Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8B88F3CCE3B11EFB0333396762E951A.roa
File: A8B88F3CCE3B11EFB0333396762E951A.roa (raw, json)
Hash identifier: 4KJt+9FUAqWD7DQot03Sa5g9P6+zOUU/oOCY594ErS8=
Subject key identifier: D9:BD:0B:F1:27:8F:A1:95:6D:9A:E1:DA:BE:E0:4B:78:FE:4A:36:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010249
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8B88F3CCE3B11EFB0333396762E951A.roa
Signing time: Thu 09 Jan 2025 03:41:50 +0000
ROA not before: Thu 09 Jan 2025 03:41:46 +0000
ROA not after: Fri 09 Jan 2026 03:41:46 +0000
asID: 17561
IP address blocks: 156.247.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66121 (0x10249)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 03:41:46 2025 GMT
Not After : Jan 9 03:41:46 2026 GMT
Subject: CN=677f457e-00fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:cd:14:81:2c:f7:04:8e:0a:ab:9c:ae:7c:d1:
50:fa:8a:6c:0c:b2:01:27:75:a1:79:1e:ab:71:73:
85:e0:30:d6:67:5a:9a:a8:3d:bc:3e:43:1a:1e:b5:
e6:37:b3:63:97:d3:1e:49:15:32:3a:84:a6:86:1b:
87:ed:7c:2d:9a:19:2e:ed:1b:72:0f:87:3f:e9:d7:
25:bb:d1:e8:f1:36:93:9c:d2:ba:44:ad:7e:4d:d6:
7d:2a:ef:1e:20:05:b4:3f:7e:24:56:58:6b:4c:60:
ed:db:f4:62:7c:aa:a6:19:7c:f0:44:35:a7:17:03:
ef:10:7a:96:2a:00:28:80:b5:de:3d:22:83:24:8b:
6d:f1:91:9b:8e:f3:78:ab:ae:ab:35:0b:81:2e:55:
82:51:31:84:71:bc:df:23:ae:27:14:ab:9b:12:81:
f2:0c:fb:01:6e:78:e5:bf:ab:f7:7a:92:e0:d5:7b:
8a:f7:40:af:cd:d2:43:9b:58:8b:48:f2:22:91:1f:
40:af:2d:20:76:ae:11:6d:0f:49:a1:2d:6c:97:cf:
8b:26:cf:e9:33:7d:40:7b:7e:63:78:95:d3:69:0b:
41:61:61:01:b0:58:97:d0:9b:a8:59:73:0c:c6:7b:
64:a2:b5:32:57:91:f2:1c:7b:8e:af:76:1c:95:11:
28:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BD:0B:F1:27:8F:A1:95:6D:9A:E1:DA:BE:E0:4B:78:FE:4A:36:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8B88F3CCE3B11EFB0333396762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.56.0/24
Signature Algorithm: sha256WithRSAEncryption
07:5b:69:14:7e:e9:20:7f:81:f9:f3:7c:98:d7:08:95:29:84:
53:bf:0d:ae:37:d9:5c:7f:eb:80:8f:8c:c2:84:15:39:58:cc:
c4:11:e4:fd:15:5d:4f:90:68:cf:20:4b:da:b2:22:05:96:6e:
70:2a:c4:71:22:71:c0:67:2e:9f:80:67:c6:43:7d:50:d7:b9:
08:92:00:5e:47:c1:36:83:f7:82:ba:19:df:29:39:b9:72:db:
83:35:d5:4a:16:6c:e7:bc:e2:e0:9d:c7:2f:0d:d4:86:5c:ed:
a8:79:c0:05:4d:c8:9f:84:bb:6f:95:38:2c:ab:f8:74:d5:cd:
a3:07:73:c0:91:a7:bc:d9:57:fc:54:a2:a1:3e:7f:0c:0d:18:
da:f4:2b:ed:c6:20:0b:0a:3a:e0:74:92:20:0d:13:b4:05:b2:
62:23:59:52:18:5c:2c:72:89:3a:b7:1f:4b:b6:de:a2:e8:80:
66:a9:b9:b4:5e:d9:a6:0f:be:32:f4:01:bd:97:83:ee:eb:24:
c4:04:27:07:a9:d4:8e:26:35:48:d9:4c:b1:56:0d:93:44:c7:
2b:c5:2a:76:34:50:fc:71:4f:7f:45:10:fa:16:50:db:ad:1f:
9f:f8:4a:dd:7a:74:20:85:f0:8e:0e:f3:30:52:39:44:53:48:
f2:d0:67:6a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQJJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDM0MTQ2WhcNMjYwMTA5MDM0MTQ2WjAYMRYw
FAYDVQQDEw02NzdmNDU3ZS0wMGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7s0UgSz3BI4Kq5yufNFQ+opsDLIBJ3WheR6rcXOF4DDWZ1qaqD28PkMa
HrXmN7Njl9MeSRUyOoSmhhuH7Xwtmhku7RtyD4c/6dclu9Ho8TaTnNK6RK1+TdZ9
Ku8eIAW0P34kVlhrTGDt2/RifKqmGXzwRDWnFwPvEHqWKgAogLXePSKDJItt8ZGb
jvN4q66rNQuBLlWCUTGEcbzfI64nFKubEoHyDPsBbnjlv6v3epLg1XuK90CvzdJD
m1iLSPIikR9Ary0gdq4RbQ9JoS1sl8+LJs/pM31Ae35jeJXTaQtBYWEBsFiX0Juo
WXMMxntkorUyV5HyHHuOr3YclREotwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNm9
C/Enj6GVbZrh2r7gS3j+SjadMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOEI4OEYzQ0NFM0IxMUVGQjAzMzMzOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPc4MA0GCSqGSIb3DQEBCwUA
A4IBAQAHW2kUfukgf4H583yY1wiVKYRTvw2uN9lcf+uAj4zChBU5WMzEEeT9FV1P
kGjPIEvasiIFlm5wKsRxInHAZy6fgGfGQ31Q17kIkgBeR8E2g/eCuhnfKTm5ctuD
NdVKFmznvOLgnccvDdSGXO2oecAFTcifhLtvlTgsq/h01c2jB3PAkae82Vf8VKKh
Pn8MDRja9CvtxiALCjrgdJIgDRO0BbJiI1lSGFwscok6tx9Ltt6i6IBmqbm0Xtmm
D74y9AG9l4Pu6yTEBCcHqdSOJjVI2UyxVg2TRMcrxSp2NFD8cU9/RRD6FlDbrR+f
+ErdenQghfCODvMwUjlEU0jy0Gdq
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:25 2025 by rpki-client