Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D17A25AAC32A11EFBC1E04A0762E951A.roa
File: D17A25AAC32A11EFBC1E04A0762E951A.roa (raw, json)
Hash identifier: gB7mUz0vdDL7GzQIEi6rI/ZXnKLz8iTwQwKvkkDpsmU=
Subject key identifier: FE:9E:F3:BF:3E:10:FE:EF:11:97:0F:D5:EC:A5:6A:F8:FD:A6:2D:86
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAC3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D17A25AAC32A11EFBC1E04A0762E951A.roa
Signing time: Thu 26 Dec 2024 01:43:34 +0000
ROA not before: Thu 26 Dec 2024 01:43:30 +0000
ROA not after: Wed 10 Dec 2025 01:43:30 +0000
asID: 984
IP address blocks: 156.243.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60099 (0xeac3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:43:30 2024 GMT
Not After : Dec 10 01:43:30 2025 GMT
Subject: CN=676cb4c6-0f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:22:69:1d:94:8b:11:d7:4c:b7:c0:78:f8:88:
2b:f4:70:35:f4:c1:6d:39:53:96:7b:30:55:0c:93:
c7:31:02:db:67:f1:7e:60:2d:82:cc:a4:15:dc:59:
98:9e:96:37:f1:c6:c2:0c:db:6a:97:65:c7:1e:3a:
53:c9:a3:db:fb:5d:cc:66:e8:18:27:ca:46:44:90:
c1:52:b0:32:08:bd:1e:a3:3d:e1:cf:8d:d0:42:af:
c4:76:e2:33:ba:26:9b:ea:a9:7f:86:7d:90:1b:b1:
db:e8:b8:ed:21:40:05:b7:d2:29:0a:66:b6:58:5f:
c1:da:d1:d4:ea:72:b2:5d:b2:e1:0f:d5:a6:d0:fd:
6c:5f:e5:51:17:cd:27:50:6f:d0:cb:ed:5f:b0:52:
9e:0d:7a:ce:3b:58:90:a8:e1:b2:34:63:55:cc:f9:
25:a6:b6:b2:81:26:6a:4d:8e:25:ba:3f:03:83:84:
c0:ba:c8:d4:b9:74:d0:91:3f:a6:e5:20:92:a8:dc:
27:8d:0f:28:3d:69:23:39:be:d3:ff:d0:72:f9:dc:
3e:a4:98:96:55:7c:e5:4d:2c:30:ee:b3:ba:f2:5c:
98:ce:b1:54:ef:95:72:8e:9d:82:60:f0:40:3e:0c:
07:1a:0e:1e:e9:a4:40:19:5b:74:a1:fd:6e:11:c5:
43:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9E:F3:BF:3E:10:FE:EF:11:97:0F:D5:EC:A5:6A:F8:FD:A6:2D:86
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D17A25AAC32A11EFBC1E04A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.194.0/24
Signature Algorithm: sha256WithRSAEncryption
02:18:24:b1:d3:40:c0:06:73:a1:2f:20:9e:ab:13:4f:63:2c:
ab:d3:72:8a:eb:eb:79:fb:d1:37:d7:5d:93:15:ed:db:25:b3:
83:0a:7e:69:74:21:d3:20:b2:ac:63:2b:db:8b:57:24:fb:dc:
a9:9c:e5:b7:50:90:37:e0:a9:b2:f9:b3:a4:c9:2c:35:33:ba:
af:53:88:7c:89:d2:3e:48:0a:bb:d8:1d:aa:29:ce:37:3a:2f:
4d:ef:3d:8f:8b:d4:3d:27:dc:7e:98:06:62:61:df:5a:64:7d:
fa:ba:18:f3:80:cc:b9:5f:27:47:07:e7:59:a8:03:eb:84:20:
34:18:47:48:72:7c:81:cd:9b:2f:12:55:59:15:91:7b:90:f7:
ad:e9:9f:fb:2a:25:1c:80:dd:cb:7f:5b:d8:27:a0:14:62:d4:
6c:27:36:fa:f5:1d:d0:9c:c8:a5:a3:1c:5b:a9:18:c9:e4:7b:
8e:5f:ff:bf:4e:c6:83:40:4a:28:66:bf:c7:3a:c8:9f:bf:83:
03:02:c4:05:b8:78:0d:56:6d:47:59:de:61:90:a7:b0:cd:d3:
25:fb:07:c0:11:8a:5e:ad:ee:41:2c:2d:80:36:45:c7:d9:45:
c4:77:22:02:8e:f8:01:ad:5e:d7:10:13:fc:e4:08:1d:3e:a1:
39:9a:a3:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDE0MzMwWhcNMjUxMjEwMDE0MzMwWjAYMRYw
FAYDVQQDEw02NzZjYjRjNi0wZjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0CJpHZSLEddMt8B4+Igr9HA19MFtOVOWezBVDJPHMQLbZ/F+YC2CzKQV
3FmYnpY38cbCDNtql2XHHjpTyaPb+13MZugYJ8pGRJDBUrAyCL0eoz3hz43QQq/E
duIzuiab6ql/hn2QG7Hb6LjtIUAFt9IpCma2WF/B2tHU6nKyXbLhD9Wm0P1sX+VR
F80nUG/Qy+1fsFKeDXrOO1iQqOGyNGNVzPklpraygSZqTY4luj8Dg4TAusjUuXTQ
kT+m5SCSqNwnjQ8oPWkjOb7T/9By+dw+pJiWVXzlTSww7rO68lyYzrFU75Vyjp2C
YPBAPgwHGg4e6aRAGVt0of1uEcVDbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP6e
878+EP7vEZcP1eylavj9pi2GMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMTdBMjVBQUMzMkExMUVGQkMxRTA0QTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPCMA0GCSqGSIb3DQEBCwUA
A4IBAQACGCSx00DABnOhLyCeqxNPYyyr03KK6+t5+9E3112TFe3bJbODCn5pdCHT
ILKsYyvbi1ck+9ypnOW3UJA34Kmy+bOkySw1M7qvU4h8idI+SAq72B2qKc43Oi9N
7z2Pi9Q9J9x+mAZiYd9aZH36uhjzgMy5XydHB+dZqAPrhCA0GEdIcnyBzZsvElVZ
FZF7kPet6Z/7KiUcgN3Lf1vYJ6AUYtRsJzb69R3QnMiloxxbqRjJ5HuOX/+/TsaD
QEooZr/HOsifv4MDAsQFuHgNVm1HWd5hkKewzdMl+wfAEYpere5BLC2ANkXH2UXE
dyICjvgBrV7XEBP85AgdPqE5mqOI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:43 2025 by rpki-client