Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C173DCD8C98211EF985C068C762E951A.roa
File: C173DCD8C98211EF985C068C762E951A.roa (raw, json)
Hash identifier: jQIvuPtMdTVf6+AJEsQFWSxaxfrEFat4UgpW8+paNU8=
Subject key identifier: C1:1D:F9:87:49:84:D6:3C:78:3A:10:84:7C:C7:53:F6:B3:DD:77:8A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F55F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C173DCD8C98211EF985C068C762E951A.roa
Signing time: Fri 03 Jan 2025 03:28:10 +0000
ROA not before: Fri 03 Jan 2025 03:28:06 +0000
ROA not after: Sat 13 Dec 2025 03:28:06 +0000
asID: 984
IP address blocks: 156.230.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62815 (0xf55f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:28:06 2025 GMT
Not After : Dec 13 03:28:06 2025 GMT
Subject: CN=6777594a-7d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fe:89:49:b9:d0:a8:0d:ef:d3:a2:9d:17:f6:
a6:27:4a:f5:4d:38:1f:c4:2a:fa:8e:57:ac:af:4f:
ba:3e:fd:22:a5:ea:c3:b9:4b:ab:84:71:45:0d:ca:
ee:a8:20:d5:aa:2c:eb:bb:db:97:e5:3d:43:c9:ce:
64:92:31:eb:21:9f:4c:a2:d6:8b:6e:15:84:65:ad:
cc:85:e5:03:ab:20:3b:11:0a:76:12:1a:de:0d:27:
25:5e:87:d8:e5:25:87:44:4a:e1:a2:62:9f:cb:ec:
d5:7f:cb:11:bf:ab:a2:e7:f3:21:1f:b1:44:c9:ea:
e6:c7:be:0a:6f:85:6d:39:03:bf:7d:26:f2:28:b2:
96:02:34:dc:5b:43:c5:7b:ce:fd:e5:f6:81:fd:84:
e1:1b:ec:50:df:2f:cb:23:14:ae:64:2b:de:e7:91:
c4:4e:69:d6:8d:d8:71:c9:f0:cb:15:e4:7d:a0:b1:
ad:91:32:72:fb:23:5c:8d:21:ca:c2:c1:cf:7a:51:
43:8f:8a:a7:95:ad:17:f1:ae:7e:c0:64:bd:b0:a8:
5e:5d:66:5d:d7:1e:35:47:eb:9e:83:ab:20:be:c6:
b8:41:71:7c:f3:76:02:ef:2c:eb:1a:f9:0d:ea:bd:
ea:06:4b:c5:9e:c5:af:48:06:79:9f:e5:57:38:83:
8c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:1D:F9:87:49:84:D6:3C:78:3A:10:84:7C:C7:53:F6:B3:DD:77:8A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C173DCD8C98211EF985C068C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.21.0/24
Signature Algorithm: sha256WithRSAEncryption
76:89:5c:ee:13:49:87:6d:22:eb:9f:45:2c:07:c7:06:55:7d:
ad:c5:94:0b:8d:a6:08:66:59:72:36:0d:d7:20:7e:58:9b:c0:
1e:ed:9d:92:97:28:9e:e9:1a:4b:35:c7:4a:9b:49:50:65:46:
bf:2b:97:eb:fe:98:5a:4e:9a:8a:b5:c4:7d:a2:82:83:69:b4:
e9:0a:53:51:58:be:ee:d9:e3:69:ad:e1:ca:1d:c0:8e:2c:5d:
6f:45:11:21:b4:5b:1f:0e:70:37:f3:21:2a:9d:78:8a:62:1e:
19:42:ee:06:f9:bc:18:af:41:d4:d1:3f:de:f2:0c:27:2b:58:
5c:18:34:51:1f:dd:bd:8c:e2:f9:a5:4b:1a:b7:aa:0f:4f:a5:
3f:64:73:b6:0c:66:cd:7f:d9:78:73:52:c6:06:00:43:60:ce:
b1:fd:c0:e3:e2:f5:36:4e:e3:c5:b3:80:58:13:26:89:db:92:
c9:6c:30:d9:05:80:c0:11:69:64:04:46:22:9c:23:48:a2:5d:
8d:df:e4:47:60:a5:3d:43:b0:4b:d7:f5:77:ee:86:30:32:a4:
ce:ee:2b:2c:1f:c4:5a:d7:11:e3:6d:a2:63:ed:0b:b8:03:38:
2f:e6:8e:a3:35:71:f8:3f:d3:bc:b4:03:fa:d6:1d:51:e1:81:
6a:87:fd:54
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPVfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDMyODA2WhcNMjUxMjEzMDMyODA2WjAYMRYw
FAYDVQQDEw02Nzc3NTk0YS03ZDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo/6JSbnQqA3v06KdF/amJ0r1TTgfxCr6jlesr0+6Pv0iperDuUurhHFF
DcruqCDVqizru9uX5T1Dyc5kkjHrIZ9MotaLbhWEZa3MheUDqyA7EQp2EhreDScl
XofY5SWHRErhomKfy+zVf8sRv6ui5/MhH7FEyermx74Kb4VtOQO/fSbyKLKWAjTc
W0PFe8795faB/YThG+xQ3y/LIxSuZCve55HETmnWjdhxyfDLFeR9oLGtkTJy+yNc
jSHKwsHPelFDj4qnla0X8a5+wGS9sKheXWZd1x41R+ueg6sgvsa4QXF883YC7yzr
GvkN6r3qBkvFnsWvSAZ5n+VXOIOMdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMEd
+YdJhNY8eDoQhHzHU/az3XeKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMTczRENEOEM5ODIxMUVGOTg1QzA2OEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOYVMA0GCSqGSIb3DQEBCwUA
A4IBAQB2iVzuE0mHbSLrn0UsB8cGVX2txZQLjaYIZllyNg3XIH5Ym8Ae7Z2Slyie
6RpLNcdKm0lQZUa/K5fr/phaTpqKtcR9ooKDabTpClNRWL7u2eNpreHKHcCOLF1v
RREhtFsfDnA38yEqnXiKYh4ZQu4G+bwYr0HU0T/e8gwnK1hcGDRRH929jOL5pUsa
t6oPT6U/ZHO2DGbNf9l4c1LGBgBDYM6x/cDj4vU2TuPFs4BYEyaJ25LJbDDZBYDA
EWlkBEYinCNIol2N3+RHYKU9Q7BL1/V37oYwMqTO7issH8Ra1xHjbaJj7Qu4Azgv
5o6jNXH4P9O8tAP61h1R4YFqh/1U
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:52 2025 by rpki-client