Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE39B594C94F11EFB81284B2762E951A.roa
File: AE39B594C94F11EFB81284B2762E951A.roa (raw, json)
Hash identifier: Z+IGJWO1vJPjUaBiK2Jj9NmFvLkeu5jLSE2cHrxP8r4=
Subject key identifier: D8:F7:CA:E9:36:26:62:8A:1C:F4:EB:3A:4D:25:E1:34:8B:A6:2A:DB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE39B594C94F11EFB81284B2762E951A.roa
Signing time: Thu 02 Jan 2025 21:22:33 +0000
ROA not before: Thu 02 Jan 2025 21:22:30 +0000
ROA not after: Sat 13 Dec 2025 21:22:30 +0000
asID: 984
IP address blocks: 156.225.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62394 (0xf3ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:22:30 2025 GMT
Not After : Dec 13 21:22:30 2025 GMT
Subject: CN=67770399-1e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c1:1b:2b:39:2b:67:c1:d0:72:b8:38:2a:e3:
5f:f5:20:c2:de:d0:28:54:7a:e7:17:89:48:74:1f:
65:1e:6b:45:7c:d0:1c:25:f1:e5:59:37:9d:54:17:
7e:b4:e5:94:91:4d:87:63:70:61:c4:3b:2e:1a:1e:
80:ca:3c:a9:ca:33:a4:59:06:8d:23:39:ed:d5:2a:
84:66:31:33:e0:d9:10:c4:7d:c4:6d:af:16:63:78:
a2:06:a1:ef:7c:3a:6d:e3:da:62:e6:2b:01:5b:5d:
6c:6b:2e:8c:21:84:4c:4b:a6:80:ce:53:10:96:73:
d9:4a:c1:0f:95:43:11:db:02:24:b7:3a:6c:41:ab:
e1:c3:5d:ff:a6:75:44:bc:f1:05:05:6a:80:2c:91:
b6:99:a5:a4:05:0b:53:5a:2b:0d:16:6a:e5:fc:4b:
eb:94:17:1d:d8:8f:53:8a:ea:10:5e:d0:eb:a7:01:
9b:66:a5:3c:30:2e:d1:3c:06:53:6b:38:58:70:9c:
f9:06:1e:2d:e9:48:04:8d:51:b1:38:a8:5c:be:3b:
58:5d:86:c6:27:c6:a4:84:c9:67:21:c6:3e:0a:ba:
a7:a1:31:59:60:e6:10:0f:21:16:9f:8c:74:20:b3:
53:e9:ba:71:ea:a2:fd:e0:8b:28:92:fe:d3:2c:b9:
08:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F7:CA:E9:36:26:62:8A:1C:F4:EB:3A:4D:25:E1:34:8B:A6:2A:DB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE39B594C94F11EFB81284B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.180.0/24
Signature Algorithm: sha256WithRSAEncryption
18:43:dd:57:d2:2d:bd:7f:14:9a:64:3a:a4:2b:2c:eb:33:6e:
40:9c:d9:d3:70:0b:eb:35:aa:e7:f1:72:d9:3d:4d:1e:f9:b0:
ed:73:e7:77:ae:01:4d:ed:c6:5d:9a:76:6a:6b:38:9d:52:b6:
b8:df:87:0c:5c:92:30:22:71:c3:d2:07:b1:41:d7:c9:72:3b:
66:0a:81:4f:59:8a:22:df:7b:75:cb:88:34:3e:86:f3:4f:f5:
fa:d1:56:68:82:87:c6:fd:29:70:fc:d3:d7:98:57:5a:ea:ea:
e2:39:b2:02:18:ba:ee:9d:ad:c7:02:5f:23:d5:3c:73:98:f0:
ce:ca:5a:57:a8:2b:36:81:ed:b2:97:a8:ca:30:7e:79:78:32:
8a:4e:da:16:22:a2:78:1a:04:18:63:65:e8:64:f3:fb:90:97:
d3:f0:d7:ad:93:10:2d:86:de:b7:b6:3d:d4:09:c3:fa:fd:6e:
fd:d4:fb:9b:67:a6:fe:e6:be:f1:13:b6:f5:bf:1e:f4:ef:16:
68:df:54:f2:db:49:8a:69:5c:8a:55:8d:a6:01:42:7f:f3:23:
f1:c4:e2:c4:14:81:0d:1c:a9:d2:96:3d:26:84:f3:e4:20:22:
9f:38:88:74:fa:19:21:68:9f:e3:57:4a:97:a2:3e:7c:89:00:
6d:3f:e6:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPO6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjEyMjMwWhcNMjUxMjEzMjEyMjMwWjAYMRYw
FAYDVQQDEw02Nzc3MDM5OS0xZTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtMEbKzkrZ8HQcrg4KuNf9SDC3tAoVHrnF4lIdB9lHmtFfNAcJfHlWTed
VBd+tOWUkU2HY3BhxDsuGh6AyjypyjOkWQaNIznt1SqEZjEz4NkQxH3Eba8WY3ii
BqHvfDpt49pi5isBW11say6MIYRMS6aAzlMQlnPZSsEPlUMR2wIktzpsQavhw13/
pnVEvPEFBWqALJG2maWkBQtTWisNFmrl/EvrlBcd2I9TiuoQXtDrpwGbZqU8MC7R
PAZTazhYcJz5Bh4t6UgEjVGxOKhcvjtYXYbGJ8akhMlnIcY+CrqnoTFZYOYQDyEW
n4x0ILNT6bpx6qL94Isokv7TLLkI7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNj3
yuk2JmKKHPTrOk0l4TSLpirbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRTM5QjU5NEM5NEYxMUVGQjgxMjg0QjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOG0MA0GCSqGSIb3DQEBCwUA
A4IBAQAYQ91X0i29fxSaZDqkKyzrM25AnNnTcAvrNarn8XLZPU0e+bDtc+d3rgFN
7cZdmnZqazidUra434cMXJIwInHD0gexQdfJcjtmCoFPWYoi33t1y4g0PobzT/X6
0VZogofG/Slw/NPXmFda6uriObICGLruna3HAl8j1TxzmPDOylpXqCs2ge2yl6jK
MH55eDKKTtoWIqJ4GgQYY2XoZPP7kJfT8NetkxAtht63tj3UCcP6/W791PubZ6b+
5r7xE7b1vx707xZo31Ty20mKaVyKVY2mAUJ/8yPxxOLEFIENHKnSlj0mhPPkICKf
OIh0+hkhaJ/jV0qXoj58iQBtP+a4
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:12 2025 by rpki-client