Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A442C166CD2D11EFA899A648762E951A.roa
File: A442C166CD2D11EFA899A648762E951A.roa (raw, json)
Hash identifier: r4DtkmZdBr6Sdtq01py0ZFJuyX5RihFWP41iJCstKsA=
Subject key identifier: EF:1C:B3:CC:69:3C:71:EC:D5:41:E1:E9:03:64:27:B5:47:5B:07:1D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDD7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A442C166CD2D11EFA899A648762E951A.roa
Signing time: Tue 07 Jan 2025 19:28:58 +0000
ROA not before: Tue 07 Jan 2025 19:28:55 +0000
ROA not after: Mon 13 Dec 2027 19:28:55 +0000
asID: 17561
IP address blocks: 156.241.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64983 (0xfdd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:28:55 2025 GMT
Not After : Dec 13 19:28:55 2027 GMT
Subject: CN=677d807a-1c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2c:1d:03:12:89:b0:2c:d8:5c:e0:cd:c7:ee:
41:da:12:46:a2:24:bc:c1:06:39:d4:b2:d9:54:13:
ea:3e:bf:69:01:61:e3:d9:9f:47:95:fb:6c:30:f7:
f0:75:34:94:53:ac:32:b6:64:25:bc:0e:d1:c8:d7:
f3:19:ff:9c:7b:70:16:20:66:57:6f:69:dc:d2:da:
81:12:ea:8f:b7:8d:cf:fa:be:02:d9:6d:32:5f:5a:
e1:fd:6e:53:9a:58:e9:fc:50:bf:26:7a:fc:5f:65:
cc:c8:61:35:04:ba:f6:44:be:c3:5c:78:19:e9:4d:
06:ca:ec:73:8d:f5:11:3d:f9:9c:2d:54:4a:65:7f:
49:bf:53:9e:6b:25:92:c0:84:bf:f5:2c:93:52:32:
3b:22:2d:6a:c2:72:41:8b:31:79:ef:8f:ce:55:7b:
ab:25:ea:72:4f:86:97:45:49:94:81:c8:52:25:fe:
8f:f9:d9:58:cf:2e:4f:ee:98:88:01:03:e2:5f:6f:
d7:ca:42:01:46:ef:c8:9f:25:a2:e2:36:ea:49:d8:
f7:c1:64:bf:6f:fa:c6:23:e1:0f:90:f0:b3:45:ca:
a7:f5:56:53:67:3f:35:ca:73:8e:e2:a7:b2:72:e3:
26:3a:e7:33:2d:bd:57:40:5b:01:85:ab:91:c1:56:
3b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:1C:B3:CC:69:3C:71:EC:D5:41:E1:E9:03:64:27:B5:47:5B:07:1D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A442C166CD2D11EFA899A648762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.250.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:f8:e1:ce:10:5b:52:02:9f:08:f0:8b:da:27:d0:71:fa:29:
d8:7f:e4:ee:ac:e7:52:8f:18:87:4d:f7:5a:31:9a:db:fe:11:
2a:2c:1f:d9:b8:1b:a8:0a:e5:44:0c:28:ec:cb:2c:c6:6a:19:
4a:f8:6f:76:73:c7:56:18:44:b7:84:d6:88:4e:1c:c8:3f:04:
26:4d:46:d0:92:6d:94:ad:7e:2f:cd:ea:45:be:21:7d:93:ec:
c0:16:33:bf:9b:ba:e1:b1:ad:a4:fe:20:39:f8:97:f7:03:e1:
e1:c8:46:f4:91:71:ad:13:a3:e6:2c:db:fe:02:3d:fe:1a:b5:
d1:b2:d2:0e:00:bf:90:8f:c1:9d:e7:b4:82:90:60:79:a4:4e:
f7:e7:bf:3b:40:72:42:52:26:8b:ff:29:c7:e1:be:5d:74:43:
74:f2:c6:be:4e:c0:cf:64:d2:15:ad:a0:2c:ae:59:5a:32:8c:
3e:8d:89:8c:ce:a3:cb:c9:4e:e0:28:21:99:be:d7:61:e4:f7:
e0:4b:d1:0a:bf:bf:27:43:13:a0:6c:f1:36:09:1d:f9:40:32:
4a:c3:c7:5f:57:bc:47:fd:05:82:2d:0d:84:26:80:b9:2a:b4:
4d:a8:3d:ce:e9:4b:6b:fe:f0:ce:cf:f4:bd:ff:45:ab:86:6e:
99:11:1a:8d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP3XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTkyODU1WhcNMjcxMjEzMTkyODU1WjAYMRYw
FAYDVQQDEw02NzdkODA3YS0xYzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvywdAxKJsCzYXODNx+5B2hJGoiS8wQY51LLZVBPqPr9pAWHj2Z9Hlfts
MPfwdTSUU6wytmQlvA7RyNfzGf+ce3AWIGZXb2nc0tqBEuqPt43P+r4C2W0yX1rh
/W5Tmljp/FC/Jnr8X2XMyGE1BLr2RL7DXHgZ6U0GyuxzjfURPfmcLVRKZX9Jv1Oe
ayWSwIS/9SyTUjI7Ii1qwnJBizF574/OVXurJepyT4aXRUmUgchSJf6P+dlYzy5P
7piIAQPiX2/XykIBRu/InyWi4jbqSdj3wWS/b/rGI+EPkPCzRcqn9VZTZz81ynOO
4qeycuMmOuczLb1XQFsBhauRwVY7hwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO8c
s8xpPHHs1UHh6QNkJ7VHWwcdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNDQyQzE2NkNEMkQxMUVGQTg5OUE2NDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPH6MA0GCSqGSIb3DQEBCwUA
A4IBAQBO+OHOEFtSAp8I8IvaJ9Bx+inYf+TurOdSjxiHTfdaMZrb/hEqLB/ZuBuo
CuVEDCjsyyzGahlK+G92c8dWGES3hNaIThzIPwQmTUbQkm2UrX4vzepFviF9k+zA
FjO/m7rhsa2k/iA5+Jf3A+HhyEb0kXGtE6PmLNv+Aj3+GrXRstIOAL+Qj8Gd57SC
kGB5pE735787QHJCUiaL/ynH4b5ddEN08sa+TsDPZNIVraAsrllaMow+jYmMzqPL
yU7gKCGZvtdh5PfgS9EKv78nQxOgbPE2CR35QDJKw8dfV7xH/QWCLQ2EJoC5KrRN
qD3O6Utr/vDOz/S9/0Wrhm6ZERqN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:25 2025 by rpki-client