Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B54D55B6C95411EFA3F68A52762E951A.roa
File: B54D55B6C95411EFA3F68A52762E951A.roa (raw, json)
Hash identifier: iDDvB7ut/dize9GNtUMnJdGdzzp2OptX9KLPFvnJ93c=
Subject key identifier: 51:DC:17:10:3F:DA:BD:05:3F:6F:12:CC:1F:DF:9B:35:42:FE:DE:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3EA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B54D55B6C95411EFA3F68A52762E951A.roa
Signing time: Thu 02 Jan 2025 21:58:33 +0000
ROA not before: Thu 02 Jan 2025 21:58:29 +0000
ROA not after: Sat 13 Dec 2025 21:58:29 +0000
asID: 984
IP address blocks: 156.226.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62442 (0xf3ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:58:29 2025 GMT
Not After : Dec 13 21:58:29 2025 GMT
Subject: CN=67770c09-4b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:6e:08:2b:7c:5b:64:4e:5f:55:76:32:1f:
f6:bf:8d:20:51:b3:51:2b:ae:74:91:11:b3:b1:11:
59:a2:5a:43:68:07:e9:66:fc:cf:63:a1:bb:33:6e:
47:8a:84:0d:23:16:b9:c5:d4:b0:4c:59:97:90:7a:
23:fb:74:bd:ba:ea:c2:05:42:eb:36:6f:65:c1:ce:
82:20:9b:61:d9:ff:45:1f:71:6e:c1:fe:f8:2e:ec:
2c:67:3c:33:33:ad:58:5e:1b:66:05:8e:77:a8:c7:
47:24:e9:07:81:8d:96:92:61:07:09:75:dc:51:ff:
03:70:f5:54:a1:26:ed:73:e8:03:a1:02:76:61:17:
e9:ab:cd:59:8b:3e:bc:26:0b:cf:89:8f:03:32:5a:
a3:56:0a:6a:bb:55:86:a8:5e:7d:e2:a0:be:78:b4:
e4:42:5f:06:0d:9f:ee:f8:a7:f3:2a:34:1a:0e:c4:
48:8e:d7:93:3b:de:48:8e:8d:92:9a:96:b8:83:7a:
03:24:e9:95:13:43:1a:82:42:f6:94:c8:1f:2b:0d:
7e:c8:dc:58:ad:d0:74:fe:96:9a:82:da:ba:03:ad:
c5:bb:6d:54:cf:83:2a:7b:3d:71:5d:eb:d1:4f:15:
04:34:12:68:29:05:d3:72:05:58:85:a5:1e:52:5d:
26:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:DC:17:10:3F:DA:BD:05:3F:6F:12:CC:1F:DF:9B:35:42:FE:DE:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B54D55B6C95411EFA3F68A52762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.141.0/24
Signature Algorithm: sha256WithRSAEncryption
10:23:e6:a0:1d:f8:1c:14:03:0d:41:70:11:1c:26:08:b9:dc:
41:18:c9:52:0f:0a:2a:e6:c4:ee:12:ef:3f:90:ec:3d:fc:4a:
5d:b2:fa:d8:a7:67:ac:af:32:c4:a9:58:e6:ce:db:da:09:ae:
f5:0f:ea:78:b0:3c:b5:a1:2e:6f:83:ed:13:87:f2:22:90:41:
9f:cb:3e:1b:1e:ff:8e:80:8f:94:60:82:24:36:b0:1a:f1:79:
28:5d:e3:5a:d3:4e:5f:e9:b5:07:cd:95:88:d0:5b:18:cf:48:
25:fb:ae:7d:20:3a:08:1b:8b:fc:0b:2c:59:60:e9:ab:e8:e1:
e1:69:7f:39:7f:f2:48:1d:37:62:35:67:ab:3c:8f:eb:47:dc:
1e:97:e3:a9:30:c8:e6:b8:96:04:09:27:83:b5:af:9a:f5:a8:
92:1a:7d:e7:45:e6:b3:b4:a3:bb:4f:42:b1:61:93:5c:6f:a5:
12:6d:e1:13:f2:46:cf:d5:88:4d:f6:88:ec:fc:5e:8d:e6:c1:
10:f2:91:55:ec:90:9e:40:a3:63:47:dd:bb:f1:2c:7c:cb:e2:
26:a2:3e:2b:8d:1b:26:d3:bc:9b:14:05:c5:d9:82:88:a4:56:
98:e8:cc:08:c6:39:97:78:1a:ee:09:7f:79:18:89:ef:32:d1:
97:18:ae:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPPqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjE1ODI5WhcNMjUxMjEzMjE1ODI5WjAYMRYw
FAYDVQQDEw02Nzc3MGMwOS00YjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs2VuCCt8W2ROX1V2Mh/2v40gUbNRK650kRGzsRFZolpDaAfpZvzPY6G7
M25HioQNIxa5xdSwTFmXkHoj+3S9uurCBULrNm9lwc6CIJth2f9FH3Fuwf74Luws
ZzwzM61YXhtmBY53qMdHJOkHgY2WkmEHCXXcUf8DcPVUoSbtc+gDoQJ2YRfpq81Z
iz68JgvPiY8DMlqjVgpqu1WGqF594qC+eLTkQl8GDZ/u+KfzKjQaDsRIjteTO95I
jo2Smpa4g3oDJOmVE0MagkL2lMgfKw1+yNxYrdB0/paagtq6A63Fu21Uz4Mqez1x
XevRTxUENBJoKQXTcgVYhaUeUl0m8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFHc
FxA/2r0FP28SzB/fmzVC/t7MMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNTRENTVCNkM5NTQxMUVGQTNGNjhBNTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKNMA0GCSqGSIb3DQEBCwUA
A4IBAQAQI+agHfgcFAMNQXARHCYIudxBGMlSDwoq5sTuEu8/kOw9/EpdsvrYp2es
rzLEqVjmztvaCa71D+p4sDy1oS5vg+0Th/IikEGfyz4bHv+OgI+UYIIkNrAa8Xko
XeNa005f6bUHzZWI0FsYz0gl+659IDoIG4v8CyxZYOmr6OHhaX85f/JIHTdiNWer
PI/rR9wel+OpMMjmuJYECSeDta+a9aiSGn3nReaztKO7T0KxYZNcb6USbeET8kbP
1YhN9ojs/F6N5sEQ8pFV7JCeQKNjR9278Sx8y+Imoj4rjRsm07ybFAXF2YKIpFaY
6MwIxjmXeBruCX95GInvMtGXGK7o
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:42 2025 by rpki-client