Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB30A7ACCD4311EF84A42C53762E951A.roa
File: AB30A7ACCD4311EF84A42C53762E951A.roa (raw, json)
Hash identifier: nTIIGtHTLrxK1Nd6acvAwX84eFDphm3nqRb3+TsFDw4=
Subject key identifier: C5:55:26:9B:1C:26:6F:DA:31:2B:BA:C7:56:BF:2F:7C:5C:E1:30:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE85
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB30A7ACCD4311EF84A42C53762E951A.roa
Signing time: Tue 07 Jan 2025 22:06:39 +0000
ROA not before: Tue 07 Jan 2025 22:06:35 +0000
ROA not after: Sat 13 Dec 2025 22:06:35 +0000
asID: 984
IP address blocks: 156.243.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65157 (0xfe85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:06:35 2025 GMT
Not After : Dec 13 22:06:35 2025 GMT
Subject: CN=677da56f-3198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6c:ab:a8:0d:e5:c7:d3:b2:82:05:44:a7:0c:
46:01:24:c6:68:51:14:cf:69:31:47:e9:df:9b:df:
8f:b7:d0:8e:c4:d3:47:ce:bb:88:92:6b:66:09:ae:
34:26:fe:88:e2:53:2e:06:3e:a1:b7:5b:3c:04:4f:
f9:38:d7:92:a4:44:c2:39:99:7d:f6:c6:35:0b:aa:
e3:4e:f2:aa:89:90:e3:2f:d3:25:47:88:a5:fc:82:
52:2c:40:15:ed:4b:07:1b:73:4a:dd:af:e4:2b:90:
26:8c:48:b5:50:f4:55:c4:53:e1:ae:e3:07:1a:63:
c0:ee:08:3e:65:d2:21:1d:fe:1f:7c:6a:e6:b6:84:
38:cf:dd:6e:97:3b:d9:2b:80:c4:b0:bc:ff:09:c0:
e0:31:f0:28:b5:1c:a9:46:04:d8:f6:d2:90:d0:01:
65:4b:76:21:cd:47:04:65:b2:b6:34:e5:fc:6b:6c:
ad:37:0a:53:33:7c:1d:b4:b5:9c:a4:40:f0:70:a3:
cf:e5:1a:b0:eb:96:6d:fe:fe:61:e7:4e:3f:87:41:
0e:ef:d5:01:47:f0:9a:fe:ff:28:fb:8d:8f:25:97:
03:4f:fd:f9:04:0a:15:33:eb:83:cb:81:de:44:f1:
27:2f:49:9a:07:43:01:36:9c:2b:c2:e3:d3:97:b6:
2a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:55:26:9B:1C:26:6F:DA:31:2B:BA:C7:56:BF:2F:7C:5C:E1:30:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB30A7ACCD4311EF84A42C53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.109.0/24
Signature Algorithm: sha256WithRSAEncryption
43:44:9d:ea:99:6f:d3:65:1d:01:fe:89:86:5d:0d:fa:25:fd:
69:74:eb:e7:36:2e:d9:85:59:cf:7a:df:32:ad:0e:9c:ea:c9:
d4:7e:ef:bd:ed:60:87:29:8e:e5:ac:f1:2f:3f:ba:6e:78:f8:
b3:13:91:e0:62:88:5c:07:67:c8:53:6f:9a:1a:ab:b5:b8:e4:
31:80:7a:e5:89:03:e0:4b:2b:ba:46:c1:4e:eb:8a:a0:45:0a:
b8:fb:d2:7b:06:34:6b:d9:ce:64:4e:5a:00:07:5e:8f:15:85:
91:92:8b:00:97:05:ec:0c:ba:60:78:8c:31:c2:5e:ec:e3:7b:
ae:c9:0e:28:d9:11:f3:ee:54:f0:c6:ef:75:97:ae:34:20:f3:
9b:2e:70:24:dd:b0:09:60:c0:3b:bd:1c:e8:6a:2f:a0:d0:f2:
b9:a4:35:bf:df:36:d5:94:f7:81:3d:b8:8d:15:b1:81:3c:4a:
36:1a:60:f4:d1:89:54:1e:58:d3:4b:6c:68:8e:16:84:2b:d3:
92:dc:f5:4e:83:b8:c1:43:ee:6b:7a:5c:9a:83:ce:e7:18:1f:
9b:aa:87:74:2b:b0:e8:79:19:37:c9:08:5d:b9:60:0e:cc:1e:
0c:32:f7:21:b7:55:28:b1:74:50:a6:92:54:4f:a5:3e:31:22:
c7:89:93:96
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjIwNjM1WhcNMjUxMjEzMjIwNjM1WjAYMRYw
FAYDVQQDEw02NzdkYTU2Zi0zMTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAymyrqA3lx9OyggVEpwxGASTGaFEUz2kxR+nfm9+Pt9COxNNHzruIkmtm
Ca40Jv6I4lMuBj6ht1s8BE/5ONeSpETCOZl99sY1C6rjTvKqiZDjL9MlR4il/IJS
LEAV7UsHG3NK3a/kK5AmjEi1UPRVxFPhruMHGmPA7gg+ZdIhHf4ffGrmtoQ4z91u
lzvZK4DEsLz/CcDgMfAotRypRgTY9tKQ0AFlS3YhzUcEZbK2NOX8a2ytNwpTM3wd
tLWcpEDwcKPP5Rqw65Zt/v5h504/h0EO79UBR/Ca/v8o+42PJZcDT/35BAoVM+uD
y4HeRPEnL0maB0MBNpwrwuPTl7YqmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMVV
JpscJm/aMSu6x1a/L3xc4TD+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjMwQTdBQ0NENDMxMUVGODRBNDJDNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNtMA0GCSqGSIb3DQEBCwUA
A4IBAQBDRJ3qmW/TZR0B/omGXQ36Jf1pdOvnNi7ZhVnPet8yrQ6c6snUfu+97WCH
KY7lrPEvP7puePizE5HgYohcB2fIU2+aGqu1uOQxgHrliQPgSyu6RsFO64qgRQq4
+9J7BjRr2c5kTloAB16PFYWRkosAlwXsDLpgeIwxwl7s43uuyQ4o2RHz7lTwxu91
l640IPObLnAk3bAJYMA7vRzoai+g0PK5pDW/3zbVlPeBPbiNFbGBPEo2GmD00YlU
HljTS2xojhaEK9OS3PVOg7jBQ+5relyag87nGB+bqod0K7DoeRk3yQhduWAOzB4M
Mvcht1UosXRQppJUT6U+MSLHiZOW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:37 2025 by rpki-client