Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4E96C40CCE211EF81C10972762E951A.roa
File: B4E96C40CCE211EF81C10972762E951A.roa (raw, json)
Hash identifier: MhYDZYKrXYmfiFsac2qLmkyqgv4MbWmZLqxGu1q8mwk=
Subject key identifier: 4B:75:67:5C:99:D4:26:3A:DE:0E:D9:26:D0:57:80:93:4D:2A:C1:E6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBB1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4E96C40CCE211EF81C10972762E951A.roa
Signing time: Tue 07 Jan 2025 10:32:34 +0000
ROA not before: Tue 07 Jan 2025 10:32:30 +0000
ROA not after: Sat 13 Dec 2025 10:32:30 +0000
asID: 984
IP address blocks: 156.233.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64433 (0xfbb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:32:30 2025 GMT
Not After : Dec 13 10:32:30 2025 GMT
Subject: CN=677d02c2-4a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e9:dc:59:d4:ee:ce:0a:6d:63:4c:63:41:f4:
20:88:34:04:ab:2a:29:aa:72:10:7d:37:c6:50:df:
a4:97:54:b7:e3:b2:3d:8e:ab:eb:c2:ae:b2:43:e3:
b2:b3:1c:cc:a2:41:c9:64:19:f9:d9:35:8a:83:a6:
68:51:1d:4b:f8:aa:b4:a2:4a:34:b3:5a:67:88:1c:
17:f5:29:60:63:7a:49:88:16:bd:1d:82:4d:2b:ca:
89:4f:b8:c9:1e:ed:7b:02:3f:9f:8c:42:30:dd:33:
ff:21:fd:61:ad:e1:57:58:64:d0:4e:89:7a:7a:dd:
4f:3d:05:d4:7e:59:59:16:2b:b6:14:6a:66:08:fc:
03:6a:02:99:d0:e3:c7:c9:a6:91:51:67:74:07:5e:
eb:05:29:35:b3:3f:f5:4e:51:76:a3:42:2b:5b:c6:
aa:67:53:3b:71:43:d8:24:09:0c:95:79:df:3f:f2:
ce:00:af:8e:a6:bd:79:dd:ae:ad:03:6c:98:72:f7:
f3:bc:fb:ed:f4:9c:f8:65:e5:93:94:11:8d:a6:56:
74:f7:21:19:c9:72:4a:e6:8a:9a:de:55:14:d8:b1:
5a:59:90:28:50:b2:c9:ca:c8:68:df:e6:83:03:df:
b0:07:b2:84:ea:83:77:ed:31:56:11:99:a3:d7:15:
fc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:75:67:5C:99:D4:26:3A:DE:0E:D9:26:D0:57:80:93:4D:2A:C1:E6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4E96C40CCE211EF81C10972762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.237.0/24
Signature Algorithm: sha256WithRSAEncryption
91:37:6e:e9:ba:55:96:2a:07:67:64:08:dc:78:2a:d2:1c:3b:
3a:26:ca:fe:69:ed:69:03:57:b3:01:d1:c9:4b:c4:6f:e0:78:
31:f7:a8:2d:01:28:8c:b3:3f:f6:d9:f4:9a:f4:a8:92:ca:5c:
d7:8b:8f:7c:41:0b:b0:86:90:84:42:d2:9c:e7:6a:48:96:90:
31:c9:26:24:e9:a3:65:c6:7c:ef:62:17:bf:9a:83:e6:09:f1:
3f:6c:3d:8c:95:d9:a1:7b:1a:7e:d1:4c:ad:82:fd:db:06:cb:
98:84:57:24:cf:d9:53:9d:d7:2b:4b:f7:4b:8f:e0:2d:3c:a3:
16:08:44:22:fe:00:fb:45:b2:80:29:7e:99:f4:d8:3b:76:3c:
7c:2c:bd:5a:da:11:ec:61:ea:07:88:3d:a5:79:52:f5:db:a8:
0e:bc:f4:6d:5a:26:17:54:57:77:5c:e8:dc:70:29:27:3f:94:
21:2a:34:3a:43:90:0a:7d:85:37:ef:ec:e3:12:ab:43:dc:f3:
38:09:f3:b1:e6:e1:fb:86:98:ad:2f:00:bc:ae:9a:3d:2f:42:
5e:fc:84:81:f1:0f:78:dd:9d:9c:50:81:ca:cf:37:91:b5:fc:
fc:4b:7a:a5:af:27:d9:16:ec:77:f0:98:22:29:3f:5f:f5:03:
31:c5:8a:3d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPuxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAzMjMwWhcNMjUxMjEzMTAzMjMwWjAYMRYw
FAYDVQQDEw02NzdkMDJjMi00YTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp+ncWdTuzgptY0xjQfQgiDQEqyopqnIQfTfGUN+kl1S347I9jqvrwq6y
Q+OysxzMokHJZBn52TWKg6ZoUR1L+Kq0oko0s1pniBwX9SlgY3pJiBa9HYJNK8qJ
T7jJHu17Aj+fjEIw3TP/If1hreFXWGTQTol6et1PPQXUfllZFiu2FGpmCPwDagKZ
0OPHyaaRUWd0B17rBSk1sz/1TlF2o0IrW8aqZ1M7cUPYJAkMlXnfP/LOAK+Opr15
3a6tA2yYcvfzvPvt9Jz4ZeWTlBGNplZ09yEZyXJK5oqa3lUU2LFaWZAoULLJysho
3+aDA9+wB7KE6oN37TFWEZmj1xX8RwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEt1
Z1yZ1CY63g7ZJtBXgJNNKsHmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNEU5NkM0MENDRTIxMUVGODFDMTA5NzI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOntMA0GCSqGSIb3DQEBCwUA
A4IBAQCRN27pulWWKgdnZAjceCrSHDs6Jsr+ae1pA1ezAdHJS8Rv4Hgx96gtASiM
sz/22fSa9KiSylzXi498QQuwhpCEQtKc52pIlpAxySYk6aNlxnzvYhe/moPmCfE/
bD2Mldmhexp+0Uytgv3bBsuYhFckz9lTndcrS/dLj+AtPKMWCEQi/gD7RbKAKX6Z
9Ng7djx8LL1a2hHsYeoHiD2leVL126gOvPRtWiYXVFd3XOjccCknP5QhKjQ6Q5AK
fYU37+zjEqtD3PM4CfOx5uH7hpitLwC8rpo9L0Je/ISB8Q943Z2cUIHKzzeRtfz8
S3qlryfZFux38JgiKT9f9QMxxYo9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:33 2025 by rpki-client