Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE509A04CD3611EFBB53C482762E951A.roa
File: EE509A04CD3611EFBB53C482762E951A.roa (raw, json)
Hash identifier: 6uG3TTK7l/2N3ubG7VQWqh38JiqgZ1JkKzQac1NAHb8=
Subject key identifier: 9D:4D:B2:78:C6:E8:0F:19:16:38:84:2C:7A:44:B2:8B:B9:EF:E8:C1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE509A04CD3611EFBB53C482762E951A.roa
Signing time: Tue 07 Jan 2025 20:35:28 +0000
ROA not before: Tue 07 Jan 2025 20:35:24 +0000
ROA not after: Sat 13 Dec 2025 20:35:24 +0000
asID: 984
IP address blocks: 156.243.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65057 (0xfe21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:35:24 2025 GMT
Not After : Dec 13 20:35:24 2025 GMT
Subject: CN=677d9010-3ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7f:8d:c1:5a:81:77:66:a6:94:16:bb:83:95:
1b:09:96:ba:3d:70:0d:31:92:67:43:92:69:81:fe:
94:51:e0:67:42:73:7f:66:2d:5a:8e:2c:4f:56:19:
3b:01:ed:0f:23:ad:d0:98:35:4c:2f:9f:97:87:bd:
dd:7d:2c:66:f6:93:2f:df:10:be:3a:69:1f:8a:a1:
0a:1f:ba:22:d4:91:d6:98:7f:c5:e6:ce:26:f4:af:
69:83:29:42:ee:0d:34:55:fe:d4:57:c6:d2:06:dc:
06:86:bf:95:0a:29:ef:b3:22:9d:0e:dc:d4:7d:da:
d4:f3:0d:67:75:62:02:06:22:17:81:d4:15:24:a1:
f0:0c:1e:34:d7:1d:81:6d:28:f4:db:93:b5:34:db:
b6:af:14:69:ba:02:9e:a1:d2:7b:56:9a:81:f6:d0:
67:3a:7a:5b:d0:0d:03:19:1f:86:ec:3d:08:b3:2f:
12:dc:20:5b:e6:9b:f4:03:63:c6:d7:e5:49:12:03:
fc:83:4c:fb:bc:1f:39:2a:a4:b5:57:ba:50:47:16:
bc:b6:22:0b:99:9e:27:97:0d:18:09:ce:b6:1c:99:
85:5d:85:b7:da:ba:4e:ac:79:c6:bb:c8:2a:47:ae:
4d:fa:a3:ae:4f:0c:bd:11:9d:59:ab:a4:8e:56:ff:
84:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4D:B2:78:C6:E8:0F:19:16:38:84:2C:7A:44:B2:8B:B9:EF:E8:C1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EE509A04CD3611EFBB53C482762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.57.0/24
Signature Algorithm: sha256WithRSAEncryption
69:4c:7c:f8:11:16:b2:46:36:b9:f7:08:16:a2:09:6e:15:c6:
c9:4f:11:55:ad:0d:47:54:10:fa:e4:eb:08:8b:47:59:92:e0:
a7:58:89:cc:fc:36:81:e0:ae:03:dc:8f:cb:db:4a:81:76:41:
8a:78:78:87:fd:17:e7:43:f8:16:c4:e2:db:43:9c:40:d3:b4:
3d:35:f0:64:bc:bf:59:10:e8:c5:4e:41:22:f3:82:73:15:68:
d7:78:d0:ba:f4:8f:70:49:0f:7a:41:88:ee:21:dd:61:83:4a:
01:d1:52:c6:5f:90:fa:88:04:52:d5:10:b8:34:fb:6c:f4:d0:
0e:95:d7:fc:ce:96:53:2a:3d:92:8b:7a:b2:13:ec:ce:ae:4a:
d7:0c:3e:ae:3f:77:c5:d4:a4:39:fd:64:74:39:99:02:05:3c:
46:56:7a:a8:da:50:d2:6b:ac:63:39:8d:c7:4d:90:ee:5f:52:
7e:ce:55:37:21:77:54:74:cc:77:26:b4:37:34:68:c0:f2:94:
13:a1:3f:a2:9b:98:e5:03:1e:04:0e:d5:67:98:cc:0c:d0:af:
2f:a6:5b:8a:dc:7a:51:7c:24:11:ab:a8:b3:f7:41:12:35:c7:
2b:1a:50:10:cc:0b:63:2c:1c:e7:97:82:c1:a0:e2:a1:e5:89:
81:2a:67:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjAzNTI0WhcNMjUxMjEzMjAzNTI0WjAYMRYw
FAYDVQQDEw02NzdkOTAxMC0zZWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuX+NwVqBd2amlBa7g5UbCZa6PXANMZJnQ5Jpgf6UUeBnQnN/Zi1ajixP
Vhk7Ae0PI63QmDVML5+Xh73dfSxm9pMv3xC+OmkfiqEKH7oi1JHWmH/F5s4m9K9p
gylC7g00Vf7UV8bSBtwGhr+VCinvsyKdDtzUfdrU8w1ndWICBiIXgdQVJKHwDB40
1x2BbSj025O1NNu2rxRpugKeodJ7VpqB9tBnOnpb0A0DGR+G7D0Isy8S3CBb5pv0
A2PG1+VJEgP8g0z7vB85KqS1V7pQRxa8tiILmZ4nlw0YCc62HJmFXYW32rpOrHnG
u8gqR65N+qOuTwy9EZ1Zq6SOVv+EKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ1N
snjG6A8ZFjiELHpEsou57+jBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRTUwOUEwNENEMzYxMUVGQkI1M0M0ODI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPM5MA0GCSqGSIb3DQEBCwUA
A4IBAQBpTHz4ERayRja59wgWogluFcbJTxFVrQ1HVBD65OsIi0dZkuCnWInM/DaB
4K4D3I/L20qBdkGKeHiH/RfnQ/gWxOLbQ5xA07Q9NfBkvL9ZEOjFTkEi84JzFWjX
eNC69I9wSQ96QYjuId1hg0oB0VLGX5D6iARS1RC4NPts9NAOldf8zpZTKj2Si3qy
E+zOrkrXDD6uP3fF1KQ5/WR0OZkCBTxGVnqo2lDSa6xjOY3HTZDuX1J+zlU3IXdU
dMx3JrQ3NGjA8pQToT+im5jlAx4EDtVnmMwM0K8vpluK3HpRfCQRq6iz90ESNccr
GlAQzAtjLBznl4LBoOKh5YmBKmd9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:30 2025 by rpki-client