Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3A796F4CCCB11EF946BFF5F762E951A.roa
File: E3A796F4CCCB11EF946BFF5F762E951A.roa (raw, json)
Hash identifier: vVwwLy9i33gSZ1Sm8+HVdtOST3WwL9DYmvn5SzqwmZk=
Subject key identifier: 58:95:40:8F:6A:FF:0A:A2:12:D3:90:D0:EA:6C:3B:0E:46:AC:3A:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA82
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3A796F4CCCB11EF946BFF5F762E951A.roa
Signing time: Tue 07 Jan 2025 07:49:14 +0000
ROA not before: Tue 07 Jan 2025 07:49:11 +0000
ROA not after: Sat 13 Dec 2025 07:49:11 +0000
asID: 984
IP address blocks: 156.233.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64130 (0xfa82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 07:49:11 2025 GMT
Not After : Dec 13 07:49:11 2025 GMT
Subject: CN=677cdc7a-4e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:cd:53:93:99:9c:4d:b7:2a:d3:c3:80:6a:d0:
54:94:18:b8:3a:d8:82:42:0d:58:5a:f3:f2:a2:f1:
ab:02:a8:81:78:cf:51:b3:f9:7b:ba:e0:37:e0:a2:
fc:36:f3:7c:f2:68:8a:99:b9:4f:f7:41:93:f8:97:
45:d4:36:34:22:b1:af:2b:8d:b2:dd:02:ad:73:e0:
a7:a9:7f:09:2f:84:dc:d4:36:46:d8:f7:f8:74:2f:
90:ba:16:ab:c5:b0:0f:cf:c6:8e:46:47:3c:ed:02:
8a:46:4b:5e:07:b0:da:d7:e5:69:b4:b4:aa:57:54:
e4:5e:02:a7:f4:16:1d:79:9f:0d:7b:2c:32:05:ad:
53:84:94:e7:3d:0b:7d:00:35:20:34:d3:14:a8:35:
4b:46:34:e8:b9:9b:5a:e4:13:9e:81:5f:1a:b0:bd:
1f:20:ae:f7:de:7e:15:2e:df:ff:3d:a2:01:f9:ba:
19:a5:73:83:7f:f8:c8:b1:2d:55:19:17:dc:b4:8b:
2b:d5:38:49:87:6e:e3:81:34:7f:40:6e:20:c2:c1:
e8:d3:af:68:be:4d:58:fa:13:da:de:9c:38:d2:ee:
0b:e1:36:0e:61:e9:2b:af:b8:1d:1c:16:05:d1:15:
37:f7:6e:11:c1:8a:49:60:59:df:b2:68:30:96:f9:
81:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:95:40:8F:6A:FF:0A:A2:12:D3:90:D0:EA:6C:3B:0E:46:AC:3A:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3A796F4CCCB11EF946BFF5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.117.0/24
Signature Algorithm: sha256WithRSAEncryption
23:22:81:03:0e:13:b7:de:a0:e4:2d:ee:ce:e2:2d:78:40:48:
d7:d1:16:44:a2:8d:82:6d:97:42:ca:f3:87:2a:ee:39:df:f5:
6b:f7:0a:33:c2:c3:4c:41:07:d9:42:4a:70:64:59:cd:a2:df:
47:ce:3b:1e:73:f0:d9:60:46:99:75:cc:7d:a6:dc:dc:46:bc:
54:ef:39:aa:82:f1:d4:51:8a:a1:b5:b4:f1:a0:6a:96:00:62:
aa:ed:54:7a:03:3c:22:ad:d1:f0:df:ea:fe:4c:cc:fe:1e:45:
9b:87:7d:e6:f8:b9:3b:3b:25:1f:3b:af:29:32:a6:34:f5:8e:
5c:b8:f1:39:57:78:bc:23:8c:03:91:dc:ee:d7:72:38:f1:a0:
26:c4:78:f9:f2:6a:60:b8:6d:56:52:d8:74:9c:58:6d:a2:ac:
0e:ff:12:44:04:18:58:f9:fc:3b:ac:01:25:e3:cb:dc:ab:35:
58:ff:e6:d4:75:55:e0:16:35:bf:9e:36:ff:86:ca:30:a1:69:
5e:b7:b2:f0:c3:b0:59:6f:aa:47:44:f3:c9:51:80:e6:99:03:
95:b1:e2:89:85:12:5a:e1:34:ef:d3:88:1c:2d:1e:60:68:28:
f7:3c:3b:4c:c3:e5:ad:54:7e:e2:fe:bb:b2:8c:f9:76:e1:6e:
21:16:f9:99
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPqCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDc0OTExWhcNMjUxMjEzMDc0OTExWjAYMRYw
FAYDVQQDEw02NzdjZGM3YS00ZTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2s1Tk5mcTbcq08OAatBUlBi4OtiCQg1YWvPyovGrAqiBeM9Rs/l7uuA3
4KL8NvN88miKmblP90GT+JdF1DY0IrGvK42y3QKtc+CnqX8JL4Tc1DZG2Pf4dC+Q
uharxbAPz8aORkc87QKKRkteB7Da1+VptLSqV1TkXgKn9BYdeZ8NeywyBa1ThJTn
PQt9ADUgNNMUqDVLRjTouZta5BOegV8asL0fIK733n4VLt//PaIB+boZpXODf/jI
sS1VGRfctIsr1ThJh27jgTR/QG4gwsHo069ovk1Y+hPa3pw40u4L4TYOYekrr7gd
HBYF0RU3924RwYpJYFnfsmgwlvmBswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFiV
QI9q/wqiEtOQ0OpsOw5GrDroMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FM0E3OTZGNENDQ0IxMUVGOTQ2QkZGNUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOl1MA0GCSqGSIb3DQEBCwUA
A4IBAQAjIoEDDhO33qDkLe7O4i14QEjX0RZEoo2CbZdCyvOHKu453/Vr9wozwsNM
QQfZQkpwZFnNot9Hzjsec/DZYEaZdcx9ptzcRrxU7zmqgvHUUYqhtbTxoGqWAGKq
7VR6AzwirdHw3+r+TMz+HkWbh33m+Lk7OyUfO68pMqY09Y5cuPE5V3i8I4wDkdzu
13I48aAmxHj58mpguG1WUth0nFhtoqwO/xJEBBhY+fw7rAEl48vcqzVY/+bUdVXg
FjW/njb/hsowoWlet7Lww7BZb6pHRPPJUYDmmQOVseKJhRJa4TTv04gcLR5gaCj3
PDtMw+WtVH7i/ruyjPl24W4hFvmZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:26 2025 by rpki-client