Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7305D88CCE611EFA5E9F689762E951A.roa
File: C7305D88CCE611EFA5E9F689762E951A.roa (raw, json)
Hash identifier: 7KAAK5eGFaIDHtz9NNAypLB/Mx5zjQO+D98ZsgkhWOY=
Subject key identifier: 0B:2C:2C:5F:4F:22:C2:B0:DA:49:27:B7:2B:D8:41:2E:4B:26:B2:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBD5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7305D88CCE611EFA5E9F689762E951A.roa
Signing time: Tue 07 Jan 2025 11:01:43 +0000
ROA not before: Tue 07 Jan 2025 11:01:39 +0000
ROA not after: Sat 13 Dec 2025 11:01:39 +0000
asID: 984
IP address blocks: 156.235.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64469 (0xfbd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 11:01:39 2025 GMT
Not After : Dec 13 11:01:39 2025 GMT
Subject: CN=677d0997-1765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d2:0e:f3:eb:6b:45:ca:19:3a:a8:ea:28:60:
85:f1:fc:64:04:cb:ba:81:09:03:5b:43:c6:7b:1c:
ad:30:17:f4:06:fb:ae:da:d7:0c:8b:ce:79:12:92:
cc:36:bf:78:2b:d4:b4:16:01:9a:a0:65:37:e2:44:
d8:9e:65:84:0c:68:09:5c:9c:08:dc:db:f0:57:2e:
a4:bd:1c:7f:c2:5a:a5:5d:0b:d1:f5:95:31:68:14:
47:da:92:73:fa:e9:28:f8:a8:09:c4:47:d3:4e:b5:
fe:4c:a8:d2:f3:18:92:9d:26:b2:53:62:27:16:e5:
64:aa:5e:bd:1a:d7:72:16:54:79:04:f9:d7:df:7e:
31:f2:29:55:a6:e7:65:af:d8:1b:99:cd:7a:cd:c1:
80:13:22:b1:e3:cf:f3:8e:18:ae:57:5c:e6:f5:ba:
af:ca:e2:d6:0f:64:74:ca:75:e2:44:13:5c:76:f8:
82:9d:50:8f:0c:ef:f4:fd:1f:18:55:78:7b:6f:12:
d6:66:2e:ee:96:71:6a:31:8c:d4:d6:86:1f:0d:65:
14:72:00:78:80:9b:21:56:9e:5e:89:09:5a:17:38:
5f:6a:62:56:e8:f4:a2:18:89:5f:b1:c0:ef:88:1f:
e4:27:bd:66:f2:36:80:25:88:f1:02:8e:82:a4:25:
d6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:2C:2C:5F:4F:22:C2:B0:DA:49:27:B7:2B:D8:41:2E:4B:26:B2:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7305D88CCE611EFA5E9F689762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.52.0/24
Signature Algorithm: sha256WithRSAEncryption
47:4b:25:22:38:64:fc:7e:1e:41:4e:65:b2:af:ba:49:b4:c4:
7e:67:e1:05:4d:e2:2a:d5:99:8f:93:8f:b6:77:4b:b9:13:fb:
45:a0:38:78:15:b7:a5:01:ed:a7:cf:11:58:ec:1e:ac:86:81:
09:40:ad:d4:c0:ce:ba:e5:84:a6:c9:d8:2c:6b:0f:a3:13:9a:
a1:82:f5:04:6b:72:2b:16:fb:de:a5:66:2e:3e:86:7f:0e:1b:
3d:f0:ce:45:73:81:3f:49:8d:d5:1a:d5:24:ab:6c:06:4c:ce:
1f:d4:00:02:40:f2:2d:57:45:6d:da:a0:5f:8b:cf:fb:b4:0f:
a5:9f:ea:c1:22:3a:28:7d:b5:41:16:d5:59:0f:65:75:c9:62:
2e:ac:b2:48:05:af:b0:61:66:c0:75:94:96:60:c0:4c:e5:11:
91:89:8e:d8:ba:2d:6b:e1:ae:ca:cf:f9:ed:fa:77:55:a4:f7:
99:97:73:2c:fd:c0:e8:73:27:d1:02:3f:f0:fb:cc:18:83:3e:
67:47:23:14:18:da:4b:28:10:68:48:53:33:70:db:cd:51:84:
3d:be:ac:30:d2:37:27:23:14:80:75:5f:9c:70:3d:f6:6a:d1:
5e:a0:ea:da:e3:07:a8:6b:9b:31:89:28:32:22:17:12:72:66:
d7:d7:d0:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTEwMTM5WhcNMjUxMjEzMTEwMTM5WjAYMRYw
FAYDVQQDEw02NzdkMDk5Ny0xNzY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwNIO8+trRcoZOqjqKGCF8fxkBMu6gQkDW0PGexytMBf0Bvuu2tcMi855
EpLMNr94K9S0FgGaoGU34kTYnmWEDGgJXJwI3NvwVy6kvRx/wlqlXQvR9ZUxaBRH
2pJz+uko+KgJxEfTTrX+TKjS8xiSnSayU2InFuVkql69GtdyFlR5BPnX334x8ilV
pudlr9gbmc16zcGAEyKx48/zjhiuV1zm9bqvyuLWD2R0ynXiRBNcdviCnVCPDO/0
/R8YVXh7bxLWZi7ulnFqMYzU1oYfDWUUcgB4gJshVp5eiQlaFzhfamJW6PSiGIlf
scDviB/kJ71m8jaAJYjxAo6CpCXWEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAss
LF9PIsKw2kkntyvYQS5LJrIQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNzMwNUQ4OENDRTYxMUVGQTVFOUY2ODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOs0MA0GCSqGSIb3DQEBCwUA
A4IBAQBHSyUiOGT8fh5BTmWyr7pJtMR+Z+EFTeIq1ZmPk4+2d0u5E/tFoDh4Fbel
Ae2nzxFY7B6shoEJQK3UwM665YSmydgsaw+jE5qhgvUEa3IrFvvepWYuPoZ/Dhs9
8M5Fc4E/SY3VGtUkq2wGTM4f1AACQPItV0Vt2qBfi8/7tA+ln+rBIjoofbVBFtVZ
D2V1yWIurLJIBa+wYWbAdZSWYMBM5RGRiY7Yui1r4a7Kz/nt+ndVpPeZl3Ms/cDo
cyfRAj/w+8wYgz5nRyMUGNpLKBBoSFMzcNvNUYQ9vqww0jcnIxSAdV+ccD32atFe
oOra4weoa5sxiSgyIhcScmbX19Ab
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:02 2025 by rpki-client