Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E24810C6CDA811EFB5A29B67762E951A.roa
File: E24810C6CDA811EFB5A29B67762E951A.roa (raw, json)
Hash identifier: Z3hks00wbKms+Qg69cdqNzKudfZP/DmTAC0QfO/RWSM=
Subject key identifier: AD:CF:9E:EF:CA:0E:A0:8D:1E:D2:F2:92:78:E7:82:AC:4F:AD:C8:6E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01013F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E24810C6CDA811EFB5A29B67762E951A.roa
Signing time: Wed 08 Jan 2025 10:11:11 +0000
ROA not before: Wed 08 Jan 2025 10:11:07 +0000
ROA not after: Sat 13 Dec 2025 10:11:07 +0000
asID: 984
IP address blocks: 156.255.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65855 (0x1013f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:11:07 2025 GMT
Not After : Dec 13 10:11:07 2025 GMT
Subject: CN=677e4f3f-065f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:84:c7:ff:4b:d5:58:82:73:a0:94:eb:7a:72:
11:61:91:a2:80:f5:54:92:d9:5a:7a:be:7f:c1:6a:
4a:77:c7:d0:4d:74:a0:f4:ac:34:cd:7e:52:35:0e:
3b:e4:c0:4a:c6:1b:3a:2a:1b:d1:72:38:af:cd:b7:
46:06:2c:dd:30:3f:29:f2:cf:8a:cb:4f:52:5b:69:
c6:f7:7c:bd:42:26:cd:4e:d2:4d:96:3b:2a:0c:fc:
5a:02:cd:9a:7e:0b:3c:d1:d0:df:11:91:85:c0:1e:
d1:a1:ad:17:67:8d:dd:65:fd:63:e7:6d:43:17:fc:
d7:23:e8:0b:6e:46:84:4c:4a:04:7c:48:35:28:d2:
e4:00:60:17:4b:b9:aa:4f:30:03:b5:73:e5:7d:5b:
9f:09:f7:71:0c:5f:ea:0c:8c:8f:1c:ee:47:53:06:
95:60:e9:56:8e:3d:62:c6:fe:d3:61:da:9f:d5:5f:
a0:7f:71:24:48:b7:c0:3f:e3:20:17:22:24:3f:ba:
aa:6c:ef:db:16:cd:0e:c5:37:e0:81:ea:50:0e:dd:
e4:a7:18:06:5e:5e:da:f6:70:11:d0:03:93:a4:c8:
c3:14:89:73:03:3c:5e:44:cd:c2:41:9f:80:6e:8a:
90:f2:45:e4:a2:31:c4:7d:52:3b:03:01:1f:3b:73:
e6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:CF:9E:EF:CA:0E:A0:8D:1E:D2:F2:92:78:E7:82:AC:4F:AD:C8:6E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E24810C6CDA811EFB5A29B67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.34.0/24
Signature Algorithm: sha256WithRSAEncryption
34:e8:40:15:84:26:f1:52:3c:47:ab:4e:61:2e:4a:f0:a3:90:
08:67:54:e3:9d:32:59:b0:78:3d:59:0d:99:33:dd:cb:96:cb:
d2:d7:a8:20:82:72:d6:cf:6b:af:92:73:2a:0c:b8:4f:d9:4a:
bc:1a:3b:fc:65:67:0e:c4:1a:70:19:d1:9e:ad:c4:1f:22:4e:
77:d2:cb:ab:5d:7b:fb:51:30:08:2b:1a:8a:30:90:d6:1d:f9:
1f:6c:18:dd:b6:d0:8f:a3:b1:65:0b:19:4d:a6:89:52:15:eb:
3b:87:b0:96:a5:9f:10:0c:9b:60:53:88:e8:b0:e2:eb:72:19:
ba:81:ef:1b:8f:10:ea:58:4d:48:24:22:80:60:75:95:7e:98:
3b:a1:58:2b:4e:19:c0:87:3c:cb:38:e8:c7:f0:ba:8d:16:3e:
1c:6b:1d:e5:d9:6b:09:e2:6d:30:a0:a5:00:84:ca:d4:99:8f:
88:2c:ae:0f:cd:4d:8c:98:ae:90:25:d5:e8:06:bf:13:4e:b5:
c0:62:e2:97:55:3d:dd:b3:e3:1e:bd:30:f6:3e:c4:fd:79:d1:
f3:ae:75:32:b6:59:17:1d:fa:e6:d0:b4:78:75:54:30:67:d0:
c5:e5:62:73:5f:6b:cf:14:c0:b9:54:22:01:27:ad:6e:14:3f:
b8:d2:42:d8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQE/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTAxMTA3WhcNMjUxMjEzMTAxMTA3WjAYMRYw
FAYDVQQDEw02NzdlNGYzZi0wNjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1YTH/0vVWIJzoJTrenIRYZGigPVUktlaer5/wWpKd8fQTXSg9Kw0zX5S
NQ475MBKxhs6KhvRcjivzbdGBizdMD8p8s+Ky09SW2nG93y9QibNTtJNljsqDPxa
As2afgs80dDfEZGFwB7Roa0XZ43dZf1j521DF/zXI+gLbkaETEoEfEg1KNLkAGAX
S7mqTzADtXPlfVufCfdxDF/qDIyPHO5HUwaVYOlWjj1ixv7TYdqf1V+gf3EkSLfA
P+MgFyIkP7qqbO/bFs0OxTfggepQDt3kpxgGXl7a9nAR0AOTpMjDFIlzAzxeRM3C
QZ+AboqQ8kXkojHEfVI7AwEfO3PmwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK3P
nu/KDqCNHtLyknjngqxPrchuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMjQ4MTBDNkNEQTgxMUVGQjVBMjlCNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8iMA0GCSqGSIb3DQEBCwUA
A4IBAQA06EAVhCbxUjxHq05hLkrwo5AIZ1TjnTJZsHg9WQ2ZM93LlsvS16gggnLW
z2uvknMqDLhP2Uq8Gjv8ZWcOxBpwGdGercQfIk530surXXv7UTAIKxqKMJDWHfkf
bBjdttCPo7FlCxlNpolSFes7h7CWpZ8QDJtgU4josOLrchm6ge8bjxDqWE1IJCKA
YHWVfpg7oVgrThnAhzzLOOjH8LqNFj4cax3l2WsJ4m0woKUAhMrUmY+ILK4PzU2M
mK6QJdXoBr8TTrXAYuKXVT3ds+MevTD2PsT9edHzrnUytlkXHfrm0LR4dVQwZ9DF
5WJzX2vPFMC5VCIBJ61uFD+40kLY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:32 2025 by rpki-client