Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB86CAE8CDA111EF888C2AB8762E951A.roa
File: AB86CAE8CDA111EF888C2AB8762E951A.roa (raw, json)
Hash identifier: +HiXDpC3SoladWnBdhLjLM6WE6nMS8v9fNnvtTnomP0=
Subject key identifier: 58:9C:6F:79:DB:71:95:50:33:74:B0:1E:8D:34:00:76:49:42:16:E0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB86CAE8CDA111EF888C2AB8762E951A.roa
Signing time: Wed 08 Jan 2025 09:19:32 +0000
ROA not before: Wed 08 Jan 2025 09:19:29 +0000
ROA not after: Sat 13 Dec 2025 09:19:29 +0000
asID: 984
IP address blocks: 156.253.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65765 (0x100e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:19:29 2025 GMT
Not After : Dec 13 09:19:29 2025 GMT
Subject: CN=677e4324-4288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:2e:bb:88:ed:1c:5b:72:f2:b5:4e:01:fa:6a:
54:32:8e:71:f9:d8:56:2e:97:37:95:b6:72:80:67:
19:8b:03:ee:89:a1:b8:fd:d7:14:cd:8f:61:50:83:
cb:61:6e:ba:89:d5:75:9d:33:72:a1:d7:2b:13:86:
9d:b1:df:ea:8b:e5:96:43:da:a0:24:92:94:99:5c:
e1:0b:a4:20:d6:8f:80:b0:4c:e9:3f:40:31:37:3b:
53:cd:22:8c:2b:52:f2:eb:78:27:48:02:10:1e:78:
7e:06:f4:fd:ad:82:26:2c:86:08:dd:27:24:f0:09:
1a:e1:0b:bf:56:b5:7a:ce:f0:15:41:a5:66:d5:ad:
33:ce:2c:25:ec:c8:49:3c:d9:79:ae:97:dd:82:6f:
1b:7f:89:74:23:eb:1b:d8:a9:72:5f:5a:02:d0:17:
2a:83:90:67:23:57:ac:6f:40:44:e5:62:d7:ea:f0:
98:61:8c:45:63:0b:65:17:70:94:ef:da:bb:70:da:
a0:df:8f:86:e9:7b:a5:15:0f:11:5b:30:e8:f7:d7:
a1:df:1b:d3:b7:98:73:90:ea:21:54:3b:2a:c1:90:
d3:85:c0:00:cb:a2:10:c3:72:20:48:c9:2f:b0:90:
7d:88:90:5f:94:47:04:de:5e:b0:db:88:e1:23:b6:
02:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:9C:6F:79:DB:71:95:50:33:74:B0:1E:8D:34:00:76:49:42:16:E0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB86CAE8CDA111EF888C2AB8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.43.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:e3:87:f1:d9:b5:9f:02:cb:fc:ab:c0:3c:5a:d9:6e:23:eb:
80:fc:ad:ca:8d:1b:ea:d9:d1:d0:7b:0d:35:84:34:1b:b8:05:
0c:1d:ee:18:eb:fb:01:c5:ee:1e:f8:91:1b:1e:2d:1c:74:02:
be:e8:34:38:97:ed:e4:3b:bc:15:37:51:b9:f5:34:f5:b0:22:
16:37:87:94:f7:5f:93:b9:24:21:f5:91:a0:81:9e:08:6f:33:
c6:bd:f9:5e:8b:5a:11:5a:e8:1d:c7:a2:16:05:f2:44:22:0c:
b7:8a:82:ea:71:62:22:55:52:1b:e5:6c:61:f8:1d:41:db:86:
17:34:90:d1:0e:ce:f0:be:71:3b:31:fb:39:14:a1:f1:5b:4e:
96:a8:50:ce:43:3a:cd:e1:f6:36:42:53:f2:b1:01:4a:17:94:
d7:17:68:80:dc:13:10:83:a4:50:6a:aa:c5:21:0a:af:33:2c:
21:13:fa:6e:10:2e:88:00:f3:a7:cb:15:e8:be:32:6d:98:d6:
cf:b9:6d:53:64:ce:b9:25:25:d0:e1:39:65:9c:f7:88:9d:24:
24:47:0f:d0:42:4c:05:20:18:d7:75:6c:ae:92:75:60:24:2b:
21:b1:06:0d:8d:46:6e:4c:09:11:34:07:66:0d:fc:d6:9b:fa:
a5:9f:2f:5a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQDlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkxOTI5WhcNMjUxMjEzMDkxOTI5WjAYMRYw
FAYDVQQDEw02NzdlNDMyNC00Mjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5C67iO0cW3LytU4B+mpUMo5x+dhWLpc3lbZygGcZiwPuiaG4/dcUzY9h
UIPLYW66idV1nTNyodcrE4adsd/qi+WWQ9qgJJKUmVzhC6Qg1o+AsEzpP0AxNztT
zSKMK1Ly63gnSAIQHnh+BvT9rYImLIYI3Sck8Aka4Qu/VrV6zvAVQaVm1a0zziwl
7MhJPNl5rpfdgm8bf4l0I+sb2KlyX1oC0Bcqg5BnI1esb0BE5WLX6vCYYYxFYwtl
F3CU79q7cNqg34+G6XulFQ8RWzDo99eh3xvTt5hzkOohVDsqwZDThcAAy6IQw3Ig
SMkvsJB9iJBflEcE3l6w24jhI7YCZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFic
b3nbcZVQM3SwHo00AHZJQhbgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjg2Q0FFOENEQTExMUVGODg4QzJBQjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP0rMA0GCSqGSIb3DQEBCwUA
A4IBAQCf44fx2bWfAsv8q8A8WtluI+uA/K3KjRvq2dHQew01hDQbuAUMHe4Y6/sB
xe4e+JEbHi0cdAK+6DQ4l+3kO7wVN1G59TT1sCIWN4eU91+TuSQh9ZGggZ4IbzPG
vflei1oRWugdx6IWBfJEIgy3ioLqcWIiVVIb5Wxh+B1B24YXNJDRDs7wvnE7Mfs5
FKHxW06WqFDOQzrN4fY2QlPysQFKF5TXF2iA3BMQg6RQaqrFIQqvMywhE/puEC6I
APOnyxXovjJtmNbPuW1TZM65JSXQ4TllnPeInSQkRw/QQkwFIBjXdWyuknVgJCsh
sQYNjUZuTAkRNAdmDfzWm/qlny9a
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:28 2025 by rpki-client