Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E0E49C0ED2EE11EFAF4ABE5C762E951A.roa
File: E0E49C0ED2EE11EFAF4ABE5C762E951A.roa (raw, json)
Hash identifier: 5IWW0a+7RxV3giwf9sApIZk7SdvsHyZ92y86ZcBiFV8=
Subject key identifier: 23:F7:45:5C:B6:1F:57:70:6B:D4:21:63:B9:5F:B4:FB:92:51:99:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010771
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E0E49C0ED2EE11EFAF4ABE5C762E951A.roa
Signing time: Wed 15 Jan 2025 03:14:49 +0000
ROA not before: Wed 15 Jan 2025 03:14:45 +0000
ROA not after: Sat 03 Jan 2026 03:14:45 +0000
asID: 984
IP address blocks: 156.236.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67441 (0x10771)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 03:14:45 2025 GMT
Not After : Jan 3 03:14:45 2026 GMT
Subject: CN=67872829-9168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ab:0a:ed:b8:33:90:85:e5:a8:72:b7:13:ae:
c9:c5:0b:3a:93:de:88:82:d8:93:f2:a3:8c:de:15:
ab:f1:77:29:aa:ce:dc:43:5d:a7:88:21:46:c9:bd:
6e:dc:f9:04:86:c2:16:a9:97:0a:97:5e:49:1d:9b:
ac:c3:ec:1c:94:ba:69:ea:de:12:9e:e9:e6:05:28:
87:cd:8c:2e:b1:d1:db:90:71:33:2a:d7:fe:56:a5:
5a:6b:99:5a:35:a7:cc:2f:9e:a6:be:70:03:45:78:
19:6e:56:6d:f0:3e:4f:c3:44:36:2c:25:57:5a:0f:
51:7b:0e:0e:0a:a5:b6:9c:31:3e:cb:d2:48:ba:8b:
a8:0d:c8:ed:4b:5c:c4:aa:e6:fa:ca:a0:b7:a2:95:
c9:14:43:01:1a:95:10:c9:b0:cb:83:44:7c:50:17:
2a:1a:90:0d:8a:23:c2:d3:49:7c:a0:57:6f:66:13:
1a:da:de:7e:72:d5:7d:92:21:3f:31:28:c1:ca:a5:
0f:3e:f3:7e:cf:75:32:41:93:51:23:2a:08:e6:23:
1d:b2:b6:95:37:8e:9d:cc:c0:5d:03:d7:6e:00:eb:
da:1d:aa:a6:fe:6b:c8:e1:89:d7:0e:6c:be:61:83:
f9:e5:8c:ba:31:2a:5d:65:66:dc:2c:04:c9:f0:91:
64:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F7:45:5C:B6:1F:57:70:6B:D4:21:63:B9:5F:B4:FB:92:51:99:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E0E49C0ED2EE11EFAF4ABE5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.121.0/24
Signature Algorithm: sha256WithRSAEncryption
38:0d:fd:97:6d:82:46:8a:42:87:b5:9f:dd:22:05:9a:18:ef:
c4:65:95:35:7f:86:e5:03:f0:6c:ec:df:3f:14:da:58:cf:72:
16:e1:e1:3b:87:b2:b5:e0:f8:9e:bf:ac:85:d3:8b:11:65:82:
85:40:48:d2:9e:c4:ed:68:37:84:07:84:8d:ad:ff:f3:45:75:
c3:d3:88:52:84:ee:16:17:ea:61:98:2c:9e:6c:37:17:13:27:
d5:cd:2c:15:58:bd:2f:38:e1:e7:37:47:63:b6:c5:bb:bb:75:
b4:0f:04:e2:0c:b9:60:43:5b:fd:00:b7:8e:98:11:3f:29:cf:
b0:c6:00:05:8a:9b:b5:e9:dd:27:3e:80:0a:99:ce:51:a3:3a:
60:37:45:ef:78:5b:fd:84:38:a0:90:50:77:59:04:7d:da:3d:
5d:5f:69:ce:c7:f6:6f:5f:d0:c4:c3:8a:fe:6a:9e:b9:8b:9c:
3b:2e:8c:fb:1d:0b:07:10:aa:5f:9b:a8:38:67:92:10:a9:44:
5b:ed:9d:29:d0:85:82:41:86:53:25:23:c8:89:36:6d:d5:e3:
4a:6f:f4:47:24:7e:2d:4a:92:61:2a:ab:df:22:4e:00:af:fa:
87:af:b6:1a:ed:a6:3d:b8:72:c3:42:ab:46:55:44:b1:39:20:
b1:f3:9c:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQdxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDMxNDQ1WhcNMjYwMTAzMDMxNDQ1WjAYMRYw
FAYDVQQDEw02Nzg3MjgyOS05MTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2KsK7bgzkIXlqHK3E67JxQs6k96IgtiT8qOM3hWr8Xcpqs7cQ12niCFG
yb1u3PkEhsIWqZcKl15JHZusw+wclLpp6t4SnunmBSiHzYwusdHbkHEzKtf+VqVa
a5laNafML56mvnADRXgZblZt8D5Pw0Q2LCVXWg9Rew4OCqW2nDE+y9JIuouoDcjt
S1zEqub6yqC3opXJFEMBGpUQybDLg0R8UBcqGpANiiPC00l8oFdvZhMa2t5+ctV9
kiE/MSjByqUPPvN+z3UyQZNRIyoI5iMdsraVN46dzMBdA9duAOvaHaqm/mvI4YnX
Dmy+YYP55Yy6MSpdZWbcLATJ8JFkwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCP3
RVy2H1dwa9QhY7lftPuSUZnKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMEU0OUMwRUQyRUUxMUVGQUY0QUJFNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOx5MA0GCSqGSIb3DQEBCwUA
A4IBAQA4Df2XbYJGikKHtZ/dIgWaGO/EZZU1f4blA/Bs7N8/FNpYz3IW4eE7h7K1
4Piev6yF04sRZYKFQEjSnsTtaDeEB4SNrf/zRXXD04hShO4WF+phmCyebDcXEyfV
zSwVWL0vOOHnN0djtsW7u3W0DwTiDLlgQ1v9ALeOmBE/Kc+wxgAFipu16d0nPoAK
mc5RozpgN0XveFv9hDigkFB3WQR92j1dX2nOx/ZvX9DEw4r+ap65i5w7Loz7HQsH
EKpfm6g4Z5IQqURb7Z0p0IWCQYZTJSPIiTZt1eNKb/RHJH4tSpJhKqvfIk4Ar/qH
r7Ya7aY9uHLDQqtGVUSxOSCx85zh
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:03 2025 by rpki-client