Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DCF020ECCD3E11EFA23A43B3762E951A.roa
File: DCF020ECCD3E11EFA23A43B3762E951A.roa (raw, json)
Hash identifier: TNofnIjw5JzrYV9pCzmscSQpheaCskBqQVmGAYIKcfs=
Subject key identifier: FD:F3:CE:B4:9A:76:39:DA:19:15:73:BB:2A:B6:45:27:F2:2E:41:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE5F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DCF020ECCD3E11EFA23A43B3762E951A.roa
Signing time: Tue 07 Jan 2025 21:32:15 +0000
ROA not before: Tue 07 Jan 2025 21:32:11 +0000
ROA not after: Sat 13 Dec 2025 21:32:11 +0000
asID: 984
IP address blocks: 156.243.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65119 (0xfe5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:32:11 2025 GMT
Not After : Dec 13 21:32:11 2025 GMT
Subject: CN=677d9d5f-c9d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c5:e2:c7:72:0b:0f:93:0a:33:c4:f5:c7:f0:
72:c8:8b:bf:0e:96:c0:13:28:1f:29:17:e5:00:36:
ae:b0:d1:39:68:1b:47:34:88:6d:f1:3e:23:89:89:
b4:c4:a5:d3:0c:e6:23:85:65:6b:90:7a:41:54:1e:
ad:23:55:36:cf:5a:60:72:8d:97:01:a6:18:a3:bf:
d5:1c:e8:cc:fd:9c:18:ff:fe:95:5a:a3:b2:13:da:
56:90:3d:b2:43:b9:42:3e:78:63:c9:c3:a7:25:9f:
04:11:5d:73:fc:e4:84:20:26:ba:c5:66:3e:55:e6:
50:f3:df:bb:d3:64:7f:b1:a9:13:97:01:bb:76:a5:
90:e6:6c:5e:ea:00:4e:63:b9:60:69:d8:13:df:aa:
8f:dd:60:44:21:51:33:20:9a:d0:36:13:fe:55:99:
d2:4c:3a:f0:9c:5b:55:7b:ca:2d:b8:5c:8c:96:ca:
de:13:56:9e:62:91:99:5a:88:cb:27:47:6a:ea:8d:
67:19:1d:65:b8:e3:63:1b:76:36:14:e5:b0:bb:1a:
8c:52:6a:d5:ab:29:42:5d:03:52:78:39:ab:6c:0f:
5a:90:40:30:6e:6e:d2:8b:ce:92:eb:db:ec:0a:64:
30:ba:82:8c:56:9b:d7:5c:d0:d8:d1:4f:fd:29:29:
5e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F3:CE:B4:9A:76:39:DA:19:15:73:BB:2A:B6:45:27:F2:2E:41:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DCF020ECCD3E11EFA23A43B3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.88.0/24
Signature Algorithm: sha256WithRSAEncryption
02:f1:c4:07:9b:fe:cc:8a:31:84:d9:b7:25:34:2d:48:6a:37:
13:52:d4:10:33:e0:3f:cc:8b:3a:15:5a:d2:92:3b:d6:31:d0:
e6:10:3d:46:54:46:fd:cd:fd:47:32:0f:dd:54:7b:9a:80:ac:
d3:d9:37:75:ae:49:03:22:34:0b:8a:1f:32:33:80:5b:24:97:
2d:d3:f7:97:6f:06:ae:82:98:43:76:07:ab:57:d4:0f:c1:22:
32:5e:67:f4:15:59:79:c7:66:a4:ce:75:7f:98:30:9f:a1:65:
4b:c4:4c:93:7a:32:55:bf:5f:51:fb:85:6a:cc:b7:4d:42:11:
c1:6a:cf:e7:8a:f6:d1:0a:57:58:0b:ce:4b:66:77:d3:65:8c:
3b:28:00:92:ae:0b:07:e4:19:ad:aa:2a:db:e4:56:8d:47:00:
e8:dc:0e:14:db:a0:a0:41:f4:a5:1e:ed:8b:82:2b:d8:de:9a:
94:0f:e8:54:b4:df:36:7f:30:83:04:ec:48:48:8c:28:70:3b:
65:d5:6e:05:01:89:80:1a:69:ed:c8:5d:a0:6b:db:39:6f:32:
30:b6:9f:f5:e5:35:ab:74:9d:76:2b:7d:9f:34:0f:0d:b1:72:
1f:8f:63:ef:08:ef:be:48:33:b6:b0:95:6c:d8:1b:db:40:3e:
a9:9e:a9:ee
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP5fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjEzMjExWhcNMjUxMjEzMjEzMjExWjAYMRYw
FAYDVQQDEw02NzdkOWQ1Zi1jOWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2MXix3ILD5MKM8T1x/ByyIu/DpbAEygfKRflADausNE5aBtHNIht8T4j
iYm0xKXTDOYjhWVrkHpBVB6tI1U2z1pgco2XAaYYo7/VHOjM/ZwY//6VWqOyE9pW
kD2yQ7lCPnhjycOnJZ8EEV1z/OSEICa6xWY+VeZQ89+702R/sakTlwG7dqWQ5mxe
6gBOY7lgadgT36qP3WBEIVEzIJrQNhP+VZnSTDrwnFtVe8otuFyMlsreE1aeYpGZ
WojLJ0dq6o1nGR1luONjG3Y2FOWwuxqMUmrVqylCXQNSeDmrbA9akEAwbm7Si86S
69vsCmQwuoKMVpvXXNDY0U/9KSleTQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP3z
zrSadjnaGRVzuyq2RSfyLkEaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQ0YwMjBFQ0NEM0UxMUVGQTIzQTQzQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNYMA0GCSqGSIb3DQEBCwUA
A4IBAQAC8cQHm/7MijGE2bclNC1IajcTUtQQM+A/zIs6FVrSkjvWMdDmED1GVEb9
zf1HMg/dVHuagKzT2Td1rkkDIjQLih8yM4BbJJct0/eXbwaugphDdgerV9QPwSIy
Xmf0FVl5x2akznV/mDCfoWVLxEyTejJVv19R+4VqzLdNQhHBas/nivbRCldYC85L
ZnfTZYw7KACSrgsH5Bmtqirb5FaNRwDo3A4U26CgQfSlHu2LgivY3pqUD+hUtN82
fzCDBOxISIwocDtl1W4FAYmAGmntyF2ga9s5bzIwtp/15TWrdJ12K32fNA8NsXIf
j2PvCO++SDO2sJVs2BvbQD6pnqnu
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:32 2025 by rpki-client