Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F1969A68C9C311EFB87675A6762E951A.roa
File: F1969A68C9C311EFB87675A6762E951A.roa (raw, json)
Hash identifier: Dq4FVeS4/Y0O0ZBL3zTxPizGS+vxIeZ4T4def/hfodg=
Subject key identifier: 07:46:7E:03:9A:90:4B:62:3C:0C:56:7D:7D:62:3E:AC:4B:D4:89:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6EF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F1969A68C9C311EFB87675A6762E951A.roa
Signing time: Fri 03 Jan 2025 11:14:48 +0000
ROA not before: Fri 03 Jan 2025 11:14:44 +0000
ROA not after: Mon 10 Feb 2025 11:14:44 +0000
asID: 6698
IP address blocks: 156.228.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63215 (0xf6ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 11:14:44 2025 GMT
Not After : Feb 10 11:14:44 2025 GMT
Subject: CN=6777c6a8-59a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a6:c0:38:f6:1d:b1:91:fe:b5:4d:3f:ee:5f:
81:c8:f4:0d:d9:b2:4b:68:fd:b7:4c:85:58:ee:02:
17:9e:6f:6c:66:fc:58:df:d6:c7:02:b9:9f:b4:b5:
ae:c1:53:8f:d9:86:13:32:c2:d3:f2:49:2d:b0:c0:
48:b5:a8:12:8f:76:99:66:a4:63:06:16:f9:4d:f2:
e2:40:81:87:96:05:60:cb:02:2b:c7:34:1a:02:3e:
3f:78:53:5d:69:8f:3b:69:ae:33:81:b2:ac:6a:b2:
21:b2:85:38:9d:7e:55:ba:86:07:d8:7c:e0:42:cb:
1c:cd:33:77:e0:c1:0e:80:0b:78:0c:89:fc:4c:bd:
3b:70:c1:1b:67:6d:9e:65:b0:72:bf:04:a2:eb:14:
f2:12:33:f8:d4:60:7b:9d:d4:60:67:30:c8:12:92:
12:21:94:ba:54:ec:61:62:ec:d4:6c:9f:d8:f1:47:
f4:ef:ca:55:6e:61:2f:36:7d:ae:33:71:0c:13:38:
55:87:b2:ff:6e:25:52:38:d6:25:4e:9c:2b:3a:0e:
00:e8:33:0f:b1:c9:74:41:eb:b3:e1:ec:b2:46:65:
15:03:4a:d8:2b:85:71:a8:7d:1f:87:e5:a3:87:2f:
2a:13:c1:99:2a:13:dc:28:f7:15:9c:81:05:b8:e7:
e3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:46:7E:03:9A:90:4B:62:3C:0C:56:7D:7D:62:3E:AC:4B:D4:89:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F1969A68C9C311EFB87675A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.250.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:3c:d0:ce:11:65:be:29:a8:89:71:98:33:2f:b2:ea:14:fd:
36:59:87:80:a0:74:f7:63:27:00:37:5f:72:8d:82:68:e4:6a:
11:f0:b6:38:37:4f:cb:d2:95:a1:7d:7a:b3:24:7d:18:a6:af:
c9:e9:65:ee:d9:9e:d9:e6:98:e3:8a:1d:df:bc:fd:73:eb:c2:
e5:68:19:fa:b2:14:9d:45:0d:73:1c:5d:a8:ac:22:a1:d1:dd:
5c:10:a3:b8:d0:25:1a:ae:6c:af:c8:98:32:a0:4e:95:8b:c8:
30:cb:59:e8:e1:8a:51:ce:1c:0e:d2:65:45:2d:cb:f2:4e:1e:
f0:1a:ea:52:cb:88:ab:59:a1:78:72:79:8e:ef:c4:af:10:22:
55:63:dc:5c:62:93:a5:5f:59:59:23:af:8e:db:51:45:67:18:
f4:5e:fc:8f:84:bf:95:a4:e5:9b:c4:7b:d7:7c:08:11:e2:26:
10:12:bb:ff:e9:86:e7:91:99:a3:a4:2b:72:16:44:bf:9a:34:
78:7e:31:c8:49:9e:5e:d3:94:9b:c0:4f:a3:fb:93:55:bb:fe:
3e:ca:3d:b0:bf:c3:e9:a3:75:f2:78:e5:51:b0:2c:2d:86:c1:
43:e2:8c:83:d6:54:f3:df:c0:8d:30:be:26:07:b1:0e:fa:8d:
31:46:69:07
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPbvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMTExNDQ0WhcNMjUwMjEwMTExNDQ0WjAYMRYw
FAYDVQQDEw02Nzc3YzZhOC01OWE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5abAOPYdsZH+tU0/7l+ByPQN2bJLaP23TIVY7gIXnm9sZvxY39bHArmf
tLWuwVOP2YYTMsLT8kktsMBItagSj3aZZqRjBhb5TfLiQIGHlgVgywIrxzQaAj4/
eFNdaY87aa4zgbKsarIhsoU4nX5VuoYH2HzgQssczTN34MEOgAt4DIn8TL07cMEb
Z22eZbByvwSi6xTyEjP41GB7ndRgZzDIEpISIZS6VOxhYuzUbJ/Y8Uf078pVbmEv
Nn2uM3EMEzhVh7L/biVSONYlTpwrOg4A6DMPscl0Qeuz4eyyRmUVA0rYK4VxqH0f
h+Wjhy8qE8GZKhPcKPcVnIEFuOfj2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAdG
fgOakEtiPAxWfX1iPqxL1In5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMTk2OUE2OEM5QzMxMUVGQjg3Njc1QTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOT6MA0GCSqGSIb3DQEBCwUA
A4IBAQChPNDOEWW+KaiJcZgzL7LqFP02WYeAoHT3YycAN19yjYJo5GoR8LY4N0/L
0pWhfXqzJH0Ypq/J6WXu2Z7Z5pjjih3fvP1z68LlaBn6shSdRQ1zHF2orCKh0d1c
EKO40CUarmyvyJgyoE6Vi8gwy1no4YpRzhwO0mVFLcvyTh7wGupSy4irWaF4cnmO
78SvECJVY9xcYpOlX1lZI6+O21FFZxj0XvyPhL+VpOWbxHvXfAgR4iYQErv/6Ybn
kZmjpCtyFkS/mjR4fjHISZ5e05SbwE+j+5NVu/4+yj2wv8Ppo3XyeOVRsCwthsFD
4oyD1lTz38CNML4mB7EO+o0xRmkH
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:59 2025 by rpki-client