Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A5DFB4E2CD4211EFB1E08C4C762E951A.roa
File: A5DFB4E2CD4211EFB1E08C4C762E951A.roa (raw, json)
Hash identifier: +qHTkyqK00jnz81hUCkDXDlXSHr88N3xIMTXdDcvbYQ=
Subject key identifier: 16:CE:42:B8:23:D4:FB:4F:CA:6D:84:16:BF:EE:7A:4C:23:DC:76:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE7D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A5DFB4E2CD4211EFB1E08C4C762E951A.roa
Signing time: Tue 07 Jan 2025 21:59:21 +0000
ROA not before: Tue 07 Jan 2025 21:59:17 +0000
ROA not after: Sat 13 Dec 2025 21:59:17 +0000
asID: 984
IP address blocks: 156.243.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65149 (0xfe7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:59:17 2025 GMT
Not After : Dec 13 21:59:17 2025 GMT
Subject: CN=677da3b8-ad60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4b:2d:c7:75:86:97:30:5c:ec:2c:35:d6:5a:
2c:cb:44:04:bc:4f:01:a7:fc:2b:4e:0e:46:2f:52:
36:85:35:79:38:5a:83:51:26:70:c8:d7:c5:7c:67:
76:44:79:07:90:58:db:d3:d5:01:7d:82:8e:9d:d8:
c9:12:b9:1c:df:60:e5:c5:73:5f:6d:a7:40:0e:ae:
4b:f8:4f:44:7a:8e:52:2c:4f:f6:eb:79:4f:7c:a5:
09:06:32:52:69:94:0e:25:92:08:d2:10:1c:88:04:
83:42:27:80:66:c4:20:24:bd:f1:74:1a:f9:2c:26:
64:2a:46:d7:54:a7:41:82:d0:ce:6f:f4:37:64:aa:
98:51:28:7a:58:05:1c:62:92:58:d7:91:3d:3f:16:
e9:02:04:a0:de:a9:26:95:44:40:c1:d1:99:94:25:
75:8b:90:3d:67:d8:4a:4a:b0:eb:c6:ce:18:03:b4:
85:5a:27:07:86:69:df:d9:bd:bb:b2:ec:92:b8:34:
46:b9:ef:db:62:b6:f0:c1:e6:42:00:0c:31:54:1b:
11:3c:81:d6:8d:62:65:4d:b0:d2:f3:3a:63:6e:53:
89:99:f4:e6:51:7d:90:68:dd:56:3a:47:a2:c7:aa:
64:82:18:72:36:c2:33:a3:03:69:29:fd:9c:b5:40:
c1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:CE:42:B8:23:D4:FB:4F:CA:6D:84:16:BF:EE:7A:4C:23:DC:76:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A5DFB4E2CD4211EFB1E08C4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.105.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:4a:7f:c1:0b:17:02:03:70:c7:b8:bd:9d:4b:ec:cd:59:07:
c3:5b:fd:cb:f8:6c:a6:b8:d7:e1:fe:ae:60:74:36:41:ad:35:
c4:24:c1:0e:40:fe:27:81:84:4c:06:94:b8:12:ab:ae:7c:14:
1c:07:45:f7:84:5e:a3:6b:ce:cc:62:ee:d5:21:e4:6a:55:78:
e0:cd:02:f5:75:10:27:da:5d:7e:dc:0d:66:7c:85:ce:de:73:
ec:94:70:be:cc:a0:ef:58:61:19:3e:22:6d:05:ef:22:f9:0e:
16:04:44:28:63:b7:82:3d:70:52:5f:50:15:97:51:0b:f0:c3:
67:c2:f4:78:e6:96:7d:68:c5:a6:df:39:15:0c:0a:27:0a:cf:
62:64:e9:64:f4:40:3a:b2:20:67:2e:d5:ed:6b:aa:c4:9a:80:
81:00:45:65:7b:52:5b:b1:2a:00:20:5f:8a:02:29:2c:e3:01:
7c:22:00:14:80:85:61:c7:2d:e2:63:17:de:87:91:74:4e:d5:
84:9e:c5:68:b0:85:6a:3e:d6:db:ad:7b:31:b3:ed:f2:21:7c:
94:e9:31:9b:b6:cc:fc:df:43:10:2e:09:fc:b6:03:08:96:6f:
22:c4:87:cb:00:e1:b7:24:17:6f:94:14:72:a4:8b:b8:b1:3d:
b4:23:fc:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP59MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjE1OTE3WhcNMjUxMjEzMjE1OTE3WjAYMRYw
FAYDVQQDEw02NzdkYTNiOC1hZDYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyUstx3WGlzBc7Cw11losy0QEvE8Bp/wrTg5GL1I2hTV5OFqDUSZwyNfF
fGd2RHkHkFjb09UBfYKOndjJErkc32DlxXNfbadADq5L+E9Eeo5SLE/263lPfKUJ
BjJSaZQOJZII0hAciASDQieAZsQgJL3xdBr5LCZkKkbXVKdBgtDOb/Q3ZKqYUSh6
WAUcYpJY15E9PxbpAgSg3qkmlURAwdGZlCV1i5A9Z9hKSrDrxs4YA7SFWicHhmnf
2b27suySuDRGue/bYrbwweZCAAwxVBsRPIHWjWJlTbDS8zpjblOJmfTmUX2QaN1W
Okeix6pkghhyNsIzowNpKf2ctUDBGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBbO
Qrgj1PtPym2EFr/uekwj3HZdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNURGQjRFMkNENDIxMUVGQjFFMDhDNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNpMA0GCSqGSIb3DQEBCwUA
A4IBAQA9Sn/BCxcCA3DHuL2dS+zNWQfDW/3L+GymuNfh/q5gdDZBrTXEJMEOQP4n
gYRMBpS4EquufBQcB0X3hF6ja87MYu7VIeRqVXjgzQL1dRAn2l1+3A1mfIXO3nPs
lHC+zKDvWGEZPiJtBe8i+Q4WBEQoY7eCPXBSX1AVl1EL8MNnwvR45pZ9aMWm3zkV
DAonCs9iZOlk9EA6siBnLtXta6rEmoCBAEVle1JbsSoAIF+KAiks4wF8IgAUgIVh
xy3iYxfeh5F0TtWEnsVosIVqPtbbrXsxs+3yIXyU6TGbtsz830MQLgn8tgMIlm8i
xIfLAOG3JBdvlBRypIu4sT20I/xc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:37 2025 by rpki-client