Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8389C9ECCC211EFB47DB5A7762E951A.roa
File: E8389C9ECCC211EFB47DB5A7762E951A.roa (raw, json)
Hash identifier: nGBaE8+vha4ezJ+JkV41TpmgKXS0pO0vZFc+TQJI5vM=
Subject key identifier: 27:75:8B:79:8F:EC:1E:4B:D9:20:18:B1:57:09:1B:10:B6:10:B7:63
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA38
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8389C9ECCC211EFB47DB5A7762E951A.roa
Signing time: Tue 07 Jan 2025 06:44:56 +0000
ROA not before: Tue 07 Jan 2025 06:44:53 +0000
ROA not after: Wed 12 Feb 2025 06:44:53 +0000
asID: 64267
IP address blocks: 156.248.100.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64056 (0xfa38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 06:44:53 2025 GMT
Not After : Feb 12 06:44:53 2025 GMT
Subject: CN=677ccd68-d7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:61:d8:28:df:fc:a0:6c:12:de:10:86:53:
2d:75:02:f5:e7:a4:33:09:b0:24:a2:ef:5a:e5:31:
0e:66:21:0f:ef:52:94:b7:b8:9a:9b:f4:d6:fc:d0:
08:c2:0c:80:11:5d:c4:fc:69:3f:93:37:c5:d0:85:
86:f3:3b:cb:35:fe:e1:5e:5b:d3:4f:c4:d7:48:f3:
12:33:cf:56:45:be:60:40:7b:50:ac:f8:f2:68:77:
09:20:d1:2e:27:da:ae:b0:60:6e:67:5c:83:da:fb:
8a:1b:a9:4b:9d:db:b9:28:de:f2:94:95:95:a7:be:
6a:f7:f7:a8:7b:10:fd:3e:af:55:90:f2:c9:a0:c3:
c5:56:c6:9a:64:e1:03:f4:86:95:6c:dd:dd:2e:79:
8d:4d:a3:6d:e9:93:78:c1:24:16:31:d3:5f:cb:fe:
01:82:f0:30:35:2a:f7:07:e5:00:35:80:b1:82:53:
85:c0:8a:aa:f0:6d:4d:6d:d7:7d:cd:72:97:7a:39:
3a:26:75:a4:a5:65:4e:f5:01:3e:29:a4:9c:83:52:
e2:db:8a:db:ca:40:c4:13:b2:be:b7:b9:48:54:fb:
23:d8:70:39:4c:e0:68:ee:e2:f1:a6:ad:98:07:3b:
d4:14:d8:c6:fd:8d:3a:43:64:2a:cd:87:3b:3e:a9:
18:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:75:8B:79:8F:EC:1E:4B:D9:20:18:B1:57:09:1B:10:B6:10:B7:63
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8389C9ECCC211EFB47DB5A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.100.0/23
Signature Algorithm: sha256WithRSAEncryption
14:e5:64:c1:99:22:1e:7f:ac:87:b7:ee:5c:5f:d6:a2:1e:47:
71:7f:bd:a0:b1:da:48:03:cb:3a:55:f1:7b:9a:e6:93:91:67:
80:be:47:bb:9b:f1:f1:de:9c:b5:e6:b0:80:48:01:66:88:df:
a1:88:0e:c0:03:5c:c8:c6:19:ac:ef:84:60:f7:f3:21:96:3b:
d1:2d:1a:b3:e2:fe:36:f3:a0:df:09:58:0a:56:f1:d8:8c:8f:
ae:b0:28:94:e4:ec:1e:75:46:a8:6d:5b:df:11:78:18:fd:94:
1a:f7:84:cb:32:c5:ac:4f:27:59:60:50:27:61:52:70:81:f2:
b6:88:40:61:2f:e4:22:25:bb:4e:55:d9:ee:16:7b:f0:a2:65:
7d:3a:a4:91:0b:53:5c:3c:68:9f:3d:77:de:11:38:33:b8:3b:
0c:8d:5b:96:b6:ba:8c:30:d4:ea:37:57:59:d7:53:80:7d:d6:
4e:3a:9b:f7:b5:81:52:79:f1:39:1d:7d:68:2b:32:09:fa:45:
77:ec:71:42:a7:aa:c5:ad:10:f1:b9:35:af:63:ff:79:b6:c1:
36:17:e0:e3:f3:06:74:50:32:60:23:99:5b:25:f0:ac:61:fb:
38:0a:dc:b8:60:0a:33:fb:04:97:ca:9e:59:f0:53:3c:f0:cc:
3e:fb:f8:f6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPo4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDY0NDUzWhcNMjUwMjEyMDY0NDUzWjAYMRYw
FAYDVQQDEw02NzdjY2Q2OC1kN2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtQlh2Cjf/KBsEt4QhlMtdQL156QzCbAkou9a5TEOZiEP71KUt7iam/TW
/NAIwgyAEV3E/Gk/kzfF0IWG8zvLNf7hXlvTT8TXSPMSM89WRb5gQHtQrPjyaHcJ
INEuJ9qusGBuZ1yD2vuKG6lLndu5KN7ylJWVp75q9/eoexD9Pq9VkPLJoMPFVsaa
ZOED9IaVbN3dLnmNTaNt6ZN4wSQWMdNfy/4BgvAwNSr3B+UANYCxglOFwIqq8G1N
bdd9zXKXejk6JnWkpWVO9QE+KaScg1Li24rbykDEE7K+t7lIVPsj2HA5TOBo7uLx
pq2YBzvUFNjG/Y06Q2QqzYc7PqkYaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCd1
i3mP7B5L2SAYsVcJGxC2ELdjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FODM4OUM5RUNDQzIxMUVGQjQ3REI1QTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPhkMA0GCSqGSIb3DQEBCwUA
A4IBAQAU5WTBmSIef6yHt+5cX9aiHkdxf72gsdpIA8s6VfF7muaTkWeAvke7m/Hx
3py15rCASAFmiN+hiA7AA1zIxhms74Rg9/MhljvRLRqz4v4286DfCVgKVvHYjI+u
sCiU5OwedUaobVvfEXgY/ZQa94TLMsWsTydZYFAnYVJwgfK2iEBhL+QiJbtOVdnu
FnvwomV9OqSRC1NcPGifPXfeETgzuDsMjVuWtrqMMNTqN1dZ11OAfdZOOpv3tYFS
efE5HX1oKzIJ+kV37HFCp6rFrRDxuTWvY/95tsE2F+Dj8wZ0UDJgI5lbJfCsYfs4
Cty4YAoz+wSXyp5Z8FM88Mw++/j2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:02 2025 by rpki-client