Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A4B5256ACDAC11EFAE32227F762E951A.roa
File: A4B5256ACDAC11EFAE32227F762E951A.roa (raw, json)
Hash identifier: sUgB9004uPL2cvJMErG0XcvpsLhKkEkMP2MiKu3x+MI=
Subject key identifier: 5C:01:74:70:DD:D7:81:D5:32:16:4E:32:CE:7E:D0:3F:01:93:DC:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01015D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A4B5256ACDAC11EFAE32227F762E951A.roa
Signing time: Wed 08 Jan 2025 10:38:05 +0000
ROA not before: Wed 08 Jan 2025 10:38:02 +0000
ROA not after: Sat 13 Dec 2025 10:38:02 +0000
asID: 984
IP address blocks: 156.255.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65885 (0x1015d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:38:02 2025 GMT
Not After : Dec 13 10:38:02 2025 GMT
Subject: CN=677e558d-20d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d9:7a:f6:94:9c:8b:3e:d9:9e:8a:51:f8:64:
64:3d:ba:71:21:fd:14:7d:26:b3:b3:63:ab:0b:7f:
21:21:e8:47:f4:31:48:36:d9:46:05:db:22:7f:b3:
ab:71:cb:87:5d:d2:a6:d3:1e:dc:a3:30:b7:24:64:
c7:0e:90:eb:fa:31:fa:6c:c9:64:7f:f5:c3:88:d1:
6a:f8:66:b5:d0:ea:72:0a:1d:04:57:bd:5c:a2:b4:
84:48:9a:ab:27:bf:d8:e0:88:c8:66:71:53:23:11:
0d:7a:f7:ca:d5:9b:11:29:1c:d9:b6:d9:7e:79:d0:
1c:50:bd:06:42:3e:9f:96:20:85:0d:12:4a:fc:e9:
25:3b:4c:01:4f:85:d5:e1:69:65:51:61:c7:51:a7:
22:52:fb:da:09:af:68:19:7d:2f:ef:78:bd:64:c3:
f9:a0:17:38:3f:8d:40:31:96:2c:01:d2:e5:b7:a4:
d3:9b:d8:e1:aa:7e:2d:24:9d:e2:35:03:49:8b:06:
18:c7:17:6c:87:45:91:76:dd:34:e0:8f:e6:70:e4:
27:5f:d6:55:98:c6:38:fb:2a:49:53:bc:7e:e6:5f:
4b:c3:e9:59:67:ef:7c:61:1a:1b:6f:d4:e5:30:90:
73:ca:71:ab:96:a8:4a:b2:9a:9b:e8:ed:4f:23:7b:
3a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:01:74:70:DD:D7:81:D5:32:16:4E:32:CE:7E:D0:3F:01:93:DC:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A4B5256ACDAC11EFAE32227F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.49.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:7e:6b:c2:2f:53:43:40:8b:53:8a:25:6d:c9:a6:11:3c:9f:
d9:a5:95:2d:f6:d9:09:73:a1:6e:63:71:17:be:e3:d1:25:ed:
b1:eb:37:0e:9d:d4:67:d3:99:79:29:5e:fe:e9:9e:af:bc:be:
72:b2:24:b6:37:83:e2:13:74:dc:62:94:53:22:5e:48:31:1d:
a8:0e:40:ae:1d:30:45:b0:d3:0e:95:8e:7c:29:50:da:db:a3:
0d:99:16:c8:70:19:40:25:87:4b:7e:5f:c6:3c:db:46:fb:70:
8e:6f:4c:da:81:28:5c:41:a0:34:72:aa:81:ba:7f:8c:98:64:
88:81:d1:38:2f:00:8d:8d:5d:b8:84:74:e7:29:54:02:15:8e:
ce:cb:29:79:55:01:a2:e3:5b:a9:87:58:53:79:7c:25:77:fe:
dd:6e:6d:2d:8f:92:8c:dd:2f:0c:06:a8:52:c4:4b:df:7a:a5:
85:21:3f:86:a2:c6:01:6f:fd:3f:32:ca:97:b8:39:2d:56:7f:
14:53:5e:b1:f0:3d:2f:c3:f9:12:60:e7:40:e8:f4:7f:7b:ed:
3b:f6:9b:8d:d7:6b:0c:d2:40:b0:8c:f6:7a:e6:ed:b4:47:59:
26:e3:01:c4:33:54:14:6f:40:13:54:4c:e0:73:96:5b:70:2b:
f8:28:d7:28
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTAzODAyWhcNMjUxMjEzMTAzODAyWjAYMRYw
FAYDVQQDEw02NzdlNTU4ZC0yMGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxdl69pSciz7ZnopR+GRkPbpxIf0UfSazs2OrC38hIehH9DFINtlGBdsi
f7OrccuHXdKm0x7cozC3JGTHDpDr+jH6bMlkf/XDiNFq+Ga10OpyCh0EV71corSE
SJqrJ7/Y4IjIZnFTIxENevfK1ZsRKRzZttl+edAcUL0GQj6fliCFDRJK/OklO0wB
T4XV4WllUWHHUaciUvvaCa9oGX0v73i9ZMP5oBc4P41AMZYsAdLlt6TTm9jhqn4t
JJ3iNQNJiwYYxxdsh0WRdt004I/mcOQnX9ZVmMY4+ypJU7x+5l9Lw+lZZ+98YRob
b9TlMJBzynGrlqhKspqb6O1PI3s6UQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFwB
dHDd14HVMhZOMs5+0D8Bk9yvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNEI1MjU2QUNEQUMxMUVGQUUzMjIyN0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8xMA0GCSqGSIb3DQEBCwUA
A4IBAQBMfmvCL1NDQItTiiVtyaYRPJ/ZpZUt9tkJc6FuY3EXvuPRJe2x6zcOndRn
05l5KV7+6Z6vvL5ysiS2N4PiE3TcYpRTIl5IMR2oDkCuHTBFsNMOlY58KVDa26MN
mRbIcBlAJYdLfl/GPNtG+3COb0zagShcQaA0cqqBun+MmGSIgdE4LwCNjV24hHTn
KVQCFY7Oyyl5VQGi41uph1hTeXwld/7dbm0tj5KM3S8MBqhSxEvfeqWFIT+GosYB
b/0/MsqXuDktVn8UU16x8D0vw/kSYOdA6PR/e+079puN12sM0kCwjPZ65u20R1km
4wHEM1QUb0ATVEzgc5ZbcCv4KNco
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:27 2025 by rpki-client