Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EAF0FD82C95C11EFAF8C6484762E951A.roa
File: EAF0FD82C95C11EFAF8C6484762E951A.roa (raw, json)
Hash identifier: L7zOQyN4n6oNSE1o2ocuQ3qPrEUbXt/PRHBRibxIiqQ=
Subject key identifier: 44:F2:1F:FC:41:C9:26:0A:A7:74:21:04:B5:24:8F:F9:6C:DB:89:82
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F438
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EAF0FD82C95C11EFAF8C6484762E951A.roa
Signing time: Thu 02 Jan 2025 22:57:19 +0000
ROA not before: Thu 02 Jan 2025 22:57:15 +0000
ROA not after: Sat 13 Dec 2025 22:57:15 +0000
asID: 984
IP address blocks: 156.226.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62520 (0xf438)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:57:15 2025 GMT
Not After : Dec 13 22:57:15 2025 GMT
Subject: CN=677719cf-12ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:92:64:29:c8:88:4c:56:b5:8e:14:a9:37:75:
ae:90:e0:a1:fd:a5:ff:9e:c3:7b:db:37:ba:29:0c:
16:86:bb:9e:39:2f:4f:b8:19:36:ac:e5:7d:f4:78:
ce:de:a3:c4:3b:06:34:e9:65:95:c2:bd:2a:6a:22:
2d:f2:13:60:cf:04:66:6f:9c:a1:b3:cb:90:d6:df:
9f:fb:9e:cd:0e:da:28:29:16:73:2d:06:c1:14:ff:
c5:c8:a6:63:16:82:6d:3d:01:5b:6d:7b:f2:68:39:
77:bd:4c:56:c7:eb:83:08:bb:73:94:f0:fb:de:e7:
ee:25:00:33:22:ef:12:b4:79:8f:8d:86:96:fb:31:
fc:bf:05:64:d9:2d:e4:c2:6c:43:ee:16:1b:f8:da:
73:d8:6a:a3:1f:d2:2e:0e:eb:63:b7:45:63:f8:4e:
85:82:33:17:3b:81:c4:b7:67:00:8d:4c:d3:82:42:
d2:74:34:ba:e0:32:cb:d8:5f:e9:9c:9f:89:8a:6c:
af:a9:a1:07:15:59:7a:71:a3:55:01:32:0a:1c:88:
62:69:be:05:85:dd:3b:2a:b1:ea:83:31:2d:a5:f1:
7e:f7:cd:5e:b3:27:4b:6a:01:f4:a5:e1:b7:ef:97:
b2:77:8f:48:ab:3c:41:5e:23:2e:3b:ce:12:aa:c9:
a4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F2:1F:FC:41:C9:26:0A:A7:74:21:04:B5:24:8F:F9:6C:DB:89:82
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EAF0FD82C95C11EFAF8C6484762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.206.0/24
Signature Algorithm: sha256WithRSAEncryption
13:17:30:c7:3e:08:52:05:26:96:f2:94:2b:c3:76:bb:85:4f:
b3:19:87:99:44:2f:d6:99:5b:9d:3a:93:f6:a7:cb:c0:f0:d0:
5b:a5:1a:e7:3d:ad:55:a1:14:47:06:b6:62:b5:08:ba:fe:3f:
b7:73:6a:47:1a:0f:b3:e5:bd:87:33:13:3e:e6:df:87:47:17:
ab:7c:6f:75:81:ed:a7:62:bd:9a:8e:ac:ae:37:5f:ac:4a:8b:
57:03:e4:c3:81:28:83:7d:02:0a:d0:48:26:75:af:46:14:35:
f7:f3:14:b0:36:22:65:69:87:23:12:51:55:dd:ec:21:9a:c2:
50:4b:cb:2f:31:33:e2:e3:45:a7:b2:96:c8:53:b0:2a:30:4b:
65:ba:a6:be:93:44:65:b6:d8:ff:3a:ec:6c:4b:3e:bc:3a:da:
6a:98:5b:af:b1:10:82:b4:2d:8b:b8:4e:be:83:28:94:21:95:
b1:46:54:27:42:bb:3b:5c:a5:7d:39:6c:7a:82:02:13:ae:fa:
a5:f6:6b:8f:25:a2:59:38:c4:b8:87:13:fc:cc:9d:85:ef:78:
54:83:b6:ca:5e:d1:7b:bf:d7:05:5c:60:82:23:c7:1e:7a:eb:
cd:0d:9d:b8:1a:91:9c:14:ab:44:30:1e:70:54:99:09:c2:1a:
64:18:b7:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPQ4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjI1NzE1WhcNMjUxMjEzMjI1NzE1WjAYMRYw
FAYDVQQDEw02Nzc3MTljZi0xMmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAypJkKciITFa1jhSpN3WukOCh/aX/nsN72ze6KQwWhrueOS9PuBk2rOV9
9HjO3qPEOwY06WWVwr0qaiIt8hNgzwRmb5yhs8uQ1t+f+57NDtooKRZzLQbBFP/F
yKZjFoJtPQFbbXvyaDl3vUxWx+uDCLtzlPD73ufuJQAzIu8StHmPjYaW+zH8vwVk
2S3kwmxD7hYb+Npz2GqjH9IuDutjt0Vj+E6FgjMXO4HEt2cAjUzTgkLSdDS64DLL
2F/pnJ+JimyvqaEHFVl6caNVATIKHIhiab4Fhd07KrHqgzEtpfF+981esydLagH0
peG375eyd49IqzxBXiMuO84SqsmkTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFETy
H/xBySYKp3QhBLUkj/ls24mCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQUYwRkQ4MkM5NUMxMUVGQUY4QzY0ODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLOMA0GCSqGSIb3DQEBCwUA
A4IBAQATFzDHPghSBSaW8pQrw3a7hU+zGYeZRC/WmVudOpP2p8vA8NBbpRrnPa1V
oRRHBrZitQi6/j+3c2pHGg+z5b2HMxM+5t+HRxerfG91ge2nYr2ajqyuN1+sSotX
A+TDgSiDfQIK0Egmda9GFDX38xSwNiJlaYcjElFV3ewhmsJQS8svMTPi40WnspbI
U7AqMEtluqa+k0Rlttj/OuxsSz68OtpqmFuvsRCCtC2LuE6+gyiUIZWxRlQnQrs7
XKV9OWx6ggITrvql9muPJaJZOMS4hxP8zJ2F73hUg7bKXtF7v9cFXGCCI8ceeuvN
DZ24GpGcFKtEMB5wVJkJwhpkGLcS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:08 2025 by rpki-client