Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AC317F34D2EB11EFB022F343762E951A.roa
File: AC317F34D2EB11EFB022F343762E951A.roa (raw, json)
Hash identifier: vC2SwPPq/g0qutIEYLkwVfR0vO1OTGRw8qPc/z78C74=
Subject key identifier: 27:90:D9:44:09:69:E6:7D:31:44:2F:6B:3B:83:28:EB:77:31:DC:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01075B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AC317F34D2EB11EFB022F343762E951A.roa
Signing time: Wed 15 Jan 2025 02:51:52 +0000
ROA not before: Wed 15 Jan 2025 02:51:48 +0000
ROA not after: Sat 03 Jan 2026 02:51:48 +0000
asID: 984
IP address blocks: 156.232.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67419 (0x1075b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 02:51:48 2025 GMT
Not After : Jan 3 02:51:48 2026 GMT
Subject: CN=678722c8-9434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:58:5b:93:a3:f2:90:26:30:b7:08:b4:6e:c2:
a8:87:18:84:89:25:10:39:3c:f6:86:9b:4b:50:57:
b9:5f:ba:9e:ef:54:50:bf:89:14:e9:2e:6f:1e:93:
2f:7b:ba:14:24:d9:92:60:1b:56:31:d5:f5:b5:b1:
e0:f5:e7:53:bc:ab:63:ea:b2:ed:7c:6b:8f:1c:c0:
51:83:9b:1c:95:70:94:da:08:4c:db:86:11:c6:c9:
cf:3a:36:9c:bc:61:fc:50:20:a6:ae:0c:d7:11:dc:
dd:22:0a:e8:81:3e:09:69:d0:71:d1:27:1e:ad:74:
46:c4:e7:b0:8c:31:57:80:69:d8:e1:83:e7:7d:58:
d9:00:da:19:fb:3f:75:b6:7c:ad:8d:f3:b0:ac:5f:
5b:07:ca:9b:dc:8e:b6:56:dc:cf:70:2a:27:54:01:
86:81:ec:dc:c6:11:8e:15:b4:db:60:66:af:13:6c:
38:ea:9f:43:81:7f:9a:a0:9b:77:1f:a5:83:54:ed:
11:b4:2c:3b:24:bd:fe:a8:3d:29:35:b6:1f:e1:7e:
c0:c5:50:e4:c8:3c:e3:eb:e8:25:d8:97:ba:44:37:
74:bf:59:82:d3:a0:2b:85:a4:91:46:8d:ac:23:9f:
3e:6b:0a:cb:d0:b2:23:38:92:91:8f:51:6a:c5:12:
07:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:90:D9:44:09:69:E6:7D:31:44:2F:6B:3B:83:28:EB:77:31:DC:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AC317F34D2EB11EFB022F343762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.77.0/24
Signature Algorithm: sha256WithRSAEncryption
97:8d:d1:ff:bf:19:5c:f6:74:1f:5e:ac:25:74:c4:bd:74:a7:
1a:d8:69:9d:07:c9:01:5a:b7:59:fb:fb:23:a7:77:92:fd:dc:
5c:e0:31:05:35:09:e8:fa:59:f7:2f:08:09:f9:b1:34:9e:87:
5d:79:8f:2e:2b:42:4d:d2:f8:92:6b:11:e4:1b:dc:9f:f9:d7:
df:ec:f4:74:9d:df:83:3d:2e:4c:1f:5d:de:cd:24:5e:69:28:
78:2d:df:8f:a4:12:ca:93:a3:6f:77:b4:99:8a:5a:cc:09:6d:
9b:25:e1:64:74:bc:2a:0e:1a:2f:ea:7f:dc:cf:c9:6c:17:d8:
06:06:f0:d3:3b:fc:6b:ea:89:fd:2d:45:e1:25:98:c2:d5:b8:
15:39:39:84:e9:97:ec:7d:73:cf:a9:6d:e8:ef:5c:18:2d:28:
e7:08:b5:8e:4c:e5:d3:03:04:a3:0c:e0:0b:7f:6d:ab:8b:34:
25:bf:b6:ed:72:cf:1a:2f:7f:88:74:f2:94:a2:d8:a5:0a:dd:
c0:0a:f8:54:74:d2:21:9f:b6:bd:d2:d0:b9:bd:b2:cd:65:a2:
3e:a8:b1:09:12:3f:56:10:87:a4:af:fc:21:27:44:a1:c7:20:
7f:fd:7a:a2:1d:99:01:62:ed:e0:e1:2e:94:21:52:5c:78:43:
8b:a1:a1:19
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQdbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDI1MTQ4WhcNMjYwMTAzMDI1MTQ4WjAYMRYw
FAYDVQQDEw02Nzg3MjJjOC05NDM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvVhbk6PykCYwtwi0bsKohxiEiSUQOTz2hptLUFe5X7qe71RQv4kU6S5v
HpMve7oUJNmSYBtWMdX1tbHg9edTvKtj6rLtfGuPHMBRg5sclXCU2ghM24YRxsnP
OjacvGH8UCCmrgzXEdzdIgrogT4JadBx0ScerXRGxOewjDFXgGnY4YPnfVjZANoZ
+z91tnytjfOwrF9bB8qb3I62VtzPcConVAGGgezcxhGOFbTbYGavE2w46p9DgX+a
oJt3H6WDVO0RtCw7JL3+qD0pNbYf4X7AxVDkyDzj6+gl2Je6RDd0v1mC06ArhaSR
Ro2sI58+awrL0LIjOJKRj1FqxRIHaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCeQ
2UQJaeZ9MUQvazuDKOt3MdwzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQzMxN0YzNEQyRUIxMUVGQjAyMkYzNDM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhNMA0GCSqGSIb3DQEBCwUA
A4IBAQCXjdH/vxlc9nQfXqwldMS9dKca2GmdB8kBWrdZ+/sjp3eS/dxc4DEFNQno
+ln3LwgJ+bE0noddeY8uK0JN0viSaxHkG9yf+dff7PR0nd+DPS5MH13ezSReaSh4
Ld+PpBLKk6Nvd7SZilrMCW2bJeFkdLwqDhov6n/cz8lsF9gGBvDTO/xr6on9LUXh
JZjC1bgVOTmE6ZfsfXPPqW3o71wYLSjnCLWOTOXTAwSjDOALf22rizQlv7btcs8a
L3+IdPKUotilCt3ACvhUdNIhn7a90tC5vbLNZaI+qLEJEj9WEIekr/whJ0ShxyB/
/XqiHZkBYu3g4S6UIVJceEOLoaEZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:15 2025 by rpki-client