Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B685B3E2CD7311EFBD715899762E951A.roa
File: B685B3E2CD7311EFBD715899762E951A.roa (raw, json)
Hash identifier: TM9VysM/M0JaLwLexJo5vcYZfxQAwms3kJDmo95ySjU=
Subject key identifier: 29:24:98:33:43:C2:24:A3:DF:C3:FF:F5:CE:AC:43:B3:42:FC:BB:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF9F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B685B3E2CD7311EFBD715899762E951A.roa
Signing time: Wed 08 Jan 2025 03:50:34 +0000
ROA not before: Wed 08 Jan 2025 03:50:30 +0000
ROA not after: Mon 13 Dec 2027 03:50:30 +0000
asID: 17561
IP address blocks: 156.248.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65439 (0xff9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 03:50:30 2025 GMT
Not After : Dec 13 03:50:30 2027 GMT
Subject: CN=677df60a-21e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:36:e6:42:7d:68:a2:eb:d2:ac:e0:3c:83:ce:
e6:b7:b7:f5:2d:1c:6d:83:20:a2:4d:f5:28:11:9c:
5b:61:23:a5:83:7f:3f:49:f8:9d:03:5f:19:89:5c:
df:20:85:fe:8a:a6:68:73:2e:04:ca:70:51:4b:c5:
3c:9d:9d:7a:6a:d5:0f:28:5a:cc:39:56:ff:67:6e:
98:48:23:93:b2:95:20:67:c2:6c:cd:f6:52:05:66:
5d:f2:cc:d3:7c:6a:20:fc:50:32:2b:a1:87:70:ac:
b1:47:00:25:70:ed:08:fe:57:fb:d8:b9:0b:78:d5:
f4:cb:da:66:60:02:be:cd:af:fc:db:bb:4c:66:c4:
b8:55:34:11:9a:30:bf:98:f0:d2:36:1a:75:aa:65:
5b:37:d4:ed:f6:8b:73:3c:9d:97:18:e4:0c:2d:28:
e0:b9:c0:ef:da:da:a3:4a:4e:4e:00:b4:e4:d2:20:
7f:89:1e:14:5f:09:07:7a:79:a5:b8:40:3c:b5:d8:
e4:0f:b0:a5:3e:45:e5:3c:f4:93:89:c2:f5:85:10:
bd:8e:8b:76:1a:39:ab:94:88:c4:46:f9:1c:4b:6a:
1c:fb:0c:1e:ad:d0:9f:ac:25:aa:e6:1b:a5:62:be:
9f:37:47:98:0b:a0:11:6b:10:a8:40:d8:64:39:81:
92:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:24:98:33:43:C2:24:A3:DF:C3:FF:F5:CE:AC:43:B3:42:FC:BB:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B685B3E2CD7311EFBD715899762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.81.0/24
Signature Algorithm: sha256WithRSAEncryption
37:e2:9a:4a:8d:04:11:25:b5:a9:ba:3a:ad:7f:56:40:06:45:
17:dc:d6:5e:e5:04:ee:6e:b6:a4:26:26:35:f7:69:e6:df:63:
89:c6:58:8b:33:15:d1:ab:a1:e2:20:d0:80:c0:f2:72:94:88:
bc:0d:e6:49:7d:5b:d4:6c:2d:c6:4e:3f:12:25:a5:17:a3:32:
0e:40:98:e9:1d:d1:85:c9:55:e7:c3:91:eb:c8:3b:47:dc:3e:
69:d4:65:92:25:3e:40:5c:15:8b:6a:f0:24:19:58:a2:96:1f:
43:00:2a:e5:43:f7:ca:f1:dc:8f:19:63:c4:cd:18:4d:8a:f7:
c2:39:2f:27:fe:0f:9c:5a:64:d9:81:8e:aa:aa:cb:6f:4f:41:
7d:89:b0:88:9c:aa:bf:74:81:ed:4c:ba:15:a6:bd:c2:d4:bd:
4e:5e:19:2d:e0:ae:fb:1c:f1:97:1d:31:be:6f:ba:6b:23:c8:
d4:5e:30:5b:46:69:c6:f1:27:0b:60:4d:aa:ff:df:10:18:93:
90:fc:c3:72:bf:6f:fe:0a:c9:9f:99:0f:bc:24:46:16:d5:60:
17:ff:25:0b:ee:55:2b:bd:1d:fd:82:8e:60:04:25:ac:c2:46:
e2:87:53:d8:e0:fc:3f:61:a0:94:89:d7:6e:91:2d:14:ac:98:
12:33:e3:69
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDM1MDMwWhcNMjcxMjEzMDM1MDMwWjAYMRYw
FAYDVQQDEw02NzdkZjYwYS0yMWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnDbmQn1oouvSrOA8g87mt7f1LRxtgyCiTfUoEZxbYSOlg38/SfidA18Z
iVzfIIX+iqZocy4EynBRS8U8nZ16atUPKFrMOVb/Z26YSCOTspUgZ8JszfZSBWZd
8szTfGog/FAyK6GHcKyxRwAlcO0I/lf72LkLeNX0y9pmYAK+za/827tMZsS4VTQR
mjC/mPDSNhp1qmVbN9Tt9otzPJ2XGOQMLSjgucDv2tqjSk5OALTk0iB/iR4UXwkH
enmluEA8tdjkD7ClPkXlPPSTicL1hRC9jot2GjmrlIjERvkcS2oc+wwerdCfrCWq
5hulYr6fN0eYC6ARaxCoQNhkOYGSEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCkk
mDNDwiSj38P/9c6sQ7NC/LtyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjg1QjNFMkNENzMxMUVGQkQ3MTU4OTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhRMA0GCSqGSIb3DQEBCwUA
A4IBAQA34ppKjQQRJbWpujqtf1ZABkUX3NZe5QTubrakJiY192nm32OJxliLMxXR
q6HiINCAwPJylIi8DeZJfVvUbC3GTj8SJaUXozIOQJjpHdGFyVXnw5HryDtH3D5p
1GWSJT5AXBWLavAkGViilh9DACrlQ/fK8dyPGWPEzRhNivfCOS8n/g+cWmTZgY6q
qstvT0F9ibCInKq/dIHtTLoVpr3C1L1OXhkt4K77HPGXHTG+b7prI8jUXjBbRmnG
8ScLYE2q/98QGJOQ/MNyv2/+CsmfmQ+8JEYW1WAX/yUL7lUrvR39go5gBCWswkbi
h1PY4Pw/YaCUiddukS0UrJgSM+Np
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:11 2025 by rpki-client