Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A1E434C6C32E11EFA2F0F9BC762E951A.roa
File: A1E434C6C32E11EFA2F0F9BC762E951A.roa (raw, json)
Hash identifier: q6I2BikLGk3llbe1aDWkvkJnxKpY7peO8cCPgSRgvpY=
Subject key identifier: 0E:34:EA:33:BB:F1:EA:91:A8:22:A6:03:93:90:12:D3:10:12:0E:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAF1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A1E434C6C32E11EFA2F0F9BC762E951A.roa
Signing time: Thu 26 Dec 2024 02:10:52 +0000
ROA not before: Thu 26 Dec 2024 02:10:49 +0000
ROA not after: Wed 10 Dec 2025 02:10:49 +0000
asID: 984
IP address blocks: 156.243.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60145 (0xeaf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:10:49 2024 GMT
Not After : Dec 10 02:10:49 2025 GMT
Subject: CN=676cbb2c-3ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:45:4d:53:d8:af:8a:11:5a:ff:04:c7:0c:49:
d0:85:ac:28:f9:57:98:e7:12:02:78:8e:e2:53:04:
3d:ea:1c:f4:a0:78:0f:57:17:6b:09:92:a4:88:18:
06:8f:c2:4f:de:95:c8:ce:10:f6:cf:48:89:26:91:
2a:93:be:77:5a:d6:a0:c0:ff:eb:73:d5:fb:c9:bd:
fe:d5:f6:22:18:36:47:38:0d:6b:6c:5d:18:71:91:
ce:5e:6b:e4:da:4d:a1:93:63:58:4d:54:5c:56:93:
51:af:c3:52:d8:19:73:dd:28:9f:88:79:ab:f7:30:
c6:51:e6:c5:88:ca:0b:4d:26:50:6a:ad:19:c9:6b:
00:53:ef:4e:41:bb:56:fa:65:7d:ed:31:86:35:3c:
b0:05:66:00:96:8d:c8:1a:49:06:41:e4:1e:11:e6:
f3:e1:78:06:7a:07:ef:f6:60:8b:cd:bb:e0:ee:84:
0d:d3:c4:22:a6:78:a4:fa:90:7d:16:d1:ac:c8:78:
2b:64:f0:9a:8e:7a:80:f1:d7:11:c0:55:1a:36:91:
80:c7:ca:3c:56:04:8f:66:89:f4:6f:34:da:c0:a4:
6f:ee:b2:be:a2:0f:13:a1:1a:24:c5:9b:6b:aa:d8:
3d:b8:ac:5d:4c:86:08:cf:99:07:6e:8b:c7:73:7f:
ce:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:34:EA:33:BB:F1:EA:91:A8:22:A6:03:93:90:12:D3:10:12:0E:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A1E434C6C32E11EFA2F0F9BC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.217.0/24
Signature Algorithm: sha256WithRSAEncryption
47:9c:27:0c:79:1c:ac:ce:00:49:f7:fd:c8:b3:c4:9a:fc:46:
61:b9:44:c3:92:c2:b9:18:5f:3c:e9:e7:5e:82:67:98:27:46:
e0:9d:97:6f:c1:f3:a3:38:49:ed:c0:ae:83:75:40:fa:09:71:
94:e5:1b:d7:15:8c:36:18:12:c5:7e:6b:1c:ed:b9:a0:dd:ab:
68:18:59:26:61:17:25:fb:6c:e1:16:74:6a:c9:ac:b2:c3:99:
4f:08:bb:f0:e4:65:aa:11:c1:7b:2b:e1:07:4a:76:4c:60:47:
85:1e:16:99:cc:fd:28:c5:38:f9:c2:b1:25:7b:5a:e5:e5:24:
12:7a:53:32:c4:e9:5c:c6:3d:1b:d8:74:9a:f2:fc:f8:c2:02:
6a:ff:19:69:c7:f3:44:5a:98:88:74:24:b6:5d:02:52:a3:74:
a9:8e:9f:cb:b2:ee:ed:ba:7e:91:8b:ca:5c:aa:07:ce:0f:88:
e0:e0:94:32:ea:38:a3:32:56:d2:4b:e9:27:f8:21:97:4d:4a:
01:fc:e0:20:cd:cb:14:55:3c:2d:17:b8:aa:6e:ed:bb:60:34:
9b:fa:41:f2:55:06:c8:49:ef:f1:c0:d8:48:af:f2:32:1e:ff:
d0:bf:22:cf:40:44:89:d6:a1:53:0f:26:28:30:f7:f5:e4:0e:
d7:82:ce:00
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIxMDQ5WhcNMjUxMjEwMDIxMDQ5WjAYMRYw
FAYDVQQDEw02NzZjYmIyYy0zYmE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnEVNU9ivihFa/wTHDEnQhawo+VeY5xICeI7iUwQ96hz0oHgPVxdrCZKk
iBgGj8JP3pXIzhD2z0iJJpEqk753WtagwP/rc9X7yb3+1fYiGDZHOA1rbF0YcZHO
Xmvk2k2hk2NYTVRcVpNRr8NS2Blz3SifiHmr9zDGUebFiMoLTSZQaq0ZyWsAU+9O
QbtW+mV97TGGNTywBWYAlo3IGkkGQeQeEebz4XgGegfv9mCLzbvg7oQN08Qipnik
+pB9FtGsyHgrZPCajnqA8dcRwFUaNpGAx8o8VgSPZon0bzTawKRv7rK+og8ToRok
xZtrqtg9uKxdTIYIz5kHbovHc3/OZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA40
6jO78eqRqCKmA5OQEtMQEg4cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMUU0MzRDNkMzMkUxMUVGQTJGMEY5QkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPZMA0GCSqGSIb3DQEBCwUA
A4IBAQBHnCcMeRyszgBJ9/3Is8Sa/EZhuUTDksK5GF886edegmeYJ0bgnZdvwfOj
OEntwK6DdUD6CXGU5RvXFYw2GBLFfmsc7bmg3atoGFkmYRcl+2zhFnRqyayyw5lP
CLvw5GWqEcF7K+EHSnZMYEeFHhaZzP0oxTj5wrEle1rl5SQSelMyxOlcxj0b2HSa
8vz4wgJq/xlpx/NEWpiIdCS2XQJSo3Spjp/Lsu7tun6Ri8pcqgfOD4jg4JQy6jij
MlbSS+kn+CGXTUoB/OAgzcsUVTwtF7iqbu27YDSb+kHyVQbISe/xwNhIr/IyHv/Q
vyLPQESJ1qFTDyYoMPf15A7Xgs4A
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:52 2025 by rpki-client