Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D10BE1C8CD3C11EFB0D04DA8762E951A.roa
File: D10BE1C8CD3C11EFB0D04DA8762E951A.roa (raw, json)
Hash identifier: lV4MC1v7gcJTrIavks/CwNMp4y+U95GY553X90i9Q7A=
Subject key identifier: 45:4A:7C:D3:8D:5C:9E:F1:EC:DA:5B:3A:F0:0A:2D:D1:48:F8:59:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE4F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D10BE1C8CD3C11EFB0D04DA8762E951A.roa
Signing time: Tue 07 Jan 2025 21:17:36 +0000
ROA not before: Tue 07 Jan 2025 21:17:32 +0000
ROA not after: Sat 13 Dec 2025 21:17:32 +0000
asID: 984
IP address blocks: 156.243.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65103 (0xfe4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:17:32 2025 GMT
Not After : Dec 13 21:17:32 2025 GMT
Subject: CN=677d99f0-1361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f2:a2:a4:cf:0b:2a:5d:88:ae:99:32:6c:6a:
47:15:c1:c4:20:47:d2:70:0a:96:5d:79:1f:7d:a9:
c9:ff:ea:79:83:81:84:93:6f:7a:d7:24:71:40:1e:
d2:73:7f:f8:84:44:df:58:8c:73:9d:9e:f3:22:6b:
31:7e:dd:f8:89:9e:cf:e6:bf:44:4f:e2:a0:a3:f0:
40:de:32:b7:b4:6e:a0:d1:5a:cc:c0:97:9c:92:26:
c9:88:4b:f4:52:06:66:b2:3e:ab:63:bb:7d:1a:cc:
36:05:fb:82:97:f6:95:e7:46:68:c1:82:5b:79:d7:
66:1a:18:96:27:7a:18:53:97:1d:25:3a:f6:d7:b2:
3a:8c:5f:e4:b8:0f:79:c8:92:e4:f0:9e:8b:ed:33:
96:0d:87:a0:4a:82:c6:6b:8c:2c:5f:67:1b:30:6f:
84:d6:bd:5e:65:bd:6e:94:73:ff:51:8d:48:f0:07:
af:31:8f:52:31:ed:13:18:bc:ec:e9:9a:d2:ad:d2:
89:b5:ad:92:c0:f9:2c:6e:b7:f2:c9:9f:6c:8c:f3:
1d:f6:8a:c7:96:e7:b7:3c:5e:f4:c1:a5:b6:8b:5b:
6b:6e:1d:fd:21:4f:7f:f1:9b:0e:b9:0a:5f:93:2c:
92:5f:69:9b:37:db:17:64:79:a7:be:cf:d4:ec:29:
4d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4A:7C:D3:8D:5C:9E:F1:EC:DA:5B:3A:F0:0A:2D:D1:48:F8:59:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D10BE1C8CD3C11EFB0D04DA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.80.0/24
Signature Algorithm: sha256WithRSAEncryption
36:2c:d1:3f:1b:30:1b:ca:6d:62:31:e3:51:6e:00:45:29:60:
a2:8b:6f:3a:ba:a7:25:4b:af:d2:08:e4:f2:b4:61:80:b5:33:
49:bb:2c:e9:51:54:00:a6:e9:5d:45:08:0b:e3:cf:c8:ae:8c:
a9:de:67:87:cd:ff:19:86:c8:11:a7:05:22:45:3a:01:ba:56:
11:b6:8c:4c:3b:75:6c:39:b3:60:04:c4:5e:96:79:9a:6a:24:
a3:9c:95:cd:97:a3:cb:eb:95:2c:4f:47:15:bd:28:50:79:b9:
dc:c1:29:dd:61:81:de:b2:9c:45:51:19:b2:88:a7:ec:ca:7d:
7c:ec:98:f5:cd:f6:b4:0c:1e:34:02:80:66:af:82:7c:ba:42:
01:b4:8d:d9:1e:af:e5:dc:b3:8e:e5:e6:af:09:18:e2:2a:32:
38:0a:c0:1b:61:5f:4c:fd:c3:43:07:28:f0:ae:5f:e9:ae:0a:
03:04:a5:45:46:ed:3d:ea:9a:82:9a:d7:f0:11:d8:8c:6a:b4:
eb:8e:94:f9:63:87:2e:b9:da:72:04:12:c8:2a:73:7f:79:26:
ba:da:5a:94:87:90:ed:75:2b:ef:94:c2:bf:a0:c7:b8:45:9a:
74:8b:cb:d2:7b:b5:a8:58:20:99:a3:6a:93:89:19:eb:f2:2e:
98:dd:1a:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP5PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjExNzMyWhcNMjUxMjEzMjExNzMyWjAYMRYw
FAYDVQQDEw02NzdkOTlmMC0xMzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqvKipM8LKl2IrpkybGpHFcHEIEfScAqWXXkffanJ/+p5g4GEk2961yRx
QB7Sc3/4hETfWIxznZ7zImsxft34iZ7P5r9ET+Kgo/BA3jK3tG6g0VrMwJeckibJ
iEv0UgZmsj6rY7t9Gsw2BfuCl/aV50ZowYJbeddmGhiWJ3oYU5cdJTr217I6jF/k
uA95yJLk8J6L7TOWDYegSoLGa4wsX2cbMG+E1r1eZb1ulHP/UY1I8AevMY9SMe0T
GLzs6ZrSrdKJta2SwPksbrfyyZ9sjPMd9orHlue3PF70waW2i1trbh39IU9/8ZsO
uQpfkyySX2mbN9sXZHmnvs/U7ClNAQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEVK
fNONXJ7x7NpbOvAKLdFI+FnyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMTBCRTFDOENEM0MxMUVGQjBEMDREQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNQMA0GCSqGSIb3DQEBCwUA
A4IBAQA2LNE/GzAbym1iMeNRbgBFKWCii286uqclS6/SCOTytGGAtTNJuyzpUVQA
puldRQgL48/Iroyp3meHzf8ZhsgRpwUiRToBulYRtoxMO3VsObNgBMRelnmaaiSj
nJXNl6PL65UsT0cVvShQebncwSndYYHespxFURmyiKfsyn187Jj1zfa0DB40AoBm
r4J8ukIBtI3ZHq/l3LOO5eavCRjiKjI4CsAbYV9M/cNDByjwrl/prgoDBKVFRu09
6pqCmtfwEdiMarTrjpT5Y4cuudpyBBLIKnN/eSa62lqUh5DtdSvvlMK/oMe4RZp0
i8vSe7WoWCCZo2qTiRnr8i6Y3Ros
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:05 2025 by rpki-client