Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F410E216C32F11EFA16CEC48762E951A.roa
File: F410E216C32F11EFA16CEC48762E951A.roa (raw, json)
Hash identifier: IAnuQd5r7OeCejT7eFaa8TJR1NOi8EtWpI7HOW1akoo=
Subject key identifier: BE:D9:7B:2B:A5:8B:F7:A3:7F:4D:F7:CC:4D:1F:25:06:F2:32:62:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB01
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F410E216C32F11EFA16CEC48762E951A.roa
Signing time: Thu 26 Dec 2024 02:20:20 +0000
ROA not before: Thu 26 Dec 2024 02:20:16 +0000
ROA not after: Wed 10 Dec 2025 02:20:16 +0000
asID: 984
IP address blocks: 156.243.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60161 (0xeb01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:20:16 2024 GMT
Not After : Dec 10 02:20:16 2025 GMT
Subject: CN=676cbd64-b01d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a5:b8:d1:5e:73:c7:5b:11:9b:f8:a2:32:21:
66:6a:cf:df:41:fe:70:1e:07:75:77:c8:48:31:e4:
1c:12:e3:15:13:64:d5:7f:75:c5:ee:03:10:44:88:
8b:b8:40:3f:c6:83:fc:ed:ce:43:45:1a:a5:c6:c4:
df:bf:09:f9:a6:9c:a4:52:42:75:9c:d5:2c:97:41:
e5:72:c6:83:08:28:de:c0:c2:44:a0:cb:a8:68:38:
fe:46:93:bd:d9:1f:11:73:3a:fa:32:d8:bb:05:ea:
e8:33:61:4d:8d:4f:bc:ad:39:0d:17:b8:89:c3:f2:
3a:97:de:95:60:de:df:f6:1c:0d:e2:e1:f0:61:58:
09:0c:dd:69:87:c9:f0:23:72:cd:79:34:31:45:37:
e6:a4:56:33:38:9a:28:a2:1e:9c:f5:66:5d:bb:01:
cf:76:6d:97:a3:6c:59:cc:30:b3:a9:34:4d:f9:13:
a2:2e:19:f6:55:4f:24:83:98:af:4f:e1:27:09:4e:
ab:7c:38:92:a2:66:89:06:36:84:b3:33:73:ea:eb:
49:2f:0e:00:75:de:2d:81:4b:47:74:f9:7e:19:76:
00:45:08:ca:32:7a:02:bc:77:8a:00:e1:0f:52:14:
01:08:47:5d:cb:e5:83:0e:00:73:90:b1:7c:9b:70:
8b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D9:7B:2B:A5:8B:F7:A3:7F:4D:F7:CC:4D:1F:25:06:F2:32:62:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F410E216C32F11EFA16CEC48762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.234.0/24
Signature Algorithm: sha256WithRSAEncryption
57:d7:73:88:71:c0:be:b7:6d:a9:b6:9c:8e:b9:a9:98:95:38:
be:40:9f:ef:3b:5d:a7:7c:ce:ed:0a:c2:6f:dd:96:fe:2a:f9:
b9:00:49:c0:9e:59:ea:76:cd:3b:56:cd:fd:63:8e:70:0a:87:
27:66:73:15:91:37:fc:23:ce:e5:7a:b3:2c:db:8a:62:c5:53:
53:85:d8:80:ec:ec:3e:89:b3:24:4b:48:b3:19:88:4f:e9:39:
c8:f3:17:52:07:9c:78:7b:5e:f8:0b:6f:f6:58:09:c9:7e:1e:
33:26:f5:09:9a:b5:93:16:29:f9:b5:64:a5:54:b6:5b:8e:c6:
c1:91:2f:a2:d2:66:92:7b:04:2c:ac:50:39:5f:36:24:a8:d2:
4a:99:13:57:db:68:94:08:44:8d:9b:0d:53:42:ff:61:0d:64:
33:d8:73:d8:44:21:88:cf:68:fb:af:81:7c:86:8d:06:f8:ed:
5d:bf:fb:38:75:13:f7:61:94:c1:90:ad:86:99:55:b7:2a:9e:
52:ed:6a:99:ea:32:9e:78:49:73:16:00:18:57:7f:0e:ed:23:
66:c5:72:c3:84:34:09:1c:dc:23:db:72:51:70:25:d4:18:6d:
6a:a7:e2:8e:2a:95:ac:64:be:1c:f7:7f:7c:c4:a1:58:1b:9f:
9c:2b:49:91
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOsBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIyMDE2WhcNMjUxMjEwMDIyMDE2WjAYMRYw
FAYDVQQDEw02NzZjYmQ2NC1iMDFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0KW40V5zx1sRm/iiMiFmas/fQf5wHgd1d8hIMeQcEuMVE2TVf3XF7gMQ
RIiLuEA/xoP87c5DRRqlxsTfvwn5ppykUkJ1nNUsl0HlcsaDCCjewMJEoMuoaDj+
RpO92R8Rczr6Mti7BeroM2FNjU+8rTkNF7iJw/I6l96VYN7f9hwN4uHwYVgJDN1p
h8nwI3LNeTQxRTfmpFYzOJoooh6c9WZduwHPdm2Xo2xZzDCzqTRN+ROiLhn2VU8k
g5ivT+EnCU6rfDiSomaJBjaEszNz6utJLw4Add4tgUtHdPl+GXYARQjKMnoCvHeK
AOEPUhQBCEddy+WDDgBzkLF8m3CLdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL7Z
eyuli/ejf033zE0fJQbyMmLZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNDEwRTIxNkMzMkYxMUVGQTE2Q0VDNDg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPqMA0GCSqGSIb3DQEBCwUA
A4IBAQBX13OIccC+t22ptpyOuamYlTi+QJ/vO12nfM7tCsJv3Zb+Kvm5AEnAnlnq
ds07Vs39Y45wCocnZnMVkTf8I87lerMs24pixVNThdiA7Ow+ibMkS0izGYhP6TnI
8xdSB5x4e174C2/2WAnJfh4zJvUJmrWTFin5tWSlVLZbjsbBkS+i0maSewQsrFA5
XzYkqNJKmRNX22iUCESNmw1TQv9hDWQz2HPYRCGIz2j7r4F8ho0G+O1dv/s4dRP3
YZTBkK2GmVW3Kp5S7WqZ6jKeeElzFgAYV38O7SNmxXLDhDQJHNwj23JRcCXUGG1q
p+KOKpWsZL4c9398xKFYG5+cK0mR
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:57 2025 by rpki-client