Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9F3B896CD7811EF864576B9762E951A.roa
File: E9F3B896CD7811EF864576B9762E951A.roa (raw, json)
Hash identifier: SYO8w147LMoqBUauaK0fppGfCQBKqVKAKXimySX6NwQ=
Subject key identifier: 3E:98:5C:F8:87:20:DD:C3:6F:47:91:9E:D5:0E:D8:86:A2:C3:56:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFC7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9F3B896CD7811EF864576B9762E951A.roa
Signing time: Wed 08 Jan 2025 04:27:48 +0000
ROA not before: Wed 08 Jan 2025 04:27:44 +0000
ROA not after: Sat 13 Dec 2025 04:27:44 +0000
asID: 984
IP address blocks: 156.250.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65479 (0xffc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 04:27:44 2025 GMT
Not After : Dec 13 04:27:44 2025 GMT
Subject: CN=677dfec4-a51d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b1:27:fd:b0:fc:c4:06:49:21:41:22:7c:44:
58:cb:c4:c6:e6:ce:5e:e9:f5:29:75:aa:01:4c:ee:
4b:ab:be:98:d7:ac:35:ca:24:ef:77:42:dd:cd:26:
34:00:47:39:f2:27:e2:8c:25:c2:ed:96:42:b7:45:
dc:aa:6f:37:a2:e2:85:66:2d:02:83:53:1e:4a:92:
6a:88:4b:a3:02:5d:d6:37:a0:2f:84:cf:2b:c6:20:
a4:e8:65:40:07:70:3f:e3:ac:c5:de:40:42:cd:de:
03:03:45:a1:71:2f:b2:ad:9e:50:91:87:f4:92:d2:
ca:c4:4b:a0:d6:cc:03:c1:a3:0c:6c:ff:c3:84:8b:
7c:4d:ee:dd:c5:4c:e9:4f:eb:aa:c9:a6:36:6b:6c:
01:f4:b2:1a:dc:70:26:bf:19:5c:a4:60:1e:1f:f9:
f4:2f:1a:64:99:9f:61:c4:12:6a:26:b8:80:18:37:
57:2c:49:18:7b:f4:bc:fb:38:13:8d:10:46:56:d4:
f5:4c:38:cd:51:c3:4d:d9:73:4e:6d:76:f0:d1:f5:
0c:10:47:78:88:77:f2:8a:49:73:30:a2:b8:bb:ae:
7c:cb:d5:27:2d:b3:30:43:2a:eb:f7:ca:f3:6a:55:
e9:6a:24:31:a6:d7:9f:fc:44:d0:63:a3:f3:ca:1f:
d9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:98:5C:F8:87:20:DD:C3:6F:47:91:9E:D5:0E:D8:86:A2:C3:56:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9F3B896CD7811EF864576B9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:6a:82:f6:39:be:c6:a9:de:dc:13:31:25:33:46:5f:63:19:
9e:57:d9:bd:6d:58:a7:20:2e:a2:11:87:aa:91:e5:8e:77:75:
bc:52:ff:83:fb:d5:83:0b:a7:10:2a:1b:32:fd:97:8b:ab:ba:
00:ea:ef:b7:1e:02:5a:76:ff:2e:ea:65:84:37:68:21:fc:e8:
66:79:16:da:c9:32:68:b3:cf:cf:d2:50:6c:24:c8:99:32:bf:
ff:fd:6d:46:8b:76:e4:6d:4b:a3:46:68:91:00:e7:1b:ea:a1:
7e:c4:e9:4e:1d:88:93:30:21:03:b0:20:6f:f7:a9:74:ed:8b:
d3:2c:76:e5:4e:0d:c3:a9:c8:aa:3b:95:44:ea:bb:66:c3:70:
fb:a3:9a:b7:03:d4:55:9d:3f:8b:ed:08:4e:82:5b:eb:a0:4a:
44:94:1d:17:66:af:61:04:6d:64:f4:44:11:41:c1:de:6c:fb:
1c:0e:c8:25:2a:78:bc:8d:66:e7:37:17:6c:d4:5a:ad:73:44:
ff:4f:24:9f:eb:d1:69:1c:8b:ef:bd:3d:9f:06:7a:a3:e6:0f:
2a:2f:38:4b:67:a4:85:39:4b:99:a0:72:29:5c:ef:fe:94:da:
de:06:97:b0:6c:19:35:d4:57:84:fb:ed:e3:1a:2c:b9:62:8f:
b2:72:54:02
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP/HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDQyNzQ0WhcNMjUxMjEzMDQyNzQ0WjAYMRYw
FAYDVQQDEw02NzdkZmVjNC1hNTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA47En/bD8xAZJIUEifERYy8TG5s5e6fUpdaoBTO5Lq76Y16w1yiTvd0Ld
zSY0AEc58ifijCXC7ZZCt0Xcqm83ouKFZi0Cg1MeSpJqiEujAl3WN6AvhM8rxiCk
6GVAB3A/46zF3kBCzd4DA0WhcS+yrZ5QkYf0ktLKxEug1swDwaMMbP/DhIt8Te7d
xUzpT+uqyaY2a2wB9LIa3HAmvxlcpGAeH/n0LxpkmZ9hxBJqJriAGDdXLEkYe/S8
+zgTjRBGVtT1TDjNUcNN2XNObXbw0fUMEEd4iHfyiklzMKK4u658y9UnLbMwQyrr
98rzalXpaiQxptef/ETQY6Pzyh/ZIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD6Y
XPiHIN3Db0eRntUO2Iaiw1YbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOUYzQjg5NkNENzgxMUVGODY0NTc2Qjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPooMA0GCSqGSIb3DQEBCwUA
A4IBAQBaaoL2Ob7Gqd7cEzElM0ZfYxmeV9m9bVinIC6iEYeqkeWOd3W8Uv+D+9WD
C6cQKhsy/ZeLq7oA6u+3HgJadv8u6mWEN2gh/OhmeRbayTJos8/P0lBsJMiZMr//
/W1Gi3bkbUujRmiRAOcb6qF+xOlOHYiTMCEDsCBv96l07YvTLHblTg3DqciqO5VE
6rtmw3D7o5q3A9RVnT+L7QhOglvroEpElB0XZq9hBG1k9EQRQcHebPscDsglKni8
jWbnNxds1Fqtc0T/TySf69FpHIvvvT2fBnqj5g8qLzhLZ6SFOUuZoHIpXO/+lNre
BpewbBk11FeE++3jGiy5Yo+yclQC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:22 2025 by rpki-client