Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8AEF5FACE3711EF8AD8FE7A762E951A.roa
File: C8AEF5FACE3711EF8AD8FE7A762E951A.roa (raw, json)
Hash identifier: 1LUvzHnwnIixm/b+df/xkFSNtfg8QS0YqPY8Ruk1lNo=
Subject key identifier: 91:35:09:CA:0E:7E:A0:0B:32:4F:FC:FA:E6:D6:DD:8C:59:39:C8:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01022D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8AEF5FACE3711EF8AD8FE7A762E951A.roa
Signing time: Thu 09 Jan 2025 03:14:06 +0000
ROA not before: Thu 09 Jan 2025 03:14:02 +0000
ROA not after: Fri 09 Jan 2026 03:14:02 +0000
asID: 17561
IP address blocks: 156.247.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66093 (0x1022d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 03:14:02 2025 GMT
Not After : Jan 9 03:14:02 2026 GMT
Subject: CN=677f3efe-122f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:13:b7:b8:90:1d:84:46:ae:35:34:a1:f9:6d:
da:58:b6:ed:e5:e6:93:28:6c:19:77:af:0c:8a:31:
39:b2:5e:68:27:92:e7:07:0e:81:dd:02:3d:23:87:
76:0c:13:66:fc:9b:b3:25:fa:e0:b3:8b:b7:bc:c3:
af:2b:4d:68:d3:0a:58:9a:be:ed:52:4c:19:56:41:
c8:96:82:bc:da:aa:d0:32:3f:d5:1b:88:06:e8:0a:
ef:4a:d0:06:a4:b7:61:a4:c3:a0:a3:62:12:0c:b6:
9b:e6:33:40:ed:c0:4d:9d:77:bb:c5:dc:81:21:a0:
20:1c:6b:7f:c5:8f:92:0b:49:e1:f3:fa:4b:9b:36:
fa:af:b3:c0:09:c5:3c:b0:61:a0:1c:92:f1:d2:13:
d7:97:ce:0b:a2:9f:4b:1d:c8:61:39:d4:eb:97:e5:
df:7c:04:02:dc:83:9b:8a:86:a1:c8:3e:a8:49:37:
7e:4b:af:4d:94:4e:1e:09:be:7a:13:99:14:9e:b3:
b5:68:c8:d1:01:2c:99:a4:02:0b:c1:25:2c:06:b5:
ca:3b:ce:65:f5:e3:28:9b:06:0f:49:d0:f4:4a:3a:
2d:27:f7:83:b6:83:68:b4:7d:d4:e4:db:17:de:ed:
fa:c0:76:b9:21:ef:c7:39:7e:69:b6:74:73:67:c6:
46:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:35:09:CA:0E:7E:A0:0B:32:4F:FC:FA:E6:D6:DD:8C:59:39:C8:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8AEF5FACE3711EF8AD8FE7A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.42.0/24
Signature Algorithm: sha256WithRSAEncryption
55:c5:80:3e:2e:36:82:e5:35:6e:2a:22:77:80:e6:1a:6d:fa:
bf:88:72:8c:5a:a0:59:42:dd:c5:e5:7b:a6:7f:87:f9:52:de:
2a:73:8c:48:55:58:19:59:01:4f:7b:14:33:fd:85:33:dd:5d:
0f:40:45:6f:43:5d:80:1a:7d:67:d6:51:29:0b:57:ef:83:3e:
eb:70:e0:b6:e2:85:7f:d9:2b:6e:e5:c6:8d:b1:e3:c7:ad:60:
f0:71:65:2a:f9:48:ff:68:49:90:f6:b4:50:bf:41:26:ab:14:
12:d3:5c:fe:4c:88:51:16:41:e5:57:3d:50:be:33:38:ad:b4:
38:aa:6f:48:06:38:c3:f3:1d:bf:4b:f3:49:14:e0:12:fc:a4:
a9:ae:5f:19:65:65:56:de:99:74:d9:c0:78:cf:63:68:b9:f2:
34:17:16:a2:71:80:85:e7:cb:6f:d1:97:da:e2:d0:33:a7:2e:
f9:19:41:cd:fe:4c:a2:fe:1f:1a:76:dc:16:bd:fc:c6:6d:39:
4b:53:a8:88:eb:32:d1:e7:52:f2:96:ed:11:55:1c:18:97:31:
c6:c6:d0:4c:24:fb:bc:49:2e:21:71:45:df:87:b2:cd:1a:b8:
46:dc:fd:97:58:98:36:14:2d:a9:35:1b:61:b8:ea:d6:83:e8:
9f:61:a0:e2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQItMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDMxNDAyWhcNMjYwMTA5MDMxNDAyWjAYMRYw
FAYDVQQDEw02NzdmM2VmZS0xMjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzBO3uJAdhEauNTSh+W3aWLbt5eaTKGwZd68MijE5sl5oJ5LnBw6B3QI9
I4d2DBNm/JuzJfrgs4u3vMOvK01o0wpYmr7tUkwZVkHIloK82qrQMj/VG4gG6Arv
StAGpLdhpMOgo2ISDLab5jNA7cBNnXe7xdyBIaAgHGt/xY+SC0nh8/pLmzb6r7PA
CcU8sGGgHJLx0hPXl84Lop9LHchhOdTrl+XffAQC3IObioahyD6oSTd+S69NlE4e
Cb56E5kUnrO1aMjRASyZpAILwSUsBrXKO85l9eMomwYPSdD0SjotJ/eDtoNotH3U
5NsX3u36wHa5Ie/HOX5ptnRzZ8ZGdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJE1
CcoOfqALMk/8+ubW3YxZOchJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOEFFRjVGQUNFMzcxMUVGOEFEOEZFN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcqMA0GCSqGSIb3DQEBCwUA
A4IBAQBVxYA+LjaC5TVuKiJ3gOYabfq/iHKMWqBZQt3F5Xumf4f5Ut4qc4xIVVgZ
WQFPexQz/YUz3V0PQEVvQ12AGn1n1lEpC1fvgz7rcOC24oV/2Stu5caNsePHrWDw
cWUq+Uj/aEmQ9rRQv0EmqxQS01z+TIhRFkHlVz1QvjM4rbQ4qm9IBjjD8x2/S/NJ
FOAS/KSprl8ZZWVW3pl02cB4z2NoufI0FxaicYCF58tv0Zfa4tAzpy75GUHN/kyi
/h8adtwWvfzGbTlLU6iI6zLR51Lylu0RVRwYlzHGxtBMJPu8SS4hcUXfh7LNGrhG
3P2XWJg2FC2pNRthuOrWg+ifYaDi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:48 2025 by rpki-client