Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A20D4FE6CD6A11EFBB25CA59762E951A.roa
File: A20D4FE6CD6A11EFBB25CA59762E951A.roa (raw, json)
Hash identifier: GQs1MqC7ReCiYhjrgb/Y8VbRwbZpsHLQdLbeqilFusM=
Subject key identifier: BD:C2:E4:35:19:45:64:9B:1E:5E:59:5C:F2:33:36:AD:35:98:AD:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF63
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A20D4FE6CD6A11EFBB25CA59762E951A.roa
Signing time: Wed 08 Jan 2025 02:45:34 +0000
ROA not before: Wed 08 Jan 2025 02:45:30 +0000
ROA not after: Sat 13 Dec 2025 02:45:30 +0000
asID: 984
IP address blocks: 156.247.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65379 (0xff63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 02:45:30 2025 GMT
Not After : Dec 13 02:45:30 2025 GMT
Subject: CN=677de6ce-c3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7d:ca:80:27:f0:b7:72:a7:90:f0:e3:05:53:
3b:f0:55:50:39:0f:91:50:3f:c0:29:60:38:50:62:
29:03:7a:59:d3:a4:d2:28:a2:24:84:3a:f5:29:a8:
04:5d:1f:12:4f:cf:56:74:82:73:c4:40:e3:ac:37:
89:02:96:24:f6:aa:ae:d2:9d:e5:46:88:55:9c:12:
d6:a0:da:5f:53:83:79:07:24:a4:ae:dc:34:9b:a3:
90:6d:e7:b6:48:62:84:8f:f0:33:5b:d8:f7:fb:1d:
3c:6e:5a:1c:ed:de:21:9b:b7:ba:48:a3:9b:35:1f:
86:a2:04:ea:df:d4:f4:55:ec:7b:7f:af:a3:e0:d4:
8e:80:3e:52:94:35:8a:93:31:b9:a8:a9:93:1d:e7:
34:03:bb:2f:39:8b:82:ce:67:bc:97:9b:06:57:a7:
10:69:83:fd:3c:4a:c2:4d:f4:ea:62:d8:b5:69:87:
97:a0:19:53:f0:77:54:9b:83:af:5f:a2:b3:2f:7f:
0e:65:dc:e7:10:0a:20:fe:e7:8b:3e:8b:9f:d9:57:
1f:32:cc:4b:b1:4a:6f:70:a2:26:d1:c1:e8:85:7f:
50:14:57:61:fe:22:31:b5:7b:62:e6:22:e8:c8:cd:
68:3e:ed:a1:9d:44:7d:29:b7:30:cd:c4:8a:36:d8:
a9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:C2:E4:35:19:45:64:9B:1E:5E:59:5C:F2:33:36:AD:35:98:AD:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A20D4FE6CD6A11EFBB25CA59762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.126.0/24
Signature Algorithm: sha256WithRSAEncryption
53:ac:ba:a3:56:03:5a:ae:1c:54:d1:bd:35:5c:f7:2a:d0:80:
bb:0d:47:4a:c3:de:44:c2:ce:1b:89:93:fd:1e:0a:2a:cd:71:
a1:dc:29:1b:d6:81:7d:40:a0:fc:b6:26:db:e3:85:8a:70:90:
28:a8:10:01:5c:b0:bd:e3:c9:18:b0:9a:bf:6b:be:b0:59:b1:
00:04:73:17:48:32:01:70:e1:09:00:3c:9b:ce:8b:d0:47:b8:
1c:5c:5c:33:bd:ba:fb:0c:d6:ef:9c:bf:14:71:1b:14:de:50:
ea:95:cf:c6:59:76:b1:3c:60:53:c5:1a:f7:82:0d:ff:76:1c:
b6:49:24:7c:34:0d:1b:04:9d:b8:7c:ad:e2:44:2f:a4:fc:1e:
02:47:96:25:db:bd:29:12:9a:f2:65:e4:c4:ef:40:03:55:e1:
d1:40:b9:2c:04:94:92:3e:81:3f:51:17:c1:d2:5b:d9:68:0a:
22:cf:58:0b:2a:11:4b:f9:75:19:7a:9a:90:c9:c7:75:09:f9:
39:63:af:ee:41:d6:75:0d:b4:97:ad:01:4d:07:7e:68:4c:72:
e9:1a:7a:49:cf:b4:a0:93:4f:f8:7b:f2:1d:7a:57:83:0e:6d:
ba:e3:86:32:28:67:25:95:63:c1:fc:82:22:e9:39:85:85:d0:
57:bc:de:0d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP9jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDI0NTMwWhcNMjUxMjEzMDI0NTMwWjAYMRYw
FAYDVQQDEw02NzdkZTZjZS1jM2ZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw33KgCfwt3KnkPDjBVM78FVQOQ+RUD/AKWA4UGIpA3pZ06TSKKIkhDr1
KagEXR8ST89WdIJzxEDjrDeJApYk9qqu0p3lRohVnBLWoNpfU4N5BySkrtw0m6OQ
bee2SGKEj/AzW9j3+x08bloc7d4hm7e6SKObNR+GogTq39T0Vex7f6+j4NSOgD5S
lDWKkzG5qKmTHec0A7svOYuCzme8l5sGV6cQaYP9PErCTfTqYti1aYeXoBlT8HdU
m4OvX6KzL38OZdznEAog/ueLPouf2VcfMsxLsUpvcKIm0cHohX9QFFdh/iIxtXti
5iLoyM1oPu2hnUR9KbcwzcSKNtipewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL3C
5DUZRWSbHl5ZXPIzNq01mK3oMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMjBENEZFNkNENkExMUVGQkIyNUNBNTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPd+MA0GCSqGSIb3DQEBCwUA
A4IBAQBTrLqjVgNarhxU0b01XPcq0IC7DUdKw95Ews4biZP9HgoqzXGh3Ckb1oF9
QKD8tibb44WKcJAoqBABXLC948kYsJq/a76wWbEABHMXSDIBcOEJADybzovQR7gc
XFwzvbr7DNbvnL8UcRsU3lDqlc/GWXaxPGBTxRr3gg3/dhy2SSR8NA0bBJ24fK3i
RC+k/B4CR5Yl270pEpryZeTE70ADVeHRQLksBJSSPoE/URfB0lvZaAoiz1gLKhFL
+XUZepqQycd1Cfk5Y6/uQdZ1DbSXrQFNB35oTHLpGnpJz7Sgk0/4e/IdeleDDm26
44YyKGcllWPB/IIi6TmFhdBXvN4N
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:09 2025 by rpki-client