Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4331AD6CD0E11EFA6F12E84762E951A.roa
File: B4331AD6CD0E11EFA6F12E84762E951A.roa (raw, json)
Hash identifier: l0jf3p4IOAZoitz6yaAK2T+cpjrNql+np/p9+oASthE=
Subject key identifier: 0E:2C:B9:A0:7B:5D:AF:2A:42:55:DF:D4:97:D6:21:8F:CD:BF:64:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCDF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4331AD6CD0E11EFA6F12E84762E951A.roa
Signing time: Tue 07 Jan 2025 15:47:31 +0000
ROA not before: Tue 07 Jan 2025 15:47:27 +0000
ROA not after: Mon 13 Dec 2027 15:47:27 +0000
asID: 17561
IP address blocks: 156.239.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64735 (0xfcdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:47:27 2025 GMT
Not After : Dec 13 15:47:27 2027 GMT
Subject: CN=677d4c93-a014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d7:a8:df:d3:d0:0d:1f:68:7b:7f:1f:9d:04:
c0:6a:3c:05:b1:a6:86:3c:1d:16:f4:28:12:2d:a4:
24:60:c0:14:16:f0:cc:c6:93:15:38:46:4b:9a:be:
0c:9a:93:03:27:de:7f:07:7e:d7:bd:a6:c0:b8:b0:
87:e4:78:4f:ee:fe:84:40:23:7a:87:4a:12:fe:4e:
f7:20:8b:f1:a2:fb:f7:94:22:7e:1a:ac:d4:1b:62:
12:60:ae:9a:94:da:4c:8d:da:1e:46:94:f1:9a:4d:
64:66:86:e2:29:37:8a:16:85:76:3c:80:04:ec:de:
d8:c2:85:dc:fa:a4:2b:d2:9f:fc:6e:d9:9d:4a:ae:
1f:0f:73:d2:36:77:39:f8:37:75:b8:f0:21:a5:52:
43:d1:7f:1e:9e:44:91:ad:eb:b0:7b:8e:d5:4a:48:
c6:79:a4:0a:46:4e:cb:d2:71:69:4e:68:b9:36:80:
3b:b2:f7:69:a2:54:3c:50:35:f9:8f:91:71:40:ea:
a3:b2:b6:31:69:0d:78:42:28:8e:a9:7d:07:e0:f4:
d4:86:12:5f:09:d6:2e:67:52:a3:70:33:96:79:23:
9b:6f:63:59:ee:b5:fd:22:1c:40:9d:de:e0:86:ab:
84:c1:f3:94:f4:bc:03:38:5b:08:dc:28:c5:06:82:
c6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2C:B9:A0:7B:5D:AF:2A:42:55:DF:D4:97:D6:21:8F:CD:BF:64:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4331AD6CD0E11EFA6F12E84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.146.0/24
Signature Algorithm: sha256WithRSAEncryption
96:97:9c:f4:93:e4:13:04:1c:58:10:62:2f:20:ad:6b:4a:4c:
c5:18:a0:47:4e:6a:d4:a7:e9:08:42:71:f5:21:41:07:88:3c:
0c:df:c3:58:dc:7a:d5:68:42:5f:9c:db:31:db:41:45:c8:a8:
87:4d:94:c5:e3:ac:d3:b6:9b:ab:cd:5f:21:d9:c5:bc:11:52:
0c:4d:0d:e6:3d:40:00:75:f9:86:72:e0:a7:94:b0:21:81:28:
50:7b:33:09:9d:19:b5:c6:56:69:7f:31:21:44:91:e1:d0:3a:
c0:1f:33:b9:cd:9d:92:25:cd:0b:f0:00:26:62:82:0a:d4:66:
78:58:11:ac:9b:3d:3a:3d:3f:c5:a5:b2:7b:e7:3a:da:33:bc:
2f:9d:42:42:a0:19:35:79:01:39:95:a1:a1:d0:09:ef:f4:68:
74:05:27:77:a4:6d:b7:19:a0:f1:18:8c:63:e2:88:18:0d:43:
4e:76:79:7c:05:e7:4f:be:aa:75:b1:47:5b:53:95:d6:65:f5:
9d:23:15:aa:29:53:eb:fe:da:fb:9f:01:8a:3e:51:91:47:47:
e5:f4:07:c1:83:98:19:31:09:2b:37:a1:e0:d4:58:81:0f:10:
31:ff:d9:c1:a8:88:20:20:22:17:94:5e:9d:d7:60:1a:41:a5:
ce:d5:b9:74
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPzfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTU0NzI3WhcNMjcxMjEzMTU0NzI3WjAYMRYw
FAYDVQQDEw02NzdkNGM5My1hMDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA49eo39PQDR9oe38fnQTAajwFsaaGPB0W9CgSLaQkYMAUFvDMxpMVOEZL
mr4MmpMDJ95/B37XvabAuLCH5HhP7v6EQCN6h0oS/k73IIvxovv3lCJ+GqzUG2IS
YK6alNpMjdoeRpTxmk1kZobiKTeKFoV2PIAE7N7YwoXc+qQr0p/8btmdSq4fD3PS
Nnc5+Dd1uPAhpVJD0X8enkSRreuwe47VSkjGeaQKRk7L0nFpTmi5NoA7svdpolQ8
UDX5j5FxQOqjsrYxaQ14QiiOqX0H4PTUhhJfCdYuZ1KjcDOWeSObb2NZ7rX9IhxA
nd7ghquEwfOU9LwDOFsI3CjFBoLGkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA4s
uaB7Xa8qQlXf1JfWIY/Nv2T/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNDMzMUFENkNEMEUxMUVGQTZGMTJFODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+SMA0GCSqGSIb3DQEBCwUA
A4IBAQCWl5z0k+QTBBxYEGIvIK1rSkzFGKBHTmrUp+kIQnH1IUEHiDwM38NY3HrV
aEJfnNsx20FFyKiHTZTF46zTtpurzV8h2cW8EVIMTQ3mPUAAdfmGcuCnlLAhgShQ
ezMJnRm1xlZpfzEhRJHh0DrAHzO5zZ2SJc0L8AAmYoIK1GZ4WBGsmz06PT/FpbJ7
5zraM7wvnUJCoBk1eQE5laGh0Anv9Gh0BSd3pG23GaDxGIxj4ogYDUNOdnl8BedP
vqp1sUdbU5XWZfWdIxWqKVPr/tr7nwGKPlGRR0fl9AfBg5gZMQkrN6Hg1FiBDxAx
/9nBqIggICIXlF6d12AaQaXO1bl0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:52 2025 by rpki-client