Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/943F0452CADD11EF98246693762E951A.roa
File: 943F0452CADD11EF98246693762E951A.roa (raw, json)
Hash identifier: GS+35GzMH+PbVJCAAjBl37L7yc2okI7SR+NwFySBD0w=
Subject key identifier: 40:0C:EC:37:81:ED:76:99:1B:FB:B2:34:8D:61:6A:06:63:76:68:21
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7AC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/943F0452CADD11EF98246693762E951A.roa
Signing time: Sat 04 Jan 2025 20:50:50 +0000
ROA not before: Sun 05 Jan 2025 20:50:46 +0000
ROA not after: Sat 10 Jan 2026 20:50:46 +0000
asID: 211567
IP address blocks: 156.243.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63404 (0xf7ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 20:50:46 2025 GMT
Not After : Jan 10 20:50:46 2026 GMT
Subject: CN=67799f29-9d93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3e:0b:5a:0a:89:9f:e3:68:c7:37:c6:6c:6a:
d2:29:0e:a6:4d:0c:ea:e3:7d:a6:33:09:2d:f2:03:
9e:cd:7d:23:44:63:bc:49:58:dd:19:07:ce:2f:dd:
bc:1c:c1:88:78:e6:b6:6d:bf:d2:61:05:c5:f2:d0:
85:b6:58:c5:37:f9:6a:b1:31:4d:01:43:d5:d7:d8:
7a:ca:d7:8c:5c:3d:f8:1a:85:4b:eb:9e:3f:7e:f5:
26:a2:d3:9b:82:5b:39:30:c9:f3:9d:36:b4:b7:46:
b7:69:58:2d:15:08:9d:bb:86:14:a0:b7:4f:62:20:
41:9f:e7:d6:66:6d:fe:c3:43:a2:68:fa:a9:d6:bd:
f8:55:86:f7:39:fc:92:f2:a8:da:2a:12:3a:b4:09:
d8:71:32:fa:87:4d:ca:ec:9a:ea:6d:25:72:ab:6c:
9a:d0:aa:dd:08:1d:09:1e:6e:07:3f:fd:5f:9f:5f:
51:fe:d3:dd:45:66:08:06:55:99:c4:88:b2:c8:96:
75:fb:52:f2:3e:97:cc:18:8c:17:9b:dd:21:ca:9d:
de:b4:0c:44:08:31:6f:8a:da:98:7b:3f:4d:9f:0b:
f1:89:13:ac:d2:d0:ff:f7:01:5b:36:0e:f5:48:e5:
0b:ea:a7:0d:7d:1e:52:51:12:60:23:89:48:08:e7:
1a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:0C:EC:37:81:ED:76:99:1B:FB:B2:34:8D:61:6A:06:63:76:68:21
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/943F0452CADD11EF98246693762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.157.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:0e:8e:ad:1f:27:d2:bd:1a:b4:d6:d2:bc:f9:6a:63:d4:30:
5f:20:27:56:64:8e:7a:03:9b:5f:fe:93:4b:ee:6b:f3:33:a2:
15:8e:d6:80:d9:8c:61:c3:20:1e:59:15:e6:c8:50:b8:1f:e9:
70:16:f1:66:81:d7:cb:e5:d2:ee:d9:c2:27:d9:af:14:cb:b2:
9f:fb:bd:2a:bf:ab:ee:c7:78:bb:45:ce:b5:5f:55:a7:fe:b4:
6f:dc:72:70:65:5a:c5:28:d6:0d:2e:1a:2d:e9:4d:db:d2:42:
b4:14:e4:76:18:ba:b6:41:77:98:c8:c2:45:9c:ae:00:71:95:
2f:f8:e0:6d:07:7d:f6:ad:a3:1f:95:92:e6:b7:b4:af:b3:10:
b8:dc:13:ab:9c:8e:f7:f2:11:4b:7f:0c:24:8a:60:be:b4:4b:
12:84:85:58:78:03:4a:a8:e4:d8:a9:44:27:d1:89:f8:0f:ed:
e3:2a:59:6c:13:01:84:80:fc:76:8b:bb:9b:42:d6:54:83:fb:
fa:a0:40:b1:e4:d3:48:30:57:72:28:b8:74:45:a9:d1:ee:31:
6d:5e:de:c5:38:9a:8b:86:5b:26:05:e2:d4:18:0e:5d:db:fa:
d9:47:50:00:a0:a7:6e:a9:f7:43:6e:65:98:9b:2d:c0:7d:25:
6a:fb:02:cc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPesMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MjA1MDQ2WhcNMjYwMTEwMjA1MDQ2WjAYMRYw
FAYDVQQDEw02Nzc5OWYyOS05ZDkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApT4LWgqJn+NoxzfGbGrSKQ6mTQzq432mMwkt8gOezX0jRGO8SVjdGQfO
L928HMGIeOa2bb/SYQXF8tCFtljFN/lqsTFNAUPV19h6yteMXD34GoVL654/fvUm
otObgls5MMnznTa0t0a3aVgtFQidu4YUoLdPYiBBn+fWZm3+w0OiaPqp1r34VYb3
OfyS8qjaKhI6tAnYcTL6h03K7JrqbSVyq2ya0KrdCB0JHm4HP/1fn19R/tPdRWYI
BlWZxIiyyJZ1+1LyPpfMGIwXm90hyp3etAxECDFvitqYez9NnwvxiROs0tD/9wFb
Ng71SOUL6qcNfR5SURJgI4lICOca4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEAM
7DeB7XaZG/uyNI1hagZjdmghMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NDNGMDQ1MkNBREQxMUVGOTgyNDY2OTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPOdMA0GCSqGSIb3DQEBCwUA
A4IBAQCPDo6tHyfSvRq01tK8+Wpj1DBfICdWZI56A5tf/pNL7mvzM6IVjtaA2Yxh
wyAeWRXmyFC4H+lwFvFmgdfL5dLu2cIn2a8Uy7Kf+70qv6vux3i7Rc61X1Wn/rRv
3HJwZVrFKNYNLhot6U3b0kK0FOR2GLq2QXeYyMJFnK4AcZUv+OBtB332raMflZLm
t7SvsxC43BOrnI738hFLfwwkimC+tEsShIVYeANKqOTYqUQn0Yn4D+3jKllsEwGE
gPx2i7ubQtZUg/v6oECx5NNIMFdyKLh0RanR7jFtXt7FOJqLhlsmBeLUGA5d2/rZ
R1AAoKduqfdDbmWYmy3AfSVq+wLM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:07 2025 by rpki-client