Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E4A3E982CDA611EFB4F9CF5A762E951A.roa
File: E4A3E982CDA611EFB4F9CF5A762E951A.roa (raw, json)
Hash identifier: 3eHF/FnccMXpT07bph5ViGK3LLxMwMRbo4QgbYHJDDg=
Subject key identifier: 02:B0:CD:89:D4:57:1C:7C:ED:35:B0:F1:D1:DD:AA:C8:20:BD:D6:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01012F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E4A3E982CDA611EFB4F9CF5A762E951A.roa
Signing time: Wed 08 Jan 2025 09:56:56 +0000
ROA not before: Wed 08 Jan 2025 09:56:52 +0000
ROA not after: Mon 13 Dec 2027 09:56:52 +0000
asID: 17561
IP address blocks: 156.254.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65839 (0x1012f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:56:52 2025 GMT
Not After : Dec 13 09:56:52 2027 GMT
Subject: CN=677e4be7-1f96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3f:99:d5:d2:d9:f2:0a:49:25:01:ff:9b:da:
b1:63:4c:b2:dc:15:e2:03:94:8f:45:e9:2a:e5:ad:
24:03:e0:fc:0e:10:e0:6f:ff:e7:fb:dc:b5:f2:17:
cf:bc:ba:e4:51:6b:ad:a1:26:23:39:ae:c5:ed:16:
4d:8c:bc:bb:73:22:80:ed:d0:66:6a:ec:18:8e:34:
d5:5e:4a:6e:54:69:07:8b:a1:92:1e:07:53:e9:b4:
8b:71:2d:75:77:b0:82:71:e0:1f:b6:2b:ee:68:f0:
22:55:72:33:a7:3d:37:82:ea:1d:25:f1:f3:72:da:
3b:53:1e:b2:28:a2:91:91:4f:13:7a:65:e6:ef:99:
6f:c6:7e:18:00:ed:3e:19:5c:0d:5f:a6:be:e3:cf:
e8:59:8b:ff:5a:c9:9d:7b:ea:18:de:b4:e7:5c:12:
76:9d:e1:b1:da:39:8d:af:42:8d:03:9f:a7:18:50:
f5:29:d0:b1:77:aa:f1:39:ec:f5:cb:dd:30:ad:58:
34:2e:8b:74:14:5e:88:aa:b3:58:be:56:ed:0a:1b:
d9:72:10:8d:65:8a:66:df:43:5a:76:a9:d7:d2:ad:
da:a1:c7:bb:4e:44:f2:e2:79:d5:86:00:25:ed:ee:
a1:fb:06:21:c4:b3:4e:f4:27:80:68:2a:f4:f6:47:
84:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B0:CD:89:D4:57:1C:7C:ED:35:B0:F1:D1:DD:AA:C8:20:BD:D6:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E4A3E982CDA611EFB4F9CF5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.112.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:53:51:03:f0:56:b1:d9:73:fa:76:1f:0e:25:8b:3c:0c:3e:
f4:0e:b2:03:91:49:84:a6:cc:c2:33:ea:ab:16:51:4f:5f:4f:
99:ee:82:bf:74:b4:19:b6:1f:1a:3c:c0:ca:55:44:01:35:6b:
6c:98:51:fe:e7:ce:66:78:dd:48:5e:a2:1f:a9:29:02:ed:52:
84:17:61:8e:67:10:f8:3d:4e:4d:91:bd:1f:1f:74:e2:25:f0:
06:bf:fe:8f:5c:22:c0:c0:9c:60:3d:79:a0:80:16:de:11:36:
cb:50:25:3d:42:80:a6:d9:6e:43:51:8d:b6:e3:3e:0a:2c:84:
0e:7a:67:af:b6:3a:6a:d7:4e:61:ac:4c:85:de:57:f4:6d:b6:
98:1d:73:42:21:c4:b0:90:45:ff:46:9e:c8:ea:f6:70:9b:2d:
2e:86:ca:97:2a:0d:5e:6d:1c:68:e5:83:13:62:35:ea:65:41:
7b:54:41:d7:20:3f:da:06:f9:bc:bd:0d:b0:a0:94:af:09:8f:
8b:e4:1f:f9:91:1a:65:8b:a6:6a:57:65:74:f3:a1:5f:3a:d8:
33:9f:ce:d4:e6:eb:39:83:3f:21:e5:1a:b0:59:0f:16:a0:45:
d4:f0:9a:85:28:44:7f:85:20:89:e5:5e:48:9d:2c:d9:df:44:
cb:0f:76:d2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQEvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDk1NjUyWhcNMjcxMjEzMDk1NjUyWjAYMRYw
FAYDVQQDEw02NzdlNGJlNy0xZjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwD+Z1dLZ8gpJJQH/m9qxY0yy3BXiA5SPRekq5a0kA+D8DhDgb//n+9y1
8hfPvLrkUWutoSYjOa7F7RZNjLy7cyKA7dBmauwYjjTVXkpuVGkHi6GSHgdT6bSL
cS11d7CCceAftivuaPAiVXIzpz03guodJfHzcto7Ux6yKKKRkU8TemXm75lvxn4Y
AO0+GVwNX6a+48/oWYv/Wsmde+oY3rTnXBJ2neGx2jmNr0KNA5+nGFD1KdCxd6rx
Oez1y90wrVg0Lot0FF6IqrNYvlbtChvZchCNZYpm30NadqnX0q3aoce7TkTy4nnV
hgAl7e6h+wYhxLNO9CeAaCr09keEowIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAKw
zYnUVxx87TWw8dHdqsggvdbAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNEEzRTk4MkNEQTYxMUVGQjRGOUNGNUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5wMA0GCSqGSIb3DQEBCwUA
A4IBAQA7U1ED8Fax2XP6dh8OJYs8DD70DrIDkUmEpszCM+qrFlFPX0+Z7oK/dLQZ
th8aPMDKVUQBNWtsmFH+585meN1IXqIfqSkC7VKEF2GOZxD4PU5Nkb0fH3TiJfAG
v/6PXCLAwJxgPXmggBbeETbLUCU9QoCm2W5DUY224z4KLIQOemevtjpq105hrEyF
3lf0bbaYHXNCIcSwkEX/Rp7I6vZwmy0uhsqXKg1ebRxo5YMTYjXqZUF7VEHXID/a
Bvm8vQ2woJSvCY+L5B/5kRpli6ZqV2V086FfOtgzn87U5us5gz8h5RqwWQ8WoEXU
8JqFKER/hSCJ5V5InSzZ30TLD3bS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:58 2025 by rpki-client