Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C86D228ACF5C11EFA075BCBC762E951A.roa
File: C86D228ACF5C11EFA075BCBC762E951A.roa (raw, json)
Hash identifier: HGU5P9sJDhHiYV8P4muu8xy0yImeXa6IBKn/f+6Q8Lo=
Subject key identifier: 54:5F:27:9B:D1:82:E0:86:75:DF:B9:D7:94:6D:87:AA:C7:41:03:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01054D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C86D228ACF5C11EFA075BCBC762E951A.roa
Signing time: Fri 10 Jan 2025 14:11:28 +0000
ROA not before: Fri 10 Jan 2025 14:11:24 +0000
ROA not after: Wed 10 Dec 2025 14:11:24 +0000
asID: 984
IP address blocks: 156.228.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66893 (0x1054d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 14:11:24 2025 GMT
Not After : Dec 10 14:11:24 2025 GMT
Subject: CN=67812a90-51c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:98:44:f2:3c:7f:be:d4:0a:24:9c:f8:fd:5c:
19:d3:12:72:c3:0b:60:53:d2:6d:b6:27:05:3d:61:
33:49:92:5a:b2:4c:f5:59:1f:5f:2a:37:81:5f:69:
c6:5d:a9:b4:0f:86:5a:c4:11:91:37:4b:e3:13:33:
4d:2a:7d:c8:2f:e7:72:a1:39:a5:39:b6:9c:8d:c5:
a6:fc:f1:af:02:f1:32:5d:9d:d5:03:3a:1d:49:90:
3f:70:09:b9:ec:19:47:29:ba:a0:be:57:24:01:45:
48:24:b3:97:dc:58:62:fd:c4:f8:c8:2a:86:40:9a:
3f:e2:6c:2c:b9:0a:d5:65:1e:fe:47:90:80:8f:45:
96:b6:2f:fc:7f:8d:c7:c3:53:98:f7:0d:d7:ff:e5:
09:10:07:3f:c2:11:d5:ba:e9:36:ff:48:eb:f4:88:
c7:4f:22:d1:d9:3e:00:24:60:3d:fd:cf:26:4b:bc:
85:66:e6:b1:9c:45:46:cd:da:3d:38:97:59:fc:9e:
dd:31:05:07:47:67:22:5b:b8:f4:ec:bc:5e:40:3c:
a8:d7:a4:ec:1a:a0:41:e9:d1:07:d4:60:8c:94:02:
e0:ec:d2:ff:81:21:f8:ab:b9:10:6c:47:72:f3:10:
02:31:48:b1:71:13:cf:a6:2a:23:29:d2:2a:5f:e6:
e5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:5F:27:9B:D1:82:E0:86:75:DF:B9:D7:94:6D:87:AA:C7:41:03:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C86D228ACF5C11EFA075BCBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.242.0/24
Signature Algorithm: sha256WithRSAEncryption
50:4b:93:d2:85:17:fb:f3:00:d6:bc:db:37:d5:1f:fb:9d:05:
9e:02:3f:22:cd:17:57:3d:f9:18:57:b2:35:c1:fd:5f:28:57:
8f:42:6e:48:eb:f2:f3:1f:20:74:06:65:81:9f:45:f3:a8:8f:
f9:08:3b:ef:2b:08:f1:d3:ac:1d:bd:33:57:02:25:ad:1a:e4:
3a:ce:63:2f:2d:b5:3c:48:86:b9:cd:76:7f:54:c6:c4:77:14:
a2:d4:20:cc:cc:3d:45:83:c3:06:b9:80:fd:e3:7b:79:98:1e:
dc:70:59:38:21:6a:af:d1:ab:c7:7b:1e:25:e6:3f:a1:d0:97:
e1:1e:fb:07:34:46:f9:dc:9b:0e:83:96:78:39:59:d4:ae:de:
04:7b:1e:c9:53:5a:86:62:16:5c:3d:0c:d7:6d:60:5f:31:90:
b6:2e:24:10:03:b6:b9:20:fc:90:de:8f:b5:b6:bb:fa:8c:e6:
cd:f3:7c:aa:6c:12:93:d5:c6:68:e7:79:2d:1d:a6:a5:61:8f:
1b:29:d0:0f:04:13:f3:b2:7e:49:92:f4:91:97:cc:ea:a9:63:
56:61:a5:f2:b3:f4:ba:ce:0a:dc:d5:80:f4:ad:5d:39:f9:68:
ce:1c:07:e6:a5:aa:1b:10:5a:8b:0b:c0:71:51:a8:af:54:d3:
e8:a9:e8:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTQxMTI0WhcNMjUxMjEwMTQxMTI0WjAYMRYw
FAYDVQQDEw02NzgxMmE5MC01MWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0JhE8jx/vtQKJJz4/VwZ0xJywwtgU9JtticFPWEzSZJaskz1WR9fKjeB
X2nGXam0D4ZaxBGRN0vjEzNNKn3IL+dyoTmlObacjcWm/PGvAvEyXZ3VAzodSZA/
cAm57BlHKbqgvlckAUVIJLOX3Fhi/cT4yCqGQJo/4mwsuQrVZR7+R5CAj0WWti/8
f43Hw1OY9w3X/+UJEAc/whHVuuk2/0jr9IjHTyLR2T4AJGA9/c8mS7yFZuaxnEVG
zdo9OJdZ/J7dMQUHR2ciW7j07LxeQDyo16TsGqBB6dEH1GCMlALg7NL/gSH4q7kQ
bEdy8xACMUixcRPPpiojKdIqX+bl6QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFRf
J5vRguCGdd+515Rth6rHQQM0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DODZEMjI4QUNGNUMxMUVGQTA3NUJDQkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTyMA0GCSqGSIb3DQEBCwUA
A4IBAQBQS5PShRf78wDWvNs31R/7nQWeAj8izRdXPfkYV7I1wf1fKFePQm5I6/Lz
HyB0BmWBn0XzqI/5CDvvKwjx06wdvTNXAiWtGuQ6zmMvLbU8SIa5zXZ/VMbEdxSi
1CDMzD1Fg8MGuYD943t5mB7ccFk4IWqv0avHex4l5j+h0JfhHvsHNEb53JsOg5Z4
OVnUrt4Eex7JU1qGYhZcPQzXbWBfMZC2LiQQA7a5IPyQ3o+1trv6jObN83yqbBKT
1cZo53ktHaalYY8bKdAPBBPzsn5JkvSRl8zqqWNWYaXys/S6zgrc1YD0rV05+WjO
HAfmpaobEFqLC8BxUaivVNPoqeip
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:32 2025 by rpki-client