Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D072EB00C97F11EFAF4B8E75762E951A.roa
File: D072EB00C97F11EFAF4B8E75762E951A.roa (raw, json)
Hash identifier: 8yEFfUJNzSs+7usCGSecvRVdu8ctBpIgTLUZGNlD5x4=
Subject key identifier: 7D:67:DD:96:76:94:9C:13:EB:A8:BB:98:0C:63:C9:70:2C:47:77:99
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F543
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D072EB00C97F11EFAF4B8E75762E951A.roa
Signing time: Fri 03 Jan 2025 03:07:07 +0000
ROA not before: Fri 03 Jan 2025 03:07:03 +0000
ROA not after: Sat 13 Dec 2025 03:07:03 +0000
asID: 984
IP address blocks: 156.229.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62787 (0xf543)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:07:03 2025 GMT
Not After : Dec 13 03:07:03 2025 GMT
Subject: CN=6777545b-563e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d4:24:7c:20:02:f8:95:29:75:11:35:34:6c:
7c:53:95:c2:5d:9d:b3:21:87:d4:d8:65:8d:1d:8c:
c4:8e:4e:56:bb:41:18:57:5f:dd:8e:10:dd:a2:c3:
e4:06:ed:89:c7:87:42:9a:1c:7a:07:a3:10:5d:46:
f6:98:37:ec:38:99:8f:10:6b:4f:68:3a:df:cf:04:
9f:c3:b3:d6:4c:54:a8:d0:ae:7e:1f:21:5e:33:22:
8b:8f:1d:d1:cb:3c:18:76:9d:25:82:ee:ba:33:38:
d2:b4:38:c2:f2:76:06:2c:92:a6:27:da:97:f9:d4:
5a:8f:f2:09:a2:32:c1:77:bd:56:dd:c4:7e:c0:e3:
5b:b6:5a:a7:9b:e1:d1:29:3b:98:98:9a:75:00:16:
7f:98:67:dd:4c:75:b8:27:5e:e2:2a:5e:2f:cf:04:
0e:3b:f6:80:1a:90:22:a6:f5:f9:4a:bb:12:48:43:
a0:8b:21:60:90:65:7b:56:c0:0e:4d:3e:5b:86:14:
80:b3:3a:0c:5b:57:c8:6a:a4:cb:e0:aa:b7:6e:36:
85:73:08:2d:3f:9a:08:a0:60:7c:47:b3:30:ff:da:
15:6d:75:9f:b6:c8:70:79:62:02:fb:c2:3d:02:d1:
88:47:a1:2c:bb:0c:a3:88:68:0e:34:b2:04:f5:d3:
5b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:67:DD:96:76:94:9C:13:EB:A8:BB:98:0C:63:C9:70:2C:47:77:99
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D072EB00C97F11EFAF4B8E75762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.240.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:f3:2d:cf:ce:e5:9f:21:22:10:09:9a:a3:15:60:f3:a3:ca:
b9:09:6b:6c:15:fe:96:50:00:8a:6a:e5:87:74:45:d7:ff:9b:
85:81:79:10:5b:4b:6c:39:aa:4e:05:74:14:1d:c8:6f:e8:4f:
37:8c:4d:5e:46:bc:d0:a0:53:f3:95:e8:7e:c0:e2:2a:02:80:
c6:de:9a:a6:a7:fa:d1:a1:d2:fc:93:8e:6a:fb:e4:15:f6:78:
20:d3:d8:0e:2b:b1:8f:ef:65:93:e4:bd:b6:45:72:e5:95:0b:
47:ad:d7:8b:e6:8a:ec:dc:68:ea:fa:da:40:23:46:b1:82:6b:
8a:da:75:9a:d0:a1:18:17:f0:0c:8d:78:25:09:d8:0b:01:80:
c7:6f:3e:3c:61:d6:14:fb:4d:26:3d:5f:de:b9:c7:ef:f3:45:
28:1c:40:ab:44:98:c6:8a:b7:67:e6:51:5d:90:e3:5d:3f:45:
0a:02:88:95:f8:ac:23:5c:e7:0c:f7:56:6d:b5:6e:74:c5:ac:
08:60:99:b6:35:93:1b:f0:b9:2d:e4:94:1f:41:5f:dd:84:31:
d6:e8:28:d4:e4:19:4e:8c:9d:ad:f1:2f:b0:62:8c:03:cb:54:
7f:5a:81:41:35:f0:59:6c:0b:77:02:ae:f4:9b:2c:70:3e:bf:
48:65:5a:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPVDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDMwNzAzWhcNMjUxMjEzMDMwNzAzWjAYMRYw
FAYDVQQDEw02Nzc3NTQ1Yi01NjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvdQkfCAC+JUpdRE1NGx8U5XCXZ2zIYfU2GWNHYzEjk5Wu0EYV1/djhDd
osPkBu2Jx4dCmhx6B6MQXUb2mDfsOJmPEGtPaDrfzwSfw7PWTFSo0K5+HyFeMyKL
jx3RyzwYdp0lgu66MzjStDjC8nYGLJKmJ9qX+dRaj/IJojLBd71W3cR+wONbtlqn
m+HRKTuYmJp1ABZ/mGfdTHW4J17iKl4vzwQOO/aAGpAipvX5SrsSSEOgiyFgkGV7
VsAOTT5bhhSAszoMW1fIaqTL4Kq3bjaFcwgtP5oIoGB8R7Mw/9oVbXWftshweWIC
+8I9AtGIR6EsuwyjiGgONLIE9dNbmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH1n
3ZZ2lJwT66i7mAxjyXAsR3eZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDcyRUIwMEM5N0YxMUVGQUY0QjhFNzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXwMA0GCSqGSIb3DQEBCwUA
A4IBAQB+8y3PzuWfISIQCZqjFWDzo8q5CWtsFf6WUACKauWHdEXX/5uFgXkQW0ts
OapOBXQUHchv6E83jE1eRrzQoFPzleh+wOIqAoDG3pqmp/rRodL8k45q++QV9ngg
09gOK7GP72WT5L22RXLllQtHrdeL5ors3Gjq+tpAI0axgmuK2nWa0KEYF/AMjXgl
CdgLAYDHbz48YdYU+00mPV/eucfv80UoHECrRJjGirdn5lFdkONdP0UKAoiV+Kwj
XOcM91ZttW50xawIYJm2NZMb8Lkt5JQfQV/dhDHW6CjU5BlOjJ2t8S+wYowDy1R/
WoFBNfBZbAt3Aq70myxwPr9IZVqC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:44 2025 by rpki-client