:a7:d3:84:b6:a3:53:e0:49:6c:a2:e8:71:9f:09:
37:97:07:a0:3f:67:ad:c3:79:ea:7c:6f:4e:9c:38:f7:74:29:
18:25:d2:d2:92:1d:4e:5b:88:77:88:92:32:0b:ed:2b:89:81:
8d:af:2c:18:14:78:d5:7b:ba:e2:6a:10:0a:cb:8f:64:17:94:
6d:b4:2f:0d:67:f5:a9:df:44:d3:4d:ef:77:98:3c:a5:f2:82:
e5:87:44:68:8e:34:cc:5c:cf:b5:97:5f:59:9f:d4:9a:7e:90:
fe:77:64:af:cf:d6:ed:ab:7d:ab:93:ac:71:bc:2f:5c:a1:f5:
81:97:a3:74:bd:3b:0d:11:ff:09:ed:b7:ee:04:32:f6:88:9f:
56:08:cf:01:fb:08:14:36:9f:71:63:45:1a:2c:04:de:93:34:
d7:e6:a8:3f:c2:03:45:88:05:ce:3a:97:84:7e:15:49:32:2e:
4a:47:bf:d4:9c:c2:6a:3b:bb:94:cf:3c:37:66:28:26:25:64:
31:71:e8:4e:2c:f9:c2:e0:24:62:ec:7c:8a:48:b4:f9:a0:20:
f7:a0:92:bc:f1:fe:2e:ec:c1:f4:d6:40:0d:03:f1:8a:0b:ae:
85:fb:72:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP2vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTg1MjQwWhcNMjcxMjEzMTg1MjQwWjAYMRYw
FAYDVQQDEw02NzdkNzdmYy00YzExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs0jfX24zhprth/Z3DuB+lfzXpowGRPtAeZKOYKELJxwN7Gx1whKk1tJm
PN7molC7z6lljpG4hDwNYVtlieWf4gPCssh70YugE7nncO8Tnrl8ykclUrtPgzsp
QR2WMsrV2pCj9uDw3QVunFYknmeqi3kwTDvOmN139vU6ZtmqffIHpvus60S1/yyY
L0pBIXtx1nf0NK3u7SRzWrvtD1z4l5ZzwQKLY0n1ybqgRQdWOWXdEE4ArTvx5UHq
TDn3snPe0unb9sKPioZpciYmPelObSr/TSjGrPuzcLq8MV27dRGUmQqE5FflZNZ+
VFJZvmA2mrSKG4WBDppWyjM65IVpgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMSt
wRY3hLiB6p9SylfOCeRhD8tkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NDBERjQzQ0NEMjgxMUVGQjU3RUQ3QTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHjMA0GCSqGSIb3DQEBCwUA
A4IBAQBTEvvUzgQT9vGxIMWV37iZ8lJ3P2Qbp9OEtqNT4Elsouhxnwk3lwegP2et
w3nqfG9OnDj3dCkYJdLSkh1OW4h3iJIyC+0riYGNrywYFHjVe7riahAKy49kF5Rt
tC8NZ/Wp30TTTe93mDyl8oLlh0RojjTMXM+1l19Zn9SafpD+d2Svz9btq32rk6xx
vC9cofWBl6N0vTsNEf8J7bfuBDL2iJ9WCM8B+wgUNp9xY0UaLATekzTX5qg/wgNF
iAXOOpeEfhVJMi5KR7/UnMJqO7uUzzw3ZigmJWQxcehOLPnC4CRi7HyKSLT5oCD3
oJK88f4u7MH01kANA/GKC66F+3KQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:31 2025 by rpki-client