Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7D6BA9ACD2911EF951081AF762E951A.roa
File: D7D6BA9ACD2911EF951081AF762E951A.roa (raw, json)
Hash identifier: k2h9sobDFeaYwBGBjLSO08kkKeGuffUrArFsrUiDJX8=
Subject key identifier: 36:A1:0B:B4:2D:C3:60:91:72:53:C4:6D:23:BE:46:E1:B0:25:E0:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDB9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7D6BA9ACD2911EF951081AF762E951A.roa
Signing time: Tue 07 Jan 2025 19:01:47 +0000
ROA not before: Tue 07 Jan 2025 19:01:43 +0000
ROA not after: Sat 13 Dec 2025 19:01:43 +0000
asID: 984
IP address blocks: 156.241.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64953 (0xfdb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:01:43 2025 GMT
Not After : Dec 13 19:01:43 2025 GMT
Subject: CN=677d7a1b-dbd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:51:ee:fe:77:59:ba:85:69:f5:3e:74:01:f6:
5a:9b:6a:7b:1f:fc:b4:fc:a8:fe:ed:e8:a3:24:e0:
19:a3:5f:1e:03:a9:25:93:f4:3e:f3:96:23:ee:58:
63:0b:ce:70:77:8e:50:6a:93:44:38:fc:81:7a:e4:
22:4a:de:b2:33:86:c0:0f:c4:c6:e9:9d:39:b3:00:
d5:c0:74:64:03:67:3e:7b:d2:ef:c2:0d:aa:53:4f:
79:b1:74:2a:fe:cc:5f:3e:76:5b:d5:4d:d7:f6:a4:
d0:75:99:df:f0:24:80:14:e0:65:cd:5a:93:f4:85:
67:cd:b2:67:a5:40:17:e9:46:58:95:47:b8:86:cf:
bf:dc:3e:d4:60:81:bd:20:0b:e7:93:66:c4:db:8c:
ff:96:8e:cc:f8:c4:f0:88:5b:3f:db:98:d8:f6:df:
f1:66:87:f0:fd:8a:f1:c4:12:f9:c9:f5:7b:37:e0:
2a:8f:1a:12:09:b6:ba:fa:31:39:bb:6d:d3:bf:26:
40:34:f0:86:7c:6f:48:0c:ce:d7:09:4f:26:43:61:
e4:a1:17:ff:f8:b5:03:07:a9:29:49:53:d7:14:ec:
23:f0:15:37:23:4f:d9:bc:d4:70:34:eb:b8:2e:a6:
0e:7a:98:d6:20:4c:04:58:07:bd:b8:15:58:12:ac:
77:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A1:0B:B4:2D:C3:60:91:72:53:C4:6D:23:BE:46:E1:B0:25:E0:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D7D6BA9ACD2911EF951081AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.232.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:2d:8f:0c:c6:73:9c:56:4d:d6:52:91:1b:c3:b3:25:9b:1d:
0c:ff:47:e5:ae:02:b8:42:37:38:2d:08:46:bd:4c:29:e5:9e:
9b:29:94:a1:f9:63:c7:12:4d:41:b2:7d:56:97:cc:0d:6a:00:
e3:45:01:51:8c:a4:37:04:d8:1f:44:91:ff:a8:18:c3:0c:42:
f6:1c:3d:25:9b:23:13:c2:68:ee:87:54:70:05:0d:22:15:b3:
37:8c:b4:6c:1d:ee:56:b7:0c:16:6e:b1:11:8f:10:f6:c5:c0:
32:7e:0f:ac:68:d7:31:b3:3a:7a:14:d7:80:c6:cc:8c:11:d5:
21:e5:a5:30:8f:ee:28:2f:9a:a8:ef:45:42:9a:12:8d:10:c9:
82:c7:9d:63:76:e3:c7:37:90:63:32:d7:78:ac:0c:fc:34:18:
35:f1:ec:3a:7d:ba:e0:c0:d5:56:0b:1d:f8:97:08:1c:4f:b2:
75:18:2e:ef:d9:c0:1c:f0:6f:fb:6f:a0:1e:58:e9:ab:c2:03:
b0:66:34:a8:72:28:6d:94:41:2d:fa:56:f4:f0:d7:f1:95:f8:
30:47:25:29:52:b5:26:92:38:6d:4e:4a:72:3b:26:bc:f5:ae:
b5:c5:c7:e7:6e:fa:73:88:9f:65:4a:33:63:4e:b1:2f:d7:ce:
73:a0:17:65
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP25MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTkwMTQzWhcNMjUxMjEzMTkwMTQzWjAYMRYw
FAYDVQQDEw02NzdkN2ExYi1kYmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0FHu/ndZuoVp9T50AfZam2p7H/y0/Kj+7eijJOAZo18eA6klk/Q+85Yj
7lhjC85wd45QapNEOPyBeuQiSt6yM4bAD8TG6Z05swDVwHRkA2c+e9Lvwg2qU095
sXQq/sxfPnZb1U3X9qTQdZnf8CSAFOBlzVqT9IVnzbJnpUAX6UZYlUe4hs+/3D7U
YIG9IAvnk2bE24z/lo7M+MTwiFs/25jY9t/xZofw/YrxxBL5yfV7N+AqjxoSCba6
+jE5u23TvyZANPCGfG9IDM7XCU8mQ2HkoRf/+LUDB6kpSVPXFOwj8BU3I0/ZvNRw
NOu4LqYOepjWIEwEWAe9uBVYEqx3HQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDah
C7Qtw2CRclPEbSO+RuGwJeDuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EN0Q2QkE5QUNEMjkxMUVGOTUxMDgxQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHoMA0GCSqGSIb3DQEBCwUA
A4IBAQC7LY8MxnOcVk3WUpEbw7Mlmx0M/0flrgK4Qjc4LQhGvUwp5Z6bKZSh+WPH
Ek1Bsn1Wl8wNagDjRQFRjKQ3BNgfRJH/qBjDDEL2HD0lmyMTwmjuh1RwBQ0iFbM3
jLRsHe5WtwwWbrERjxD2xcAyfg+saNcxszp6FNeAxsyMEdUh5aUwj+4oL5qo70VC
mhKNEMmCx51jduPHN5BjMtd4rAz8NBg18ew6fbrgwNVWCx34lwgcT7J1GC7v2cAc
8G/7b6AeWOmrwgOwZjSocihtlEEt+lb08NfxlfgwRyUpUrUmkjhtTkpyOya89a61
xcfnbvpziJ9lSjNjTrEv185zoBdl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:55 2025 by rpki-client