Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B281F7EECCD611EFA0AF8BA4762E951A.roa
File: B281F7EECCD611EFA0AF8BA4762E951A.roa (raw, json)
Hash identifier: DIJiV/YMKQO4S0Ntk3C7xzcwSh3BI18WuK3cB92VU+U=
Subject key identifier: 69:FF:22:FC:E9:84:7A:2E:0C:56:38:68:0D:4F:56:C2:C5:A4:A8:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB0F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B281F7EECCD611EFA0AF8BA4762E951A.roa
Signing time: Tue 07 Jan 2025 09:06:36 +0000
ROA not before: Tue 07 Jan 2025 09:06:32 +0000
ROA not after: Sat 13 Dec 2025 09:06:32 +0000
asID: 984
IP address blocks: 156.233.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64271 (0xfb0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:06:32 2025 GMT
Not After : Dec 13 09:06:32 2025 GMT
Subject: CN=677cee9c-ca03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b6:b3:50:f7:e1:13:5f:c7:60:3d:63:a5:f9:
61:a7:37:c1:22:1e:44:e9:6c:ed:53:ef:41:b9:94:
d7:63:4e:25:2b:75:25:72:1a:3b:0f:02:1b:db:1c:
fe:6e:eb:21:c8:e2:c3:ac:86:8e:58:d7:50:e4:7e:
9d:30:0f:f6:bb:ac:d7:0c:80:a5:47:78:e5:41:20:
6c:12:e3:1e:79:fb:cc:1b:f6:ae:07:7e:10:be:e0:
81:06:88:ba:0b:db:58:51:68:7c:23:34:e5:96:bb:
b9:57:af:eb:4f:e6:d7:10:91:50:f8:83:2b:40:36:
fc:53:32:62:b6:cb:a8:69:c3:02:13:6a:9e:51:5e:
f1:1a:02:aa:2e:2f:d5:24:ec:ce:28:28:97:38:4c:
7e:6b:0b:bd:68:e2:84:f0:84:fe:7b:75:bc:92:a7:
d6:fc:47:67:88:cf:3f:f3:dc:ed:21:5c:2a:16:fa:
56:c8:71:c4:1d:48:72:e4:18:47:fd:0d:0d:2b:c8:
51:cc:59:60:a2:25:b0:ed:df:95:56:f4:32:b9:d2:
d3:3e:df:24:2a:54:68:e1:cb:18:a0:be:33:f9:10:
8b:63:0b:32:3a:33:fc:57:97:3c:07:32:bd:62:25:
9d:66:8d:73:b1:b3:1b:ee:68:90:c8:ad:43:dd:9d:
9b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FF:22:FC:E9:84:7A:2E:0C:56:38:68:0D:4F:56:C2:C5:A4:A8:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B281F7EECCD611EFA0AF8BA4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.178.0/24
Signature Algorithm: sha256WithRSAEncryption
01:b6:91:47:9d:fa:5e:81:7f:32:3d:e1:a3:da:d3:4d:80:63:
b2:44:19:d4:b3:54:55:22:f8:ac:13:c1:05:5a:61:6f:4d:69:
c1:5b:fa:1b:7f:ee:1b:66:e3:3d:9e:2e:4e:8c:67:c6:39:85:
4f:4e:f2:ef:b7:83:21:6d:82:e9:81:b7:f8:44:bd:16:30:d2:
e0:46:d9:63:cb:09:14:10:9e:36:5d:1e:d7:7d:62:c0:a8:d4:
10:5d:8c:de:f9:f1:a4:33:f9:4c:0b:bd:78:a0:5d:ab:27:4d:
21:5e:04:ba:01:f1:f3:ef:38:44:56:f9:c6:00:7a:6e:25:bf:
0b:99:9c:4d:29:5d:5f:00:02:74:42:4e:e2:5c:37:5b:a6:27:
7d:78:4a:0f:84:08:65:3f:c8:91:bc:56:59:8b:2d:00:b1:64:
31:a1:b8:3a:56:66:d2:07:fb:4a:cb:af:f1:63:0f:ea:6a:c2:
96:27:3e:ea:ea:5a:04:ae:c4:4b:6f:9c:50:b1:d5:c6:be:0d:
9f:51:07:46:f3:bf:80:3d:23:28:bf:49:e3:e2:a4:a6:fc:95:
79:b0:83:dd:36:bf:35:29:61:f3:c9:b7:38:c6:da:39:19:b3:
f2:70:b3:13:46:ae:f2:50:45:90:b6:91:38:46:a0:9c:b1:d1:
74:ee:23:38
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPsPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkwNjMyWhcNMjUxMjEzMDkwNjMyWjAYMRYw
FAYDVQQDEw02NzdjZWU5Yy1jYTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA87azUPfhE1/HYD1jpflhpzfBIh5E6WztU+9BuZTXY04lK3Ulcho7DwIb
2xz+bushyOLDrIaOWNdQ5H6dMA/2u6zXDIClR3jlQSBsEuMeefvMG/auB34QvuCB
Boi6C9tYUWh8IzTllru5V6/rT+bXEJFQ+IMrQDb8UzJitsuoacMCE2qeUV7xGgKq
Li/VJOzOKCiXOEx+awu9aOKE8IT+e3W8kqfW/EdniM8/89ztIVwqFvpWyHHEHUhy
5BhH/Q0NK8hRzFlgoiWw7d+VVvQyudLTPt8kKlRo4csYoL4z+RCLYwsyOjP8V5c8
BzK9YiWdZo1zsbMb7miQyK1D3Z2bDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGn/
IvzphHouDFY4aA1PVsLFpKg7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMjgxRjdFRUNDRDYxMUVGQTBBRjhCQTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmyMA0GCSqGSIb3DQEBCwUA
A4IBAQABtpFHnfpegX8yPeGj2tNNgGOyRBnUs1RVIvisE8EFWmFvTWnBW/obf+4b
ZuM9ni5OjGfGOYVPTvLvt4MhbYLpgbf4RL0WMNLgRtljywkUEJ42XR7XfWLAqNQQ
XYze+fGkM/lMC714oF2rJ00hXgS6AfHz7zhEVvnGAHpuJb8LmZxNKV1fAAJ0Qk7i
XDdbpid9eEoPhAhlP8iRvFZZiy0AsWQxobg6VmbSB/tKy6/xYw/qasKWJz7q6loE
rsRLb5xQsdXGvg2fUQdG87+APSMov0nj4qSm/JV5sIPdNr81KWHzybc4xto5GbPy
cLMTRq7yUEWQtpE4RqCcsdF07iM4
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:29 2025 by rpki-client