Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A340BECACD8811EFBAE5F99C762E951A.roa
File: A340BECACD8811EFBAE5F99C762E951A.roa (raw, json)
Hash identifier: vg87hkMo3nLH7TltkZllGDHRuFVdYPNy3boJ+zdfzuc=
Subject key identifier: 4E:69:E7:1A:25:E7:52:50:DA:D1:FC:3F:A4:C1:84:82:B1:7C:A6:E0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01003F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A340BECACD8811EFBAE5F99C762E951A.roa
Signing time: Wed 08 Jan 2025 06:20:21 +0000
ROA not before: Wed 08 Jan 2025 06:20:17 +0000
ROA not after: Sat 13 Dec 2025 06:20:17 +0000
asID: 984
IP address blocks: 156.252.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65599 (0x1003f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 06:20:17 2025 GMT
Not After : Dec 13 06:20:17 2025 GMT
Subject: CN=677e1925-5c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:fa:13:9b:24:21:29:b7:b7:64:00:9e:a5:0e:
60:ab:4e:9b:29:d8:df:69:4a:97:39:7e:c2:ed:c2:
ed:dc:10:75:c6:3c:ad:95:c6:53:b7:40:d9:3a:82:
b1:c6:03:b9:50:4f:25:12:04:92:95:b3:b2:67:02:
1b:9f:56:0a:5d:67:86:f3:76:f9:6d:d1:71:0e:20:
31:44:f9:16:58:ab:1f:72:47:0f:82:7c:e8:02:dd:
09:24:38:5e:26:f0:ca:7f:8a:c7:18:b8:67:47:ab:
26:16:e4:8b:e8:dc:e7:0f:4b:49:c8:bb:c4:85:69:
a9:b4:60:02:55:db:7d:d2:b6:83:5d:77:03:9f:08:
83:7e:29:f2:0e:74:c9:eb:65:ec:2b:19:98:a7:30:
84:37:75:23:18:41:3a:a3:76:f1:34:2a:e4:8d:86:
70:01:c6:76:bf:90:fe:3b:6d:03:af:32:15:26:bb:
8c:7c:9a:61:5e:95:61:17:44:5a:e7:1f:ed:b1:70:
67:7e:8b:57:7d:6c:95:c5:7e:c3:c9:64:6c:b5:fd:
bf:e5:d9:0a:ca:77:47:a7:0d:53:35:17:43:d9:fc:
8f:8f:47:20:15:c7:6c:f1:7c:27:d2:49:41:b1:5d:
94:e4:c3:61:b2:0b:3b:85:3a:8c:d0:fc:79:d3:81:
e8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:69:E7:1A:25:E7:52:50:DA:D1:FC:3F:A4:C1:84:82:B1:7C:A6:E0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A340BECACD8811EFBAE5F99C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.46.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:d8:03:76:40:fb:dc:4e:d7:e1:c6:72:99:af:1f:1c:84:71:
6c:0b:f6:d1:88:06:d3:a9:03:d1:8c:3b:8e:36:30:61:c9:3c:
25:dd:0e:a0:05:6f:d6:61:10:94:fa:e6:94:26:51:a8:d0:8f:
c0:44:a0:b3:cf:72:ae:27:da:59:d4:89:5b:25:5a:a8:e7:e5:
29:63:17:47:14:d8:41:3e:58:cd:30:2a:83:3e:29:0d:4a:00:
8e:ec:42:bd:48:b5:d0:c7:80:fe:6b:33:c1:9e:74:49:f4:9d:
13:bc:02:22:f1:15:0e:07:d0:2a:6f:73:fe:73:36:7f:9a:1a:
cf:b5:9f:bb:27:ef:4f:1b:d0:6d:40:66:6d:ac:7d:0f:93:2f:
7e:18:7c:0d:ff:24:e3:ad:bc:10:db:78:43:16:32:0c:22:c7:
0d:9d:b9:cf:7c:4d:48:98:86:40:5f:3e:07:7c:19:b0:85:ce:
61:3a:93:e9:c3:84:b2:78:37:b4:88:a0:a0:ea:23:e4:9e:d2:
4e:92:a2:62:c8:b3:83:18:db:5a:1a:dd:32:15:8b:78:bf:c6:
d0:74:a6:79:a1:a3:77:48:5e:1e:75:85:97:4f:eb:01:53:0f:
88:26:26:53:6f:49:c7:20:d1:66:e6:53:51:64:57:0e:9e:be:
ca:64:c7:8a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQA/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDYyMDE3WhcNMjUxMjEzMDYyMDE3WjAYMRYw
FAYDVQQDEw02NzdlMTkyNS01YzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2/oTmyQhKbe3ZACepQ5gq06bKdjfaUqXOX7C7cLt3BB1xjytlcZTt0DZ
OoKxxgO5UE8lEgSSlbOyZwIbn1YKXWeG83b5bdFxDiAxRPkWWKsfckcPgnzoAt0J
JDheJvDKf4rHGLhnR6smFuSL6NznD0tJyLvEhWmptGACVdt90raDXXcDnwiDfiny
DnTJ62XsKxmYpzCEN3UjGEE6o3bxNCrkjYZwAcZ2v5D+O20DrzIVJruMfJphXpVh
F0Ra5x/tsXBnfotXfWyVxX7DyWRstf2/5dkKyndHpw1TNRdD2fyPj0cgFcds8Xwn
0klBsV2U5MNhsgs7hTqM0Px504Ho0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE5p
5xol51JQ2tH8P6TBhIKxfKbgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMzQwQkVDQUNEODgxMUVGQkFFNUY5OUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwuMA0GCSqGSIb3DQEBCwUA
A4IBAQA72AN2QPvcTtfhxnKZrx8chHFsC/bRiAbTqQPRjDuONjBhyTwl3Q6gBW/W
YRCU+uaUJlGo0I/ARKCzz3KuJ9pZ1IlbJVqo5+UpYxdHFNhBPljNMCqDPikNSgCO
7EK9SLXQx4D+azPBnnRJ9J0TvAIi8RUOB9Aqb3P+czZ/mhrPtZ+7J+9PG9BtQGZt
rH0Pky9+GHwN/yTjrbwQ23hDFjIMIscNnbnPfE1ImIZAXz4HfBmwhc5hOpPpw4Sy
eDe0iKCg6iPkntJOkqJiyLODGNtaGt0yFYt4v8bQdKZ5oaN3SF4edYWXT+sBUw+I
JiZTb0nHINFm5lNRZFcOnr7KZMeK
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:54 2025 by rpki-client