Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5A328AED31811EF8CCE5E67762E951A.roa
File: D5A328AED31811EF8CCE5E67762E951A.roa (raw, json)
Hash identifier: GCBel9gDe312d+z2kuRhLy+90J0z022Ey8LQXhQL3zM=
Subject key identifier: 12:2E:3F:3B:AD:9F:B4:08:0B:BF:C0:3E:90:F4:42:3C:22:4D:3F:08
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01087F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5A328AED31811EF8CCE5E67762E951A.roa
Signing time: Wed 15 Jan 2025 08:15:09 +0000
ROA not before: Wed 15 Jan 2025 08:15:05 +0000
ROA not after: Sat 03 Jan 2026 08:15:05 +0000
asID: 984
IP address blocks: 156.254.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67711 (0x1087f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 08:15:05 2025 GMT
Not After : Jan 3 08:15:05 2026 GMT
Subject: CN=67876e8d-fff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:23:a2:39:bd:ef:af:37:2a:45:0b:41:a3:1b:
70:97:a2:b6:3b:4c:a6:ed:b4:71:4a:53:24:ba:4b:
6f:62:0d:e4:ef:aa:cd:01:be:a4:11:a4:0c:3f:ab:
f7:03:af:a5:cb:40:d3:00:8b:5d:6f:e2:14:49:40:
63:0d:15:bf:c1:73:e8:be:ff:d4:9c:0f:af:46:49:
58:c4:6b:96:7d:9f:87:34:d6:d7:69:2a:30:aa:88:
57:5e:ec:45:75:31:8d:d6:ad:d6:ac:0b:d1:ed:e5:
ae:80:ef:dd:db:80:ab:a5:87:ae:74:f7:b5:03:f8:
d5:f6:79:4e:99:d2:3a:50:f9:55:80:5d:28:34:fe:
1c:8c:d7:10:84:55:07:4f:88:ce:59:55:d8:b2:2b:
98:73:4a:42:1b:7e:76:7f:ce:6b:3c:64:41:50:09:
62:3c:a3:de:bb:97:a2:d5:f0:76:7d:cf:dc:78:22:
31:36:4e:1d:2d:85:9c:2e:4c:5b:b5:cb:a5:92:31:
f2:0c:3e:8b:8e:0c:eb:8b:de:42:26:36:e4:3a:b9:
ec:71:b6:28:a0:03:86:dc:c8:43:f6:f6:73:41:bd:
c1:b1:34:00:8a:26:d4:60:34:64:8f:66:42:08:0d:
b9:9c:a2:de:ca:29:95:da:27:2b:4f:8f:4f:32:58:
31:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:2E:3F:3B:AD:9F:B4:08:0B:BF:C0:3E:90:F4:42:3C:22:4D:3F:08
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5A328AED31811EF8CCE5E67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.85.0/24
Signature Algorithm: sha256WithRSAEncryption
08:83:09:81:ae:7b:df:0a:e8:4c:a1:f0:07:bc:a8:c9:7b:28:
e5:da:ed:2a:6b:e8:6a:1d:d4:06:46:32:09:a8:fe:a9:6a:54:
f9:ef:43:84:13:28:7d:ff:61:29:4c:3f:42:a2:b8:05:13:55:
d7:f4:19:36:e0:5e:fc:71:9b:f7:41:34:31:43:5c:9b:ab:fa:
bd:5a:5b:49:b1:68:ec:3f:a8:ba:81:9f:57:92:a0:12:8f:df:
b2:03:90:08:82:e6:d0:a7:48:39:2d:b4:4d:61:9f:8e:94:f7:
d1:cb:ac:0b:b1:4a:e8:58:3c:ae:ca:67:12:4b:11:f1:3d:e1:
03:0e:a0:99:69:6b:3a:07:cd:7c:27:5a:fb:55:8a:08:00:31:
71:31:55:53:7e:37:5e:45:72:79:d3:62:c5:48:4e:46:c6:8a:
78:f8:d7:a7:61:29:4e:c4:4c:80:04:53:f9:20:f5:a0:5b:1b:
f2:13:20:4d:db:19:da:57:68:ca:8d:18:6c:0a:c0:a4:f7:04:
5f:f3:da:76:49:24:f6:ce:1b:4c:fd:89:cf:66:f3:0e:db:c1:
0e:5b:37:99:1b:73:2e:92:e8:db:da:80:6f:ec:a3:ec:3d:f2:
22:11:9e:29:63:dc:a0:0e:28:b3:84:51:ed:8d:9c:e3:30:17:
7c:fd:e2:4d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQh/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDgxNTA1WhcNMjYwMTAzMDgxNTA1WjAYMRYw
FAYDVQQDEw02Nzg3NmU4ZC1mZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArCOiOb3vrzcqRQtBoxtwl6K2O0ym7bRxSlMkuktvYg3k76rNAb6kEaQM
P6v3A6+ly0DTAItdb+IUSUBjDRW/wXPovv/UnA+vRklYxGuWfZ+HNNbXaSowqohX
XuxFdTGN1q3WrAvR7eWugO/d24CrpYeudPe1A/jV9nlOmdI6UPlVgF0oNP4cjNcQ
hFUHT4jOWVXYsiuYc0pCG352f85rPGRBUAliPKPeu5ei1fB2fc/ceCIxNk4dLYWc
LkxbtculkjHyDD6Ljgzri95CJjbkOrnscbYooAOG3MhD9vZzQb3BsTQAiibUYDRk
j2ZCCA25nKLeyimV2icrT49PMlgxdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBIu
Pzutn7QIC7/APpD0QjwiTT8IMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENUEzMjhBRUQzMTgxMUVGOENDRTVFNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5VMA0GCSqGSIb3DQEBCwUA
A4IBAQAIgwmBrnvfCuhMofAHvKjJeyjl2u0qa+hqHdQGRjIJqP6palT570OEEyh9
/2EpTD9CorgFE1XX9Bk24F78cZv3QTQxQ1ybq/q9WltJsWjsP6i6gZ9XkqASj9+y
A5AIgubQp0g5LbRNYZ+OlPfRy6wLsUroWDyuymcSSxHxPeEDDqCZaWs6B818J1r7
VYoIADFxMVVTfjdeRXJ502LFSE5Gxop4+NenYSlOxEyABFP5IPWgWxvyEyBN2xna
V2jKjRhsCsCk9wRf89p2SST2zhtM/YnPZvMO28EOWzeZG3Mukujb2oBv7KPsPfIi
EZ4pY9ygDiizhFHtjZzjMBd8/eJN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:13 2025 by rpki-client