Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2FC8626CD4511EF8FB80062762E951A.roa
File: F2FC8626CD4511EF8FB80062762E951A.roa (raw, json)
Hash identifier: sIEYh9nG2hIcoeQtIoXsYstm9+bBkwtzf9IOxEAWKBk=
Subject key identifier: F5:ED:C2:BD:E1:A4:80:46:44:7A:7D:1D:1D:27:00:1C:82:00:67:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE97
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2FC8626CD4511EF8FB80062762E951A.roa
Signing time: Tue 07 Jan 2025 22:22:59 +0000
ROA not before: Tue 07 Jan 2025 22:22:55 +0000
ROA not after: Sat 13 Dec 2025 22:22:55 +0000
asID: 984
IP address blocks: 156.243.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65175 (0xfe97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:22:55 2025 GMT
Not After : Dec 13 22:22:55 2025 GMT
Subject: CN=677da942-3e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:a5:0f:3c:31:5b:35:c1:cf:a3:fa:11:33:63:
93:60:49:95:95:9d:b0:83:c4:58:02:66:82:6a:8c:
0a:ee:dd:ad:c3:97:30:7c:af:c9:e4:49:04:67:0c:
c3:57:74:1d:25:e9:0a:b1:2b:2a:eb:f0:e7:eb:20:
64:f1:e9:fa:e3:1e:5d:88:f2:1f:fe:58:f3:8b:98:
7a:29:c9:2a:1d:65:6e:67:fb:29:41:27:c5:90:1d:
2c:91:ba:3c:e4:07:e9:28:65:27:1d:27:aa:c0:68:
9d:dc:c9:56:aa:34:73:20:33:2a:fc:6d:83:6b:40:
1a:42:c8:98:8e:8a:3e:14:a7:37:ba:6e:5d:52:75:
9c:01:d0:ac:d6:0e:f8:cb:5a:04:2c:03:c8:a3:37:
2a:d6:23:0d:21:84:81:6e:9a:ca:5e:69:1d:1f:c4:
41:00:21:f7:35:06:b3:d5:ac:50:56:29:8d:d4:8f:
14:0e:b2:70:4b:d1:81:fa:3c:1e:f5:f3:dd:5f:f1:
13:58:32:1f:6d:c2:a3:d0:0e:bb:21:23:99:aa:94:
c3:f5:9b:a0:d0:54:81:d0:3d:72:b2:dd:68:e5:33:
f8:19:c6:e7:56:16:09:4d:87:be:64:a0:39:76:63:
d5:7d:16:f5:ff:76:44:90:e3:ce:21:ac:9b:2a:9b:
6a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:ED:C2:BD:E1:A4:80:46:44:7A:7D:1D:1D:27:00:1C:82:00:67:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2FC8626CD4511EF8FB80062762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.119.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:11:8d:04:f9:3c:46:c8:c5:1b:aa:0a:5f:47:20:56:84:84:
28:65:90:c9:57:27:25:c9:b2:bb:19:78:3e:7e:7c:58:7a:4e:
0b:34:bd:5e:02:af:95:aa:ec:b7:98:6d:41:76:f8:75:bc:3f:
78:3f:36:af:35:c4:c4:03:cf:73:2b:50:f7:c0:3a:f5:bc:a9:
21:ae:1f:f9:14:5f:2b:1d:97:5a:d2:35:61:3f:4e:8b:2a:34:
12:06:c1:4c:64:f8:01:90:f7:6f:14:bb:73:ee:05:b3:29:6c:
f5:c3:d9:30:e6:d8:25:42:78:5b:40:ba:09:6a:0d:67:88:2e:
39:71:8b:4e:c8:6c:37:44:b1:55:9e:b9:ed:1f:ad:9c:f4:ff:
96:fb:f4:67:b2:f7:7b:d7:1d:8b:39:44:6d:b9:1b:f3:76:f1:
3c:82:28:56:1d:d3:4d:1d:ca:49:a3:bd:35:18:03:74:a4:2b:
a1:4e:64:f0:d0:66:bf:40:78:56:c6:a4:6a:47:b5:30:06:53:
b4:09:4c:b5:17:1c:bd:52:c9:7e:de:be:4c:01:69:06:38:ee:
ab:44:b7:5c:fb:86:33:ea:70:2b:f7:08:9f:cd:9a:fa:ad:3b:
04:f8:2f:ac:5d:b9:40:44:7d:2c:ca:96:13:64:23:c0:7f:42:
a6:a2:a6:00
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjIyMjU1WhcNMjUxMjEzMjIyMjU1WjAYMRYw
FAYDVQQDEw02NzdkYTk0Mi0zZTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7KUPPDFbNcHPo/oRM2OTYEmVlZ2wg8RYAmaCaowK7t2tw5cwfK/J5EkE
ZwzDV3QdJekKsSsq6/Dn6yBk8en64x5diPIf/ljzi5h6KckqHWVuZ/spQSfFkB0s
kbo85AfpKGUnHSeqwGid3MlWqjRzIDMq/G2Da0AaQsiYjoo+FKc3um5dUnWcAdCs
1g74y1oELAPIozcq1iMNIYSBbprKXmkdH8RBACH3NQaz1axQVimN1I8UDrJwS9GB
+jwe9fPdX/ETWDIfbcKj0A67ISOZqpTD9Zug0FSB0D1yst1o5TP4GcbnVhYJTYe+
ZKA5dmPVfRb1/3ZEkOPOIaybKptqIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPXt
wr3hpIBGRHp9HR0nAByCAGfpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMkZDODYyNkNENDUxMUVGOEZCODAwNjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPN3MA0GCSqGSIb3DQEBCwUA
A4IBAQANEY0E+TxGyMUbqgpfRyBWhIQoZZDJVyclybK7GXg+fnxYek4LNL1eAq+V
quy3mG1Bdvh1vD94PzavNcTEA89zK1D3wDr1vKkhrh/5FF8rHZda0jVhP06LKjQS
BsFMZPgBkPdvFLtz7gWzKWz1w9kw5tglQnhbQLoJag1niC45cYtOyGw3RLFVnrnt
H62c9P+W+/Rnsvd71x2LOURtuRvzdvE8gihWHdNNHcpJo701GAN0pCuhTmTw0Ga/
QHhWxqRqR7UwBlO0CUy1Fxy9Usl+3r5MAWkGOO6rRLdc+4Yz6nAr9wifzZr6rTsE
+C+sXblARH0sypYTZCPAf0KmoqYA
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:46 2025 by rpki-client