Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9E40104CBD211EFBDD111A7762E951A.roa
File: A9E40104CBD211EFBDD111A7762E951A.roa (raw, json)
Hash identifier: yEPdQaTUHcAp/pK0qDsLYIdL6g2GwgUo8NUW32e4z6c=
Subject key identifier: 49:4E:AB:19:6A:4A:95:95:4C:C1:8F:15:D0:E3:AE:E0:8C:FB:12:E5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7CA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9E40104CBD211EFBDD111A7762E951A.roa
Signing time: Mon 06 Jan 2025 02:05:12 +0000
ROA not before: Mon 06 Jan 2025 02:05:09 +0000
ROA not after: Sun 09 Feb 2025 02:05:09 +0000
asID: 203020
IP address blocks: 156.237.76.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63434 (0xf7ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 02:05:09 2025 GMT
Not After : Feb 9 02:05:09 2025 GMT
Subject: CN=677b3a58-6dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3e:a3:79:83:14:02:73:da:a7:65:da:64:13:
be:0c:b9:82:18:99:67:9d:0f:b6:eb:cb:c3:f0:01:
21:aa:43:59:4d:ed:98:6b:c0:92:9c:31:dd:e8:5c:
ba:00:bb:1c:2b:b2:c8:42:7d:fc:15:7b:f0:52:f8:
45:65:bb:a9:f7:f4:95:ea:c3:52:a1:bd:cc:bb:1b:
38:94:98:8b:7f:ce:c3:f7:2a:ac:33:56:d6:68:3a:
ad:e6:55:57:a8:0d:e7:6a:16:9b:48:9d:ea:37:f9:
43:bb:79:e2:af:27:63:a1:dd:14:70:11:0c:fe:23:
b6:eb:27:f0:5e:6e:d8:7b:45:4e:d0:db:b7:bc:19:
75:cb:3a:9a:cd:83:dc:84:aa:99:93:0c:41:b4:bd:
fc:34:58:1b:fa:37:76:7f:c1:36:0d:09:93:e7:78:
99:ef:3b:48:bf:06:dd:80:22:46:46:82:81:d6:06:
6c:05:fc:d0:e7:bd:8d:78:41:19:79:8f:2f:fe:db:
f1:57:87:f0:10:c9:aa:be:f1:66:66:a4:fa:7b:c2:
62:ce:3d:2a:9d:02:14:15:3a:8a:f1:8a:5e:77:d0:
90:30:49:1b:67:20:bf:a2:85:3f:43:42:4a:99:dd:
6e:1f:e4:4c:d1:63:50:27:23:1a:f2:f8:61:1b:69:
d0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:4E:AB:19:6A:4A:95:95:4C:C1:8F:15:D0:E3:AE:E0:8C:FB:12:E5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9E40104CBD211EFBDD111A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.76.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:33:52:d7:8e:56:d3:b7:e0:35:4b:04:18:91:8f:0b:e6:76:
94:f4:e2:90:f9:24:25:6a:65:a3:18:b2:e4:32:a8:ac:25:05:
9d:a0:f1:e0:bd:cc:fb:3a:5f:4c:0c:00:59:2e:62:62:4a:ca:
b6:24:03:3c:04:21:a9:cd:b1:58:26:dc:f7:d3:81:11:b6:5c:
1e:64:d8:5f:53:9c:0e:a8:13:2f:4d:e3:10:88:f4:d4:73:3b:
09:99:bc:c7:88:9a:a0:0b:72:73:fe:5e:4a:5f:f0:60:e3:f4:
06:28:ea:4b:02:e9:fa:b5:d1:21:07:0b:05:17:ab:f4:8d:5a:
d8:0b:d2:f5:91:2a:26:de:3e:7e:84:b7:28:4c:6e:c6:e2:1a:
06:4b:af:e5:c6:37:b1:89:dd:1e:84:c3:ed:84:c5:ec:ba:c8:
70:0c:e1:c0:42:4e:c8:70:08:93:af:f2:7f:a6:d1:a6:e3:7a:
98:2a:e2:90:73:0e:d4:44:a3:a6:c7:b7:a8:e3:3c:bc:df:dc:
81:0f:a6:97:f0:3f:f9:0c:bb:e8:4e:91:9f:70:16:59:be:d5:
94:ee:a4:14:0d:17:1c:dd:7a:99:5d:93:89:34:55:78:76:7d:
32:ba:f8:74:75:89:62:d9:dc:c8:6e:5f:75:22:41:4a:8e:bf:
ee:9f:97:60
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPfKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDIwNTA5WhcNMjUwMjA5MDIwNTA5WjAYMRYw
FAYDVQQDEw02NzdiM2E1OC02ZGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqT6jeYMUAnPap2XaZBO+DLmCGJlnnQ+268vD8AEhqkNZTe2Ya8CSnDHd
6Fy6ALscK7LIQn38FXvwUvhFZbup9/SV6sNSob3Muxs4lJiLf87D9yqsM1bWaDqt
5lVXqA3nahabSJ3qN/lDu3nirydjod0UcBEM/iO26yfwXm7Ye0VO0Nu3vBl1yzqa
zYPchKqZkwxBtL38NFgb+jd2f8E2DQmT53iZ7ztIvwbdgCJGRoKB1gZsBfzQ572N
eEEZeY8v/tvxV4fwEMmqvvFmZqT6e8Jizj0qnQIUFTqK8Yped9CQMEkbZyC/ooU/
Q0JKmd1uH+RM0WNQJyMa8vhhG2nQyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFElO
qxlqSpWVTMGPFdDjruCM+xLlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOUU0MDEwNENCRDIxMUVGQkREMTExQTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO1MMA0GCSqGSIb3DQEBCwUA
A4IBAQAqM1LXjlbTt+A1SwQYkY8L5naU9OKQ+SQlamWjGLLkMqisJQWdoPHgvcz7
Ol9MDABZLmJiSsq2JAM8BCGpzbFYJtz304ERtlweZNhfU5wOqBMvTeMQiPTUczsJ
mbzHiJqgC3Jz/l5KX/Bg4/QGKOpLAun6tdEhBwsFF6v0jVrYC9L1kSom3j5+hLco
TG7G4hoGS6/lxjexid0ehMPthMXsushwDOHAQk7IcAiTr/J/ptGm43qYKuKQcw7U
RKOmx7eo4zy839yBD6aX8D/5DLvoTpGfcBZZvtWU7qQUDRcc3XqZXZOJNFV4dn0y
uvh0dYli2dzIbl91IkFKjr/un5dg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:02 2025 by rpki-client