Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8C925EACCE811EFAD170298762E951A.roa
File: E8C925EACCE811EFAD170298762E951A.roa (raw, json)
Hash identifier: vIXCwUTcT7bMB2RCggx5U62sWj1WA4egrfBeXavrhdc=
Subject key identifier: 56:E6:99:EB:9A:89:68:F2:CC:A1:83:A8:9B:0E:D3:A6:DD:F6:42:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBE7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8C925EACCE811EFAD170298762E951A.roa
Signing time: Tue 07 Jan 2025 11:16:58 +0000
ROA not before: Tue 07 Jan 2025 11:16:54 +0000
ROA not after: Sat 13 Dec 2025 11:16:54 +0000
asID: 984
IP address blocks: 156.235.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64487 (0xfbe7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 11:16:54 2025 GMT
Not After : Dec 13 11:16:54 2025 GMT
Subject: CN=677d0d2a-43d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b5:fa:80:6a:ec:0c:bd:1c:4e:d6:9d:de:9c:
23:5a:1d:1b:6b:c9:72:14:e8:fd:2f:39:71:1f:64:
57:3a:c2:bb:5c:60:76:22:00:ec:57:9f:a3:10:ca:
1b:94:78:17:1a:d4:7e:66:13:de:65:0b:bd:01:8b:
d7:83:36:be:e8:33:bb:bc:52:60:41:0f:12:92:50:
66:c4:bf:10:c7:0b:dc:71:2c:9e:02:c8:5d:42:91:
5a:98:69:20:ea:75:0a:4c:32:db:b4:2b:84:db:e8:
8d:a6:56:9f:6a:6d:59:56:47:19:e2:48:17:bb:5a:
87:86:6e:76:b7:66:45:37:1b:f7:32:61:3f:de:6f:
f3:8f:48:3a:b4:c7:55:96:8c:e6:90:5f:e7:16:35:
42:82:60:a6:2e:9e:3d:e9:6c:4a:cb:f3:98:08:36:
03:61:e8:05:be:a2:68:35:3f:0a:e7:8b:fe:5e:a7:
79:87:46:56:52:0a:1c:e8:95:95:46:59:c0:3c:2b:
9a:34:57:dc:bc:a5:f2:ed:78:c2:74:70:a6:b8:0d:
7b:89:c1:57:80:0d:7c:c0:99:87:3f:1c:9d:03:4e:
6b:ad:1f:34:78:20:5e:dc:8c:9f:b5:b0:6e:60:05:
b6:9f:db:99:27:7a:f7:50:8f:10:47:d0:a3:ea:f0:
dd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E6:99:EB:9A:89:68:F2:CC:A1:83:A8:9B:0E:D3:A6:DD:F6:42:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8C925EACCE811EFAD170298762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.122.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:32:2f:cb:2b:0b:0a:6b:fb:e6:ac:0f:fa:c6:53:c3:df:79:
c7:fa:9e:f9:72:28:a5:7a:20:2d:01:89:82:f3:0c:74:7a:03:
e6:80:d6:43:75:a5:b3:37:9f:e9:d6:57:be:b2:cf:c5:7f:95:
7f:42:fd:30:6c:d7:4a:85:9d:a3:8f:f9:bc:b4:0f:24:b9:d2:
f9:0b:3c:ce:d0:84:f5:d2:95:8c:dc:16:dd:c0:5f:cd:94:6a:
0f:e7:e8:ca:f9:4b:03:d8:46:d0:41:af:6f:0b:e9:15:75:39:
02:6a:56:66:ce:52:27:70:a2:7e:17:30:ed:28:77:6c:b9:c5:
79:6e:fd:dc:b5:02:39:d1:0d:c3:20:45:4b:a0:c1:7d:be:35:
0d:53:e9:ea:ab:9e:5c:49:52:9b:c5:4f:22:01:5d:b8:2a:4d:
a5:f4:2c:25:d1:59:9c:17:07:57:d2:db:58:ba:d5:a6:1f:b2:
2d:ac:60:79:f8:cf:75:23:fe:f2:de:e9:71:ae:4c:9c:63:78:
6e:6c:cd:fe:9c:d8:f1:d3:c7:3b:19:3d:6b:85:46:67:e4:f0:
f0:2b:44:8c:02:09:30:9f:a7:96:f9:55:9f:62:31:3d:29:57:
31:c4:84:61:bf:46:b6:fd:ca:83:4d:8f:26:fb:cf:a4:b5:8e:
ed:bb:fc:18
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTExNjU0WhcNMjUxMjEzMTExNjU0WjAYMRYw
FAYDVQQDEw02NzdkMGQyYS00M2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApLX6gGrsDL0cTtad3pwjWh0ba8lyFOj9LzlxH2RXOsK7XGB2IgDsV5+j
EMoblHgXGtR+ZhPeZQu9AYvXgza+6DO7vFJgQQ8SklBmxL8QxwvccSyeAshdQpFa
mGkg6nUKTDLbtCuE2+iNplafam1ZVkcZ4kgXu1qHhm52t2ZFNxv3MmE/3m/zj0g6
tMdVlozmkF/nFjVCgmCmLp496WxKy/OYCDYDYegFvqJoNT8K54v+Xqd5h0ZWUgoc
6JWVRlnAPCuaNFfcvKXy7XjCdHCmuA17icFXgA18wJmHPxydA05rrR80eCBe3Iyf
tbBuYAW2n9uZJ3r3UI8QR9Cj6vDdRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFbm
meuaiWjyzKGDqJsO06bd9kK3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOEM5MjVFQUNDRTgxMUVGQUQxNzAyOTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOt6MA0GCSqGSIb3DQEBCwUA
A4IBAQBsMi/LKwsKa/vmrA/6xlPD33nH+p75ciileiAtAYmC8wx0egPmgNZDdaWz
N5/p1le+ss/Ff5V/Qv0wbNdKhZ2jj/m8tA8kudL5CzzO0IT10pWM3BbdwF/NlGoP
5+jK+UsD2EbQQa9vC+kVdTkCalZmzlIncKJ+FzDtKHdsucV5bv3ctQI50Q3DIEVL
oMF9vjUNU+nqq55cSVKbxU8iAV24Kk2l9Cwl0VmcFwdX0ttYutWmH7ItrGB5+M91
I/7y3ulxrkycY3hubM3+nNjx08c7GT1rhUZn5PDwK0SMAgkwn6eW+VWfYjE9KVcx
xIRhv0a2/cqDTY8m+8+ktY7tu/wY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:58 2025 by rpki-client