Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A1BE68F6CD2C11EF8A4D1642762E951A.roa
File: A1BE68F6CD2C11EF8A4D1642762E951A.roa (raw, json)
Hash identifier: Ifs5BKeaWuVAKHQ6LkAK4ZsEBkNO0h7h0c9UE57v2jo=
Subject key identifier: 5B:65:CC:D2:D7:85:2F:F8:88:44:04:F1:25:9B:48:EF:31:DE:47:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDCF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A1BE68F6CD2C11EF8A4D1642762E951A.roa
Signing time: Tue 07 Jan 2025 19:21:45 +0000
ROA not before: Tue 07 Jan 2025 19:21:41 +0000
ROA not after: Sat 13 Dec 2025 19:21:41 +0000
asID: 984
IP address blocks: 156.241.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64975 (0xfdcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:21:41 2025 GMT
Not After : Dec 13 19:21:41 2025 GMT
Subject: CN=677d7ec9-844a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:34:45:d5:79:b6:09:fa:95:f3:31:f0:95:bd:
b7:12:12:19:69:b4:a3:ef:4b:c8:49:76:d2:af:f9:
a6:e9:10:b6:54:1e:51:90:7c:f1:b1:43:32:6a:27:
6f:f4:bc:48:7b:06:ac:57:66:54:1e:65:6e:0d:46:
35:47:9a:99:f7:ab:da:0b:aa:6c:ea:0d:41:a0:bd:
27:ae:e3:f3:77:cb:19:c0:a4:be:94:14:bd:c4:aa:
93:15:97:e3:ad:86:35:62:30:b4:90:29:1a:9a:5b:
dd:e8:87:76:4e:b2:ff:28:62:08:77:e0:23:7f:79:
73:82:d4:8d:c1:f7:a3:4f:a3:51:ca:51:ba:33:a0:
f6:e4:d1:5a:64:61:80:99:4b:9c:5c:bd:da:ce:d5:
02:36:7a:69:4a:bc:0c:7c:86:ec:79:a2:d4:57:c4:
81:35:28:54:00:cc:ab:7c:0d:10:31:25:cd:95:c3:
5d:5e:cf:9c:01:de:7e:61:aa:c8:dd:ba:be:3a:6c:
c2:30:64:3d:75:94:6a:93:9a:68:5f:32:dd:6d:49:
c7:ac:af:26:87:77:8a:a3:c9:79:7d:d3:00:f1:ae:
5d:2f:c5:f2:04:d5:f9:c4:64:ce:bc:65:75:98:6a:
4d:d7:f3:c6:cf:0f:92:d3:6d:74:ba:01:94:c5:a0:
ef:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:65:CC:D2:D7:85:2F:F8:88:44:04:F1:25:9B:48:EF:31:DE:47:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A1BE68F6CD2C11EF8A4D1642762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.244.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:33:85:b3:0f:04:ea:ca:ba:08:a3:15:ba:9e:d7:27:f7:e9:
36:ad:f0:a1:27:ea:70:7b:0e:02:56:fe:ef:d7:13:2a:77:17:
e0:a9:12:18:14:6f:b6:6f:5a:5a:06:d0:67:59:1e:14:f5:91:
f4:a3:20:2a:a9:1a:bf:85:28:a7:3a:ad:fd:b4:52:cc:b7:1b:
f8:3f:f8:de:d6:c3:b8:e2:bf:bc:21:d5:2a:6a:9e:f3:98:6d:
59:f3:7a:8a:7b:20:bd:2c:8e:21:e1:57:ee:fd:42:b4:cc:66:
06:b4:1d:5f:3f:8d:9e:b0:38:9a:c5:73:df:76:09:ee:cc:de:
57:ef:22:5b:1a:e3:2f:e6:fc:d3:7b:6a:d9:fc:30:05:e9:2d:
01:07:5e:8a:74:80:9b:a9:27:74:65:36:30:0f:ce:f8:47:c1:
5c:5b:37:9e:6c:fb:e8:5f:41:39:0a:e9:5a:fc:c3:4f:69:bc:
90:42:69:f4:e9:5c:bf:a1:1b:db:d4:26:7e:be:a6:52:d3:c5:
25:d1:71:e7:98:a5:0b:0f:2e:b1:31:a0:cf:bd:e9:58:97:9f:
71:32:71:66:90:a3:64:c6:a3:4a:62:e9:f9:f4:60:f0:db:25:
f2:fd:c6:b5:3c:0d:06:15:2c:6a:a2:f9:9f:3c:5d:fd:ae:98:
c0:f1:2c:44
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP3PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTkyMTQxWhcNMjUxMjEzMTkyMTQxWjAYMRYw
FAYDVQQDEw02NzdkN2VjOS04NDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwzRF1Xm2CfqV8zHwlb23EhIZabSj70vISXbSr/mm6RC2VB5RkHzxsUMy
aidv9LxIewasV2ZUHmVuDUY1R5qZ96vaC6ps6g1BoL0nruPzd8sZwKS+lBS9xKqT
FZfjrYY1YjC0kCkamlvd6Id2TrL/KGIId+Ajf3lzgtSNwfejT6NRylG6M6D25NFa
ZGGAmUucXL3aztUCNnppSrwMfIbseaLUV8SBNShUAMyrfA0QMSXNlcNdXs+cAd5+
YarI3bq+OmzCMGQ9dZRqk5poXzLdbUnHrK8mh3eKo8l5fdMA8a5dL8XyBNX5xGTO
vGV1mGpN1/PGzw+S0210ugGUxaDvpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFtl
zNLXhS/4iEQE8SWbSO8x3kfTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMUJFNjhGNkNEMkMxMUVGOEE0RDE2NDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPH0MA0GCSqGSIb3DQEBCwUA
A4IBAQB8M4WzDwTqyroIoxW6ntcn9+k2rfChJ+pwew4CVv7v1xMqdxfgqRIYFG+2
b1paBtBnWR4U9ZH0oyAqqRq/hSinOq39tFLMtxv4P/je1sO44r+8IdUqap7zmG1Z
83qKeyC9LI4h4Vfu/UK0zGYGtB1fP42esDiaxXPfdgnuzN5X7yJbGuMv5vzTe2rZ
/DAF6S0BB16KdICbqSd0ZTYwD874R8FcWzeebPvoX0E5Cula/MNPabyQQmn06Vy/
oRvb1CZ+vqZS08Ul0XHnmKULDy6xMaDPvelYl59xMnFmkKNkxqNKYun59GDw2yXy
/ca1PA0GFSxqovmfPF39rpjA8SxE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:27 2025 by rpki-client