Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9313E56CCD811EFABF4C1B1762E951A.roa
File: E9313E56CCD811EFABF4C1B1762E951A.roa (raw, json)
Hash identifier: ciBEOp4xUDvt+34jB43cEYP43Y0YD7W76eD/XHgFvtY=
Subject key identifier: 7A:C5:AE:E9:D3:1F:80:BC:02:CC:6B:20:7F:B5:9D:F8:32:91:46:FC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB30
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9313E56CCD811EFABF4C1B1762E951A.roa
Signing time: Tue 07 Jan 2025 09:22:27 +0000
ROA not before: Tue 07 Jan 2025 09:22:23 +0000
ROA not after: Sat 13 Dec 2025 09:22:23 +0000
asID: 984
IP address blocks: 156.233.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64304 (0xfb30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:22:23 2025 GMT
Not After : Dec 13 09:22:23 2025 GMT
Subject: CN=677cf253-ef9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bf:1d:cd:fd:11:50:03:f1:1f:12:e7:ae:80:
13:eb:b6:c9:86:8c:da:ce:79:e5:b9:47:4f:3d:8b:
dc:b2:85:45:9f:70:aa:f1:f6:bb:25:34:a6:dc:88:
f1:98:c3:d6:7e:e0:5b:98:55:b3:08:c5:30:40:a6:
61:0c:6b:ed:3c:5c:98:ff:00:84:4c:b4:be:9b:74:
a0:cc:8e:bb:ee:66:24:d5:ee:60:1d:b8:7c:9c:c4:
c1:77:e3:08:2a:e2:24:6d:92:5b:7b:c4:49:8f:d6:
c5:29:50:31:f6:45:e2:0b:30:34:2f:53:b2:95:f6:
83:27:22:48:56:2f:75:58:6f:fe:cf:43:06:63:4c:
a8:96:5b:6f:a0:88:45:2f:97:05:72:23:be:c8:0d:
2a:a7:b9:1a:92:52:7c:22:ee:4a:f1:f9:da:bc:0b:
9b:f7:43:d0:27:f2:fe:9f:2d:79:c3:ab:66:92:84:
04:2d:37:7d:88:32:c6:4b:e1:32:1c:9b:97:29:fe:
71:86:70:eb:5d:a2:ea:63:d3:41:2a:7f:ab:c0:69:
9c:0a:63:b0:f7:52:03:72:2c:bb:c1:2a:16:ed:3e:
ac:42:b8:8e:db:5c:a4:3a:0d:50:1c:fd:25:4e:44:
f1:8c:2d:66:24:34:8b:fe:e2:b2:10:02:9c:80:f6:
08:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C5:AE:E9:D3:1F:80:BC:02:CC:6B:20:7F:B5:9D:F8:32:91:46:FC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9313E56CCD811EFABF4C1B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.189.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:01:1c:03:d4:df:d8:d6:4e:9b:44:b8:a2:97:b6:b5:e4:6c:
f2:ac:82:4a:8f:36:99:8e:c6:f1:8b:4e:08:d6:3b:8d:3e:aa:
46:ae:2a:a7:47:5b:84:a0:50:f4:9f:83:1a:bc:bb:70:73:0b:
d7:3c:03:74:68:20:e6:d9:ed:f7:48:b8:92:06:53:95:01:29:
eb:0f:f2:84:25:22:90:6c:45:7e:81:ba:43:2d:79:1f:c4:1b:
ce:d2:6c:03:7a:84:49:c7:2f:12:e7:ae:d1:33:f8:7f:40:14:
a4:c0:17:3c:e8:f8:35:8f:90:cc:11:6a:ab:a7:e1:76:90:b5:
b6:58:94:20:85:8b:fd:ce:e4:31:e4:dd:a6:15:e7:cf:52:e2:
4c:16:70:ff:7a:b8:55:a5:a7:25:07:1e:b1:cc:ed:df:fb:66:
59:a6:5d:6a:8d:83:27:cd:69:d7:55:15:be:84:1f:d7:8f:4b:
df:98:16:0a:ec:9f:ce:bd:cf:16:59:63:20:21:13:8d:8c:50:
bd:22:7c:1e:a8:59:bb:14:c4:7a:c3:78:33:99:ea:1e:67:1c:
0f:71:40:34:7b:06:ff:61:1a:c8:93:fe:4c:97:08:bb:3b:a2:
0e:89:4d:2e:78:50:98:4f:79:16:c0:22:dc:b6:e6:9e:6b:ec:
6e:3a:9e:e2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPswMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkyMjIzWhcNMjUxMjEzMDkyMjIzWjAYMRYw
FAYDVQQDEw02NzdjZjI1My1lZjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArb8dzf0RUAPxHxLnroAT67bJhozaznnluUdPPYvcsoVFn3Cq8fa7JTSm
3IjxmMPWfuBbmFWzCMUwQKZhDGvtPFyY/wCETLS+m3SgzI677mYk1e5gHbh8nMTB
d+MIKuIkbZJbe8RJj9bFKVAx9kXiCzA0L1OylfaDJyJIVi91WG/+z0MGY0yolltv
oIhFL5cFciO+yA0qp7kaklJ8Iu5K8fnavAub90PQJ/L+ny15w6tmkoQELTd9iDLG
S+EyHJuXKf5xhnDrXaLqY9NBKn+rwGmcCmOw91IDciy7wSoW7T6sQriO21ykOg1Q
HP0lTkTxjC1mJDSL/uKyEAKcgPYIgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHrF
runTH4C8AsxrIH+1nfgykUb8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOTMxM0U1NkNDRDgxMUVGQUJGNEMxQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOm9MA0GCSqGSIb3DQEBCwUA
A4IBAQCkARwD1N/Y1k6bRLiil7a15GzyrIJKjzaZjsbxi04I1juNPqpGriqnR1uE
oFD0n4MavLtwcwvXPAN0aCDm2e33SLiSBlOVASnrD/KEJSKQbEV+gbpDLXkfxBvO
0mwDeoRJxy8S567RM/h/QBSkwBc86Pg1j5DMEWqrp+F2kLW2WJQghYv9zuQx5N2m
FefPUuJMFnD/erhVpaclBx6xzO3f+2ZZpl1qjYMnzWnXVRW+hB/Xj0vfmBYK7J/O
vc8WWWMgIRONjFC9InweqFm7FMR6w3gzmeoeZxwPcUA0ewb/YRrIk/5Mlwi7O6IO
iU0ueFCYT3kWwCLctuaea+xuOp7i
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:38 2025 by rpki-client