Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1BFC3C2CD4B11EFB31A7986762E951A.roa
File: E1BFC3C2CD4B11EFB31A7986762E951A.roa (raw, json)
Hash identifier: NOkYNXdUPKaRltxt5ogd4H5URb/7JkfqlBWEPUI8Nvk=
Subject key identifier: AB:A4:FC:61:C8:FD:75:F0:0B:99:38:3C:7D:F2:0D:38:96:F0:D0:B4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEC5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1BFC3C2CD4B11EFB31A7986762E951A.roa
Signing time: Tue 07 Jan 2025 23:05:27 +0000
ROA not before: Tue 07 Jan 2025 23:05:23 +0000
ROA not after: Sat 13 Dec 2025 23:05:23 +0000
asID: 984
IP address blocks: 156.246.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65221 (0xfec5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 23:05:23 2025 GMT
Not After : Dec 13 23:05:23 2025 GMT
Subject: CN=677db336-9e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ab:5a:90:3c:50:08:de:ab:e8:8e:92:bd:c3:
61:63:bb:73:bc:d9:f6:36:45:58:9c:58:3f:0b:1d:
36:92:6f:19:eb:93:d9:34:d9:ef:94:86:d1:44:9f:
29:62:58:cf:6b:81:4f:ba:29:c5:ab:5d:a0:da:79:
a7:da:01:66:90:8a:56:c2:b7:1e:0b:5f:9f:16:51:
c6:81:15:30:58:2d:4a:02:c6:e6:db:cc:f2:33:27:
1f:b4:ba:d6:8e:b9:07:73:69:13:19:f0:e8:3f:2c:
ba:a9:d3:d7:5b:04:b1:35:ea:36:cd:48:0b:c2:be:
90:7d:06:f6:0a:3c:fa:92:41:8f:eb:79:0c:50:ff:
e3:cf:94:b7:8b:5b:49:2c:7f:bf:b8:14:64:0e:0b:
6a:a8:49:9a:4d:69:f6:d5:56:7e:8a:34:08:65:72:
6a:92:7a:c3:f2:d8:3a:54:b1:c7:d9:9a:09:73:9d:
e6:f8:e9:3e:4e:6e:83:03:55:32:04:a7:71:67:64:
35:a8:90:86:82:09:f5:91:f9:9f:db:15:08:40:f5:
be:a1:b0:44:3e:36:d6:cf:2e:ca:1a:3d:b4:2a:c1:
32:db:75:00:7e:bc:08:02:aa:2b:48:a4:bb:f2:b8:
8f:c7:d8:93:90:52:1f:94:65:86:63:4f:c9:dd:e7:
00:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A4:FC:61:C8:FD:75:F0:0B:99:38:3C:7D:F2:0D:38:96:F0:D0:B4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1BFC3C2CD4B11EFB31A7986762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.94.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d0:50:d9:75:09:d4:0c:a6:33:62:bf:ae:d7:7a:93:8f:5e:
05:33:84:3e:cd:53:e8:bb:1c:4d:eb:c7:ed:2d:ab:03:81:3f:
18:3f:f5:75:ba:a1:17:3d:80:38:92:15:59:c6:09:df:e2:8e:
d0:85:c2:97:35:02:57:b0:f7:24:28:4b:a0:50:ec:50:21:29:
c0:95:92:56:b6:7d:a2:8b:b4:50:88:c1:38:81:74:dd:24:e7:
c6:af:e3:a5:3c:56:f7:6f:44:d5:17:b8:21:d0:6f:e7:07:96:
2c:c5:07:87:24:1d:a5:bc:2f:9a:69:3e:b3:58:9c:61:f3:e6:
4f:fa:28:8b:d1:43:a2:72:e3:7d:e0:63:05:69:83:d2:de:7c:
d1:41:80:ba:ea:92:05:6b:01:2d:fb:52:e9:91:9e:a7:df:08:
32:3a:43:01:37:18:04:b3:ec:a8:f1:5d:1c:b9:c7:b4:f5:70:
f8:dd:06:f0:d2:6c:2e:95:8c:d9:6c:07:cf:a4:44:ed:a2:3e:
c1:03:6c:ae:8a:43:25:e4:13:8b:4c:b1:2f:39:e3:41:c7:69:
5c:85:b8:9c:3b:28:39:a4:77:d4:93:0c:26:50:65:08:45:fc:
6f:6f:8b:a7:2f:dc:3a:1d:c5:40:22:96:0f:ea:a1:45:5b:83:
51:ed:83:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP7FMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjMwNTIzWhcNMjUxMjEzMjMwNTIzWjAYMRYw
FAYDVQQDEw02NzdkYjMzNi05ZTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2qtakDxQCN6r6I6SvcNhY7tzvNn2NkVYnFg/Cx02km8Z65PZNNnvlIbR
RJ8pYljPa4FPuinFq12g2nmn2gFmkIpWwrceC1+fFlHGgRUwWC1KAsbm28zyMycf
tLrWjrkHc2kTGfDoPyy6qdPXWwSxNeo2zUgLwr6QfQb2Cjz6kkGP63kMUP/jz5S3
i1tJLH+/uBRkDgtqqEmaTWn21VZ+ijQIZXJqknrD8tg6VLHH2ZoJc53m+Ok+Tm6D
A1UyBKdxZ2Q1qJCGggn1kfmf2xUIQPW+obBEPjbWzy7KGj20KsEy23UAfrwIAqor
SKS78riPx9iTkFIflGWGY0/J3ecAQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKuk
/GHI/XXwC5k4PH3yDTiW8NC0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMUJGQzNDMkNENEIxMUVGQjMxQTc5ODY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPZeMA0GCSqGSIb3DQEBCwUA
A4IBAQBH0FDZdQnUDKYzYr+u13qTj14FM4Q+zVPouxxN68ftLasDgT8YP/V1uqEX
PYA4khVZxgnf4o7QhcKXNQJXsPckKEugUOxQISnAlZJWtn2ii7RQiME4gXTdJOfG
r+OlPFb3b0TVF7gh0G/nB5YsxQeHJB2lvC+aaT6zWJxh8+ZP+iiL0UOicuN94GMF
aYPS3nzRQYC66pIFawEt+1LpkZ6n3wgyOkMBNxgEs+yo8V0cuce09XD43Qbw0mwu
lYzZbAfPpETtoj7BA2yuikMl5BOLTLEvOeNBx2lchbicOyg5pHfUkwwmUGUIRfxv
b4unL9w6HcVAIpYP6qFFW4NR7YMO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:58 2025 by rpki-client