Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7876D6CCDC911EF8F2AE3B5762E951A.roa
File: A7876D6CCDC911EF8F2AE3B5762E951A.roa (raw, json)
Hash identifier: imqIg4a6tY/k+gHCZOCp+NwnntFFBXHtfEn/iZtrUyU=
Subject key identifier: 68:C2:BF:3D:D7:58:01:EA:A9:0D:E0:15:BE:7C:12:97:2B:63:D8:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101C2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7876D6CCDC911EF8F2AE3B5762E951A.roa
Signing time: Wed 08 Jan 2025 14:05:45 +0000
ROA not before: Wed 08 Jan 2025 14:05:42 +0000
ROA not after: Thu 25 Dec 2025 14:05:42 +0000
asID: 984
IP address blocks: 156.226.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65986 (0x101c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:05:42 2025 GMT
Not After : Dec 25 14:05:42 2025 GMT
Subject: CN=677e8639-c728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:78:e9:cb:62:1c:90:f2:90:58:44:e4:61:73:
4f:5e:ae:36:e6:e7:ff:02:e8:19:6d:07:14:b5:d4:
a4:b0:23:24:59:fd:6e:78:83:59:0f:23:e8:a6:93:
dd:ec:1c:5d:3a:6c:d7:0c:49:12:4f:b4:4c:2e:2e:
bd:a9:a2:90:db:dd:81:53:f6:47:38:4f:42:07:45:
2b:66:2a:e5:74:11:71:37:35:78:14:bb:1e:1f:3a:
c6:4c:0a:9c:a2:38:bf:3c:23:5c:97:33:c3:f5:d2:
b3:74:6e:80:9d:c3:33:ca:01:43:0b:bc:54:8a:29:
99:a0:a1:7e:42:0a:3c:00:19:f0:3e:d8:5c:ef:ca:
90:92:c8:f2:b9:38:f1:31:14:71:8c:7d:b4:75:3d:
06:39:34:43:8f:bd:c1:45:0b:31:93:77:1d:65:10:
e2:33:ee:b2:77:df:c4:b4:e1:d7:c4:31:4e:b5:52:
8d:2d:ee:52:c5:fa:15:15:61:9b:11:d2:98:38:fa:
24:2d:54:ec:0e:e1:fe:98:07:45:e0:c4:6c:be:98:
4d:8e:0d:31:49:1a:b6:85:bd:83:1b:b6:be:10:b7:
17:0f:da:0b:17:49:da:a7:7a:7a:d2:aa:a1:b2:cf:
94:4e:80:73:60:4c:a5:73:95:69:8a:5a:6b:cb:ce:
88:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C2:BF:3D:D7:58:01:EA:A9:0D:E0:15:BE:7C:12:97:2B:63:D8:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7876D6CCDC911EF8F2AE3B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.166.0/24
Signature Algorithm: sha256WithRSAEncryption
03:7e:58:49:8d:a4:0c:ff:32:8d:39:5c:ab:f6:8f:38:ba:3a:
10:ed:87:33:2f:06:30:40:e7:a5:85:5b:54:ef:ac:6d:29:f9:
7a:c1:99:3a:01:62:88:d5:b7:5d:d2:e6:d7:e6:41:90:48:06:
a1:fa:74:b2:2e:37:d6:fa:d8:e6:39:fd:56:d3:08:8b:f8:6a:
ba:5e:f8:91:47:d6:5c:f9:75:5e:33:dd:2e:8b:94:b4:e8:dc:
e4:43:d3:d9:46:59:fc:5f:4e:4a:73:47:52:ec:1e:b8:e8:56:
99:af:d7:73:f8:6b:b5:3d:ab:b5:57:df:9d:af:ec:fc:6a:11:
e9:2b:ce:13:c2:32:ba:1d:59:3f:ba:57:08:a7:99:59:c7:6e:
46:da:3f:f5:65:22:80:59:ca:70:f8:96:ea:50:1f:67:de:fc:
29:c7:39:bc:d3:74:52:e2:54:06:8e:58:8e:32:a3:c2:3b:1f:
5f:91:54:7a:3e:08:f9:d2:ed:6f:45:34:4b:80:43:43:90:5b:
07:8c:77:91:8b:a7:1c:a0:eb:6a:8c:8b:e3:20:96:26:9c:88:
b9:b9:25:d8:2a:08:1a:d8:b4:ea:59:a3:f6:a3:fa:84:fa:17:
03:e0:bb:1c:86:8a:0b:5f:54:8e:9a:cb:c8:39:39:61:74:59:
ed:16:ef:18
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQHCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQwNTQyWhcNMjUxMjI1MTQwNTQyWjAYMRYw
FAYDVQQDEw02NzdlODYzOS1jNzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuHjpy2IckPKQWETkYXNPXq425uf/AugZbQcUtdSksCMkWf1ueINZDyPo
ppPd7BxdOmzXDEkST7RMLi69qaKQ292BU/ZHOE9CB0UrZirldBFxNzV4FLseHzrG
TAqcoji/PCNclzPD9dKzdG6AncMzygFDC7xUiimZoKF+Qgo8ABnwPthc78qQksjy
uTjxMRRxjH20dT0GOTRDj73BRQsxk3cdZRDiM+6yd9/EtOHXxDFOtVKNLe5SxfoV
FWGbEdKYOPokLVTsDuH+mAdF4MRsvphNjg0xSRq2hb2DG7a+ELcXD9oLF0nap3p6
0qqhss+UToBzYEylc5Vpilpry86I2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGjC
vz3XWAHqqQ3gFb58EpcrY9jTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNzg3NkQ2Q0NEQzkxMUVGOEYyQUUzQjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKmMA0GCSqGSIb3DQEBCwUA
A4IBAQADflhJjaQM/zKNOVyr9o84ujoQ7YczLwYwQOelhVtU76xtKfl6wZk6AWKI
1bdd0ubX5kGQSAah+nSyLjfW+tjmOf1W0wiL+Gq6XviRR9Zc+XVeM90ui5S06Nzk
Q9PZRln8X05Kc0dS7B646FaZr9dz+Gu1Pau1V9+dr+z8ahHpK84TwjK6HVk/ulcI
p5lZx25G2j/1ZSKAWcpw+JbqUB9n3vwpxzm803RS4lQGjliOMqPCOx9fkVR6Pgj5
0u1vRTRLgENDkFsHjHeRi6ccoOtqjIvjIJYmnIi5uSXYKgga2LTqWaP2o/qE+hcD
4LschooLX1SOmsvIOTlhdFntFu8Y
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:04 2025 by rpki-client