Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C898FCD4CD3B11EFB251DFA1762E951A.roa
File: C898FCD4CD3B11EFB251DFA1762E951A.roa (raw, json)
Hash identifier: yw9Ssh99RHEjLZHI22a4Zq2ngNeBgPDGUQoo3QEGEH8=
Subject key identifier: 7E:2E:E6:A4:42:D2:3B:FC:B6:6D:2B:14:5F:ED:7B:53:50:0E:B6:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE47
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C898FCD4CD3B11EFB251DFA1762E951A.roa
Signing time: Tue 07 Jan 2025 21:10:12 +0000
ROA not before: Tue 07 Jan 2025 21:10:08 +0000
ROA not after: Sat 13 Dec 2025 21:10:08 +0000
asID: 984
IP address blocks: 156.243.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65095 (0xfe47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:10:08 2025 GMT
Not After : Dec 13 21:10:08 2025 GMT
Subject: CN=677d9834-50eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:46:d8:63:70:44:d9:62:98:f6:bf:19:25:76:
85:43:ed:ab:55:68:05:d9:fb:47:3f:2f:bc:0e:38:
29:85:20:6f:9e:2b:11:f1:56:87:8f:92:3d:d0:91:
5b:a8:85:f5:7d:f5:47:3a:5d:5b:d1:b3:8d:0f:05:
52:c6:e4:0a:07:07:03:e6:3f:7d:9b:ca:aa:c4:fa:
0b:6a:7b:a7:31:9a:8f:dc:bf:b9:35:64:b5:08:34:
f7:f1:6f:14:d4:41:3d:5f:e6:dd:14:5d:03:34:d9:
e8:76:fd:09:ee:78:7c:7f:79:5d:a2:03:b7:da:73:
91:41:76:1e:f4:37:38:e0:60:80:af:8e:c7:57:00:
84:60:8d:36:37:7c:c4:35:d0:7d:d1:ab:ec:6d:d5:
c7:bb:49:e7:91:4b:29:3c:fc:27:b7:af:56:ae:fa:
b5:6b:7e:fd:16:cb:2b:60:ca:fa:7e:4c:57:73:7c:
da:21:ec:b2:ba:84:b8:29:61:a7:8d:16:48:f5:07:
19:38:ac:f5:df:74:89:1b:32:a5:aa:9b:93:07:a5:
49:89:19:90:12:32:dd:f1:28:98:c4:39:2c:eb:6d:
03:0f:62:38:d2:86:e2:b4:bc:92:92:a3:a7:c8:e1:
fc:f2:1e:d7:d4:fe:aa:f9:06:62:0d:5f:8f:6f:99:
db:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2E:E6:A4:42:D2:3B:FC:B6:6D:2B:14:5F:ED:7B:53:50:0E:B6:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C898FCD4CD3B11EFB251DFA1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.76.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:c6:4a:2b:df:0b:8d:c3:00:e0:e1:69:c3:cb:5c:8d:37:d3:
4b:1f:ae:74:ae:08:df:85:7e:df:3b:5a:e3:c3:00:2d:61:ec:
8c:da:86:4a:24:54:27:41:b2:15:e8:6c:0a:ff:b2:d9:b6:5d:
84:c2:14:a5:63:db:15:85:a3:f2:31:2f:fa:9b:dd:ed:e1:2d:
36:d1:0a:51:09:74:ed:5e:e2:a9:d2:f1:da:e5:cf:de:a4:52:
80:b9:9b:69:6f:a0:a1:24:06:f1:43:0e:18:d0:be:00:92:a8:
b8:db:ef:53:b1:ab:a4:f4:5b:18:52:91:0d:3e:73:b0:97:56:
f2:d6:7c:02:eb:bc:df:59:99:a9:48:c9:27:94:77:3f:dc:1b:
d5:2f:ef:b1:d1:7d:6e:f5:e9:87:e1:25:0c:ef:11:e1:8b:52:
28:62:b6:eb:7a:e9:1f:f8:18:ca:e2:dc:7f:c5:5d:4e:90:1b:
65:74:c7:f9:48:77:5c:7a:e5:5d:d5:e5:07:49:e8:34:1f:0e:
41:1d:b7:73:2d:ec:f7:f9:83:07:b3:22:0b:b6:47:7a:2c:28:
8a:ac:c6:9b:3e:1f:41:4f:ae:0e:00:95:55:56:1d:95:f2:f6:
89:3d:d9:02:b9:87:ae:4f:53:88:5e:ec:41:fa:2a:3d:ea:45:
b0:7b:fb:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP5HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjExMDA4WhcNMjUxMjEzMjExMDA4WjAYMRYw
FAYDVQQDEw02NzdkOTgzNC01MGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvEbYY3BE2WKY9r8ZJXaFQ+2rVWgF2ftHPy+8DjgphSBvnisR8VaHj5I9
0JFbqIX1ffVHOl1b0bONDwVSxuQKBwcD5j99m8qqxPoLanunMZqP3L+5NWS1CDT3
8W8U1EE9X+bdFF0DNNnodv0J7nh8f3ldogO32nORQXYe9Dc44GCAr47HVwCEYI02
N3zENdB90avsbdXHu0nnkUspPPwnt69Wrvq1a379FssrYMr6fkxXc3zaIeyyuoS4
KWGnjRZI9QcZOKz133SJGzKlqpuTB6VJiRmQEjLd8SiYxDks620DD2I40obitLyS
kqOnyOH88h7X1P6q+QZiDV+Pb5nbKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH4u
5qRC0jv8tm0rFF/te1NQDraSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DODk4RkNENENEM0IxMUVGQjI1MURGQTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNMMA0GCSqGSIb3DQEBCwUA
A4IBAQALxkor3wuNwwDg4WnDy1yNN9NLH650rgjfhX7fO1rjwwAtYeyM2oZKJFQn
QbIV6GwK/7LZtl2EwhSlY9sVhaPyMS/6m93t4S020QpRCXTtXuKp0vHa5c/epFKA
uZtpb6ChJAbxQw4Y0L4Akqi42+9Tsauk9FsYUpENPnOwl1by1nwC67zfWZmpSMkn
lHc/3BvVL++x0X1u9emH4SUM7xHhi1IoYrbreukf+BjK4tx/xV1OkBtldMf5SHdc
euVd1eUHSeg0Hw5BHbdzLez3+YMHsyILtkd6LCiKrMabPh9BT64OAJVVVh2V8vaJ
PdkCuYeuT1OIXuxB+io96kWwe/t9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:10 2025 by rpki-client