Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC5CDBF2C95B11EF8AC2487F762E951A.roa
File: DC5CDBF2C95B11EF8AC2487F762E951A.roa (raw, json)
Hash identifier: Sq+MNK5zYr40S/2zad23TODyLWuMmOcnN/aaH2LrlPU=
Subject key identifier: 38:19:DC:FC:95:E3:C2:AE:D1:48:D7:B4:2E:B2:91:C3:19:72:42:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F42E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC5CDBF2C95B11EF8AC2487F762E951A.roa
Signing time: Thu 02 Jan 2025 22:49:45 +0000
ROA not before: Thu 02 Jan 2025 22:49:41 +0000
ROA not after: Sat 13 Dec 2025 22:49:41 +0000
asID: 984
IP address blocks: 156.226.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62510 (0xf42e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:49:41 2025 GMT
Not After : Dec 13 22:49:41 2025 GMT
Subject: CN=67771809-9e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cf:bb:cf:81:2a:8d:7e:11:19:80:68:38:1a:
7e:42:3c:6b:46:ad:aa:7e:ee:7f:df:ba:3c:5d:f7:
15:48:56:53:3b:98:9c:52:4b:f0:f8:f5:2d:4b:ca:
1d:e8:8e:9d:dd:3e:d1:37:19:86:f7:c0:29:3f:46:
0b:a3:67:31:3c:ec:d4:8a:0c:4f:ee:6d:03:eb:72:
e1:69:f6:97:ab:b8:fc:bc:b0:49:af:49:4d:45:49:
d3:63:48:26:fc:47:22:ab:79:ea:fe:46:64:b8:3d:
9e:98:ea:c1:e8:6c:4a:1d:d6:30:cc:7e:4a:be:97:
57:55:8f:3e:73:f9:b3:e0:92:dd:5e:27:25:c4:22:
9c:a9:39:87:c1:6f:32:d3:29:90:d9:8f:4d:98:e8:
0d:9a:59:69:ed:dc:27:53:15:8c:2d:de:de:5e:85:
6e:4d:97:2d:a0:0f:ae:cc:f4:b6:3b:0e:b7:65:12:
63:93:36:88:76:62:0a:b7:56:dc:05:db:d5:ed:d3:
27:39:b4:cb:4a:e3:0f:7c:1b:4b:c9:f3:b2:b5:be:
39:34:9e:01:b2:42:43:33:0d:63:96:26:6a:5d:bf:
99:51:19:6c:55:da:18:35:ca:77:e5:77:3c:cc:0c:
de:30:71:14:30:5b:32:ff:1a:17:1a:5e:3a:56:e1:
da:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:19:DC:FC:95:E3:C2:AE:D1:48:D7:B4:2E:B2:91:C3:19:72:42:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC5CDBF2C95B11EF8AC2487F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.200.0/24
Signature Algorithm: sha256WithRSAEncryption
01:58:43:7d:0b:57:70:6d:c7:40:c9:e4:c0:23:df:dd:2c:3d:
c7:17:da:3b:b3:e1:ff:1c:d6:a8:2d:d7:7a:77:55:4d:a1:4a:
09:8d:0b:20:45:d8:15:f1:41:47:52:d3:cc:46:1f:fb:01:42:
b5:db:9f:9e:24:82:37:6d:74:ce:18:84:e2:f7:1d:8a:08:b5:
a9:f0:57:e7:29:1a:40:f0:b7:e5:5e:ac:c6:41:15:79:74:0d:
11:09:34:ab:04:9f:24:30:22:07:ac:bc:1c:19:00:d8:ff:6a:
47:51:be:83:98:cc:50:45:7d:c3:1c:4a:04:09:eb:1f:cb:1e:
55:03:a7:1a:f0:a4:69:de:a5:f3:f4:51:a9:1c:0d:2a:55:f8:
93:67:41:c5:22:30:34:ee:69:ea:b5:a5:d8:d7:d5:8f:b4:dd:
2b:b8:76:76:0e:fb:12:ef:0c:26:c5:7f:31:51:32:d1:55:b7:
85:ce:56:af:a0:90:27:1b:e3:db:eb:fd:d9:e7:e7:a8:4c:7d:
b9:5d:d8:7b:d0:ef:e1:0a:ca:31:6b:ff:c7:30:d4:17:48:2b:
f1:05:e9:b6:47:35:f5:6e:84:6d:80:3e:e0:54:01:ad:52:8d:
74:c5:66:7b:50:7c:a8:d4:55:09:4d:e0:b6:34:36:eb:de:1a:
b2:2f:1f:c8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPQuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjI0OTQxWhcNMjUxMjEzMjI0OTQxWjAYMRYw
FAYDVQQDEw02Nzc3MTgwOS05ZTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3c+7z4EqjX4RGYBoOBp+QjxrRq2qfu5/37o8XfcVSFZTO5icUkvw+PUt
S8od6I6d3T7RNxmG98ApP0YLo2cxPOzUigxP7m0D63LhafaXq7j8vLBJr0lNRUnT
Y0gm/Eciq3nq/kZkuD2emOrB6GxKHdYwzH5KvpdXVY8+c/mz4JLdXiclxCKcqTmH
wW8y0ymQ2Y9NmOgNmllp7dwnUxWMLd7eXoVuTZctoA+uzPS2Ow63ZRJjkzaIdmIK
t1bcBdvV7dMnObTLSuMPfBtLyfOytb45NJ4BskJDMw1jliZqXb+ZURlsVdoYNcp3
5Xc8zAzeMHEUMFsy/xoXGl46VuHaQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDgZ
3PyV48Ku0UjXtC6ykcMZckJ4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQzVDREJGMkM5NUIxMUVGOEFDMjQ4N0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLIMA0GCSqGSIb3DQEBCwUA
A4IBAQABWEN9C1dwbcdAyeTAI9/dLD3HF9o7s+H/HNaoLdd6d1VNoUoJjQsgRdgV
8UFHUtPMRh/7AUK125+eJII3bXTOGITi9x2KCLWp8FfnKRpA8LflXqzGQRV5dA0R
CTSrBJ8kMCIHrLwcGQDY/2pHUb6DmMxQRX3DHEoECesfyx5VA6ca8KRp3qXz9FGp
HA0qVfiTZ0HFIjA07mnqtaXY19WPtN0ruHZ2DvsS7wwmxX8xUTLRVbeFzlavoJAn
G+Pb6/3Z5+eoTH25Xdh70O/hCsoxa//HMNQXSCvxBem2RzX1boRtgD7gVAGtUo10
xWZ7UHyo1FUJTeC2NDbr3hqyLx/I
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:26 2025 by rpki-client