Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB61BB90CD2E11EFA6E23E4F762E951A.roa
File: AB61BB90CD2E11EFA6E23E4F762E951A.roa (raw, json)
Hash identifier: +5GOw6nsdFVqb6fLU7tUpB+aL2ewZ5Lq6L5FeVUhF0I=
Subject key identifier: 24:94:A0:FF:63:43:4C:26:73:2D:1E:0E:6B:4D:DF:72:E1:A0:CA:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDDF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB61BB90CD2E11EFA6E23E4F762E951A.roa
Signing time: Tue 07 Jan 2025 19:36:20 +0000
ROA not before: Tue 07 Jan 2025 19:36:16 +0000
ROA not after: Sat 13 Dec 2025 19:36:16 +0000
asID: 984
IP address blocks: 156.241.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64991 (0xfddf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:36:16 2025 GMT
Not After : Dec 13 19:36:16 2025 GMT
Subject: CN=677d8234-45c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:9e:e0:eb:4e:b1:d6:92:d5:ba:97:0e:d8:
b2:8f:db:86:80:33:85:34:01:65:75:93:d8:43:46:
0e:7b:51:1f:3c:90:a7:fd:0d:23:8a:78:0c:ba:00:
5e:7a:09:a9:b4:ee:3a:c8:93:13:66:a9:ec:e1:dd:
2f:34:ba:8c:e5:c6:6b:3a:38:7f:93:b1:b5:b9:5b:
e7:7c:53:6b:c4:04:b5:79:08:7a:d3:ae:0e:bb:cf:
b2:da:7d:80:94:5a:f0:50:81:10:76:a7:21:8e:32:
ab:8e:7e:a3:ef:c5:57:f8:6c:c2:41:04:14:89:62:
81:68:44:d3:22:89:3e:38:cb:bc:fb:4d:09:90:94:
9f:d9:21:b8:9c:55:cf:f0:4d:9f:80:6c:e3:df:2e:
38:d3:af:25:81:4e:47:d3:df:d7:c5:22:11:06:d2:
16:70:a7:85:ff:3e:be:fb:f3:7c:d2:7c:e0:82:9e:
da:46:53:a7:dd:10:45:72:f6:e8:14:53:64:4e:ef:
74:e6:43:92:87:18:0f:2e:d5:dc:46:b6:f9:46:67:
30:21:0a:3e:3c:7b:b6:fd:f4:3f:22:e4:86:34:f8:
b2:1f:26:22:5e:21:04:c8:4c:84:94:f4:b4:c5:da:
a5:75:15:ce:73:90:f3:c0:e6:13:04:06:16:20:85:
75:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:94:A0:FF:63:43:4C:26:73:2D:1E:0E:6B:4D:DF:72:E1:A0:CA:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB61BB90CD2E11EFA6E23E4F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.254.0/24
Signature Algorithm: sha256WithRSAEncryption
70:4a:d0:8f:62:b1:39:a9:b4:59:1c:a2:f1:23:8a:a2:e5:57:
2b:3e:8c:74:d1:00:b0:00:65:6d:48:88:16:a8:4f:f3:c6:04:
d8:7f:31:06:93:f9:d2:2d:78:e5:02:06:ff:a2:62:73:02:21:
be:b2:98:33:d0:bb:f9:ea:b0:23:f4:93:48:fc:10:83:32:89:
84:f7:0a:0e:15:f6:fd:f4:9b:19:9f:95:e2:6a:c8:8f:44:9c:
f2:22:ac:72:ff:cf:18:89:0d:5c:49:8f:d5:ee:92:d3:b5:c2:
e4:fb:7f:22:3f:c9:ce:09:91:57:bc:e2:44:fe:81:24:1b:0f:
a9:95:ce:50:1c:f8:31:c6:30:7e:29:37:19:e8:87:35:7f:ec:
96:dc:64:c3:0f:d3:a0:aa:25:50:21:f3:2e:2f:be:89:62:b7:
9a:a2:90:8f:8d:14:a2:6d:b1:31:14:49:06:e0:8a:5b:46:a8:
51:f0:33:d0:b4:2a:a9:2d:46:0c:20:7a:c0:3e:db:3d:e0:40:
8e:d7:86:ee:c9:0c:ce:a2:0e:df:12:42:7f:06:58:2c:aa:c1:
3c:ba:40:b2:d1:44:00:69:50:af:49:37:28:94:d5:e5:5c:dd:
8c:45:3e:a1:fe:59:80:58:09:6f:dc:bd:e2:31:94:fa:70:f8:
11:15:b5:9a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP3fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTkzNjE2WhcNMjUxMjEzMTkzNjE2WjAYMRYw
FAYDVQQDEw02NzdkODIzNC00NWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuVue4OtOsdaS1bqXDtiyj9uGgDOFNAFldZPYQ0YOe1EfPJCn/Q0jingM
ugBeegmptO46yJMTZqns4d0vNLqM5cZrOjh/k7G1uVvnfFNrxAS1eQh6064Ou8+y
2n2AlFrwUIEQdqchjjKrjn6j78VX+GzCQQQUiWKBaETTIok+OMu8+00JkJSf2SG4
nFXP8E2fgGzj3y44068lgU5H09/XxSIRBtIWcKeF/z6++/N80nzggp7aRlOn3RBF
cvboFFNkTu905kOShxgPLtXcRrb5RmcwIQo+PHu2/fQ/IuSGNPiyHyYiXiEEyEyE
lPS0xdqldRXOc5DzwOYTBAYWIIV1XwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCSU
oP9jQ0wmcy0eDmtN33LhoMpdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjYxQkI5MENEMkUxMUVGQTZFMjNFNEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPH+MA0GCSqGSIb3DQEBCwUA
A4IBAQBwStCPYrE5qbRZHKLxI4qi5VcrPox00QCwAGVtSIgWqE/zxgTYfzEGk/nS
LXjlAgb/omJzAiG+spgz0Lv56rAj9JNI/BCDMomE9woOFfb99JsZn5XiasiPRJzy
Iqxy/88YiQ1cSY/V7pLTtcLk+38iP8nOCZFXvOJE/oEkGw+plc5QHPgxxjB+KTcZ
6Ic1f+yW3GTDD9OgqiVQIfMuL76JYreaopCPjRSibbExFEkG4IpbRqhR8DPQtCqp
LUYMIHrAPts94ECO14buyQzOog7fEkJ/BlgsqsE8ukCy0UQAaVCvSTcolNXlXN2M
RT6h/lmAWAlv3L3iMZT6cPgRFbWa
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:29 2025 by rpki-client