Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB6569BCC98B11EFB670BF44762E951A.roa
File: AB6569BCC98B11EFB670BF44762E951A.roa (raw, json)
Hash identifier: /jeoTmg67bGFQHsp6p5CHWJfNaFw3/iGZ7YoQFHukPk=
Subject key identifier: 35:F8:D2:55:2E:49:9F:C1:A6:20:B8:8F:9E:CD:B8:F5:76:C1:5F:15
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5B3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB6569BCC98B11EFB670BF44762E951A.roa
Signing time: Fri 03 Jan 2025 04:31:59 +0000
ROA not before: Fri 03 Jan 2025 04:31:55 +0000
ROA not after: Sat 13 Dec 2025 04:31:55 +0000
asID: 984
IP address blocks: 156.233.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62899 (0xf5b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:31:55 2025 GMT
Not After : Dec 13 04:31:55 2025 GMT
Subject: CN=6777683e-8c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:26:e1:51:16:ba:9a:8e:dc:e1:3f:bd:5f:03:
3c:2f:dd:fe:47:f0:59:63:7a:66:18:cf:2a:06:9e:
7b:3e:94:d2:47:fe:73:51:05:42:0a:72:fd:76:0e:
d8:67:b3:0b:07:30:62:59:ae:43:39:a9:a8:f9:5b:
e6:14:87:27:41:d8:12:c4:21:b9:8f:a5:58:57:4d:
c3:9e:04:cd:53:e4:0e:5c:36:e3:96:3c:59:01:3d:
8b:4e:89:58:10:5f:6c:f3:06:66:6e:41:ed:25:1e:
52:92:c9:ac:6b:17:67:33:7a:95:c2:03:d1:ab:cd:
70:b3:fa:20:e1:8a:d1:fe:7c:a5:1d:c4:cf:38:ae:
a5:cd:1e:2b:b6:db:23:4c:ad:f3:09:ef:9b:84:ae:
dd:56:b8:9c:12:5b:13:da:43:3d:a6:86:8b:1e:de:
70:d3:46:48:d4:d9:3b:97:cc:76:83:da:14:4d:09:
17:f5:5b:8e:57:21:ed:cd:b3:82:3f:cc:ab:ce:cc:
de:c7:cd:e2:d3:25:0b:64:0d:8e:37:b6:d9:fa:25:
d0:5d:69:42:82:2d:e5:06:7d:7b:a6:c8:0d:89:d6:
24:5d:c6:02:e8:e1:82:43:47:f2:9a:eb:c9:aa:69:
70:1d:53:b8:26:da:fe:b3:40:c9:35:1b:9e:6e:b9:
c4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F8:D2:55:2E:49:9F:C1:A6:20:B8:8F:9E:CD:B8:F5:76:C1:5F:15
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB6569BCC98B11EFB670BF44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.44.0/24
Signature Algorithm: sha256WithRSAEncryption
85:da:08:3b:2b:c1:ad:67:5c:a0:28:36:c5:39:ae:92:25:15:
2e:94:af:0c:f5:eb:7f:fa:00:71:5e:be:6b:12:f1:1a:72:78:
d1:a3:fe:f1:f3:d9:dd:1e:37:37:37:9b:d1:e9:76:d0:ea:f3:
db:c8:e7:c7:3c:9c:ea:c1:72:fe:79:b3:7b:11:24:4d:48:77:
75:6c:50:9c:d7:78:b0:13:85:dd:f0:40:3c:4f:21:b8:84:61:
be:5c:2b:8c:8f:f4:9e:4d:b7:f9:60:61:a6:e3:c8:9c:d7:f2:
3b:f4:e4:5d:e3:52:50:7b:4b:56:19:38:a5:7e:cf:8c:16:25:
41:b1:7c:1d:26:9d:e2:b9:a8:f9:ea:3b:65:ec:07:e6:e0:9b:
9b:50:eb:7e:d2:2f:25:43:0f:a9:66:3f:7c:bf:9b:e6:9c:f4:
aa:07:d6:38:e5:c3:d0:c0:7e:7c:4a:da:62:46:1a:7c:b1:99:
da:c1:47:22:c0:82:b0:2f:3f:07:87:e3:37:99:38:8c:ec:6f:
da:a4:08:f6:54:6d:a0:8b:15:0d:60:fa:e6:56:bf:19:ff:9f:
5a:23:ab:41:52:65:76:f3:bf:94:06:e6:c5:24:c4:ae:b9:8c:
2d:19:b7:23:9c:a8:b1:40:2a:89:5c:46:70:df:b5:85:cf:5c:
ac:e4:ae:b7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQzMTU1WhcNMjUxMjEzMDQzMTU1WjAYMRYw
FAYDVQQDEw02Nzc3NjgzZS04YzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuCbhURa6mo7c4T+9XwM8L93+R/BZY3pmGM8qBp57PpTSR/5zUQVCCnL9
dg7YZ7MLBzBiWa5DOamo+VvmFIcnQdgSxCG5j6VYV03DngTNU+QOXDbjljxZAT2L
TolYEF9s8wZmbkHtJR5SksmsaxdnM3qVwgPRq81ws/og4YrR/nylHcTPOK6lzR4r
ttsjTK3zCe+bhK7dVricElsT2kM9poaLHt5w00ZI1Nk7l8x2g9oUTQkX9VuOVyHt
zbOCP8yrzszex83i0yULZA2ON7bZ+iXQXWlCgi3lBn17psgNidYkXcYC6OGCQ0fy
muvJqmlwHVO4Jtr+s0DJNRuebrnE8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDX4
0lUuSZ/BpiC4j57NuPV2wV8VMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjY1NjlCQ0M5OEIxMUVGQjY3MEJGNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOksMA0GCSqGSIb3DQEBCwUA
A4IBAQCF2gg7K8GtZ1ygKDbFOa6SJRUulK8M9et/+gBxXr5rEvEacnjRo/7x89nd
Hjc3N5vR6XbQ6vPbyOfHPJzqwXL+ebN7ESRNSHd1bFCc13iwE4Xd8EA8TyG4hGG+
XCuMj/SeTbf5YGGm48ic1/I79ORd41JQe0tWGTilfs+MFiVBsXwdJp3iuaj56jtl
7Afm4JubUOt+0i8lQw+pZj98v5vmnPSqB9Y45cPQwH58StpiRhp8sZnawUciwIKw
Lz8Hh+M3mTiM7G/apAj2VG2gixUNYPrmVr8Z/59aI6tBUmV287+UBubFJMSuuYwt
GbcjnKixQCqJXEZw37WFz1ys5K63
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:13 2025 by rpki-client