Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4617A44CD4411EFA9027159762E951A.roa
File: B4617A44CD4411EFA9027159762E951A.roa (raw, json)
Hash identifier: vAKLcMrzGI8EyBtp2nNnkBl2GomkFEfrkUQtgYK+Z2w=
Subject key identifier: F9:AE:93:87:7A:EE:48:2D:D6:F4:0F:CB:6D:11:F3:0F:7C:85:C5:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE8D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4617A44CD4411EFA9027159762E951A.roa
Signing time: Tue 07 Jan 2025 22:14:04 +0000
ROA not before: Tue 07 Jan 2025 22:14:00 +0000
ROA not after: Sat 13 Dec 2025 22:14:00 +0000
asID: 984
IP address blocks: 156.243.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65165 (0xfe8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:14:00 2025 GMT
Not After : Dec 13 22:14:00 2025 GMT
Subject: CN=677da72c-83db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:42:c7:48:ea:dd:80:93:0f:e0:55:91:39:90:
08:dd:2a:cf:8d:ed:02:d0:46:d5:a9:51:ea:ca:72:
8f:59:22:ca:d9:9b:7a:39:37:f5:70:76:67:8a:6c:
e0:64:a7:11:c3:ac:81:e4:85:d1:2e:3d:6b:68:f4:
15:ed:1c:68:35:39:a3:58:27:35:45:fc:e0:f2:5a:
75:35:cd:0f:9e:19:7c:24:32:40:dc:bc:82:46:98:
17:2b:8b:45:0a:cf:a4:cd:b5:be:9c:95:e7:12:49:
c2:bb:a2:d9:7d:37:12:ca:d5:32:f5:ad:c6:7b:25:
1b:55:6f:ec:10:49:96:80:55:0c:01:f2:a3:94:4f:
6d:ee:37:5c:45:ab:35:bf:8e:e6:b6:71:fb:cb:17:
6f:81:ed:49:b3:5f:2a:97:4a:b7:3a:f0:16:e8:c9:
88:b3:86:63:67:b4:77:02:e7:fb:4c:c2:65:21:c8:
b5:d7:a8:89:d8:11:fb:7e:e9:6f:b7:5b:63:ff:7e:
fe:4f:5c:69:bd:de:71:14:7d:c1:48:80:40:9b:b3:
18:fb:1a:00:21:69:31:e7:5a:62:30:7d:21:4e:f5:
0d:5d:7d:da:b9:20:cd:d6:d5:4d:8d:f2:e5:86:56:
67:1c:1d:e6:43:2d:72:79:0f:2d:63:fa:12:2a:4b:
39:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AE:93:87:7A:EE:48:2D:D6:F4:0F:CB:6D:11:F3:0F:7C:85:C5:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4617A44CD4411EFA9027159762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.113.0/24
Signature Algorithm: sha256WithRSAEncryption
50:cf:e1:63:96:db:57:95:38:24:e6:2f:1f:54:b6:80:60:ef:
25:a4:e7:9c:98:15:44:76:29:4e:be:45:48:06:36:0a:84:4d:
93:40:82:b5:14:65:9b:7d:27:d7:09:b0:da:f7:cd:e5:ba:c7:
45:9b:66:55:b7:3b:1e:69:40:41:5a:31:4c:27:7e:b6:89:33:
40:84:61:95:81:92:3e:4e:58:ac:b3:ed:ef:e2:54:ae:6e:19:
e0:cf:38:ac:63:1c:3b:17:1d:ca:53:9b:21:e0:d0:15:41:c2:
73:f4:6b:cd:ac:f5:48:97:09:31:13:26:20:42:1e:74:f7:54:
4b:eb:3e:7c:40:2f:d1:07:61:36:bb:d1:9d:27:48:ad:b7:20:
d8:c4:17:ce:16:4d:33:de:03:0a:dd:6b:45:3d:02:4e:90:f4:
28:8a:a6:b2:3b:a9:cd:cd:ba:87:29:f4:fc:48:e3:50:87:eb:
5d:8c:89:eb:0a:b9:fa:93:ba:55:0c:37:82:72:b7:46:a8:4e:
50:7c:19:2d:63:a4:3f:5b:35:83:c3:99:f6:84:59:22:5b:da:
0b:91:3e:b2:31:86:6b:9c:c9:80:48:a5:75:fe:dd:69:10:94:
d5:b0:bc:19:69:78:df:65:cc:e3:ec:d8:75:a5:6d:a8:6e:9d:
72:12:a0:11
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjIxNDAwWhcNMjUxMjEzMjIxNDAwWjAYMRYw
FAYDVQQDEw02NzdkYTcyYy04M2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA00LHSOrdgJMP4FWROZAI3SrPje0C0EbVqVHqynKPWSLK2Zt6OTf1cHZn
imzgZKcRw6yB5IXRLj1raPQV7RxoNTmjWCc1Rfzg8lp1Nc0Pnhl8JDJA3LyCRpgX
K4tFCs+kzbW+nJXnEknCu6LZfTcSytUy9a3GeyUbVW/sEEmWgFUMAfKjlE9t7jdc
Ras1v47mtnH7yxdvge1Js18ql0q3OvAW6MmIs4ZjZ7R3Auf7TMJlIci116iJ2BH7
fulvt1tj/37+T1xpvd5xFH3BSIBAm7MY+xoAIWkx51piMH0hTvUNXX3auSDN1tVN
jfLlhlZnHB3mQy1yeQ8tY/oSKks5ewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPmu
k4d67kgt1vQPy20R8w98hcVpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNDYxN0E0NENENDQxMUVGQTkwMjcxNTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNxMA0GCSqGSIb3DQEBCwUA
A4IBAQBQz+FjlttXlTgk5i8fVLaAYO8lpOecmBVEdilOvkVIBjYKhE2TQIK1FGWb
fSfXCbDa983lusdFm2ZVtzseaUBBWjFMJ362iTNAhGGVgZI+Tliss+3v4lSubhng
zzisYxw7Fx3KU5sh4NAVQcJz9GvNrPVIlwkxEyYgQh5091RL6z58QC/RB2E2u9Gd
J0ittyDYxBfOFk0z3gMK3WtFPQJOkPQoiqayO6nNzbqHKfT8SONQh+tdjInrCrn6
k7pVDDeCcrdGqE5QfBktY6Q/WzWDw5n2hFkiW9oLkT6yMYZrnMmASKV1/t1pEJTV
sLwZaXjfZczj7Nh1pW2obp1yEqAR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:04 2025 by rpki-client