Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F4B6B6C2CC9A11EF864D569E762E951A.roa
File: F4B6B6C2CC9A11EF864D569E762E951A.roa (raw, json)
Hash identifier: Sw3yFC4xxGrlVda989YBwNw9pgHx7sAq3SdMm/Y686I=
Subject key identifier: 05:96:83:07:C4:84:9F:E0:71:68:9E:70:50:F4:26:2B:F9:DE:C7:5B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F962
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F4B6B6C2CC9A11EF864D569E762E951A.roa
Signing time: Tue 07 Jan 2025 01:58:57 +0000
ROA not before: Tue 07 Jan 2025 01:58:54 +0000
ROA not after: Mon 13 Dec 2027 01:58:54 +0000
asID: 17561
IP address blocks: 156.227.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63842 (0xf962)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 01:58:54 2025 GMT
Not After : Dec 13 01:58:54 2027 GMT
Subject: CN=677c8a61-732c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f7:69:84:5c:4c:a1:b9:03:50:6a:2f:3d:51:
0c:f3:84:0e:8f:0e:51:4c:51:24:e4:cd:c3:00:c5:
49:80:6f:50:67:7a:f8:b1:14:7b:79:11:25:8e:1d:
5d:b0:3e:ce:5b:d1:21:49:d7:60:69:ae:a9:39:39:
6b:b4:bb:cc:c9:86:05:f4:29:4c:28:48:44:a7:15:
f2:9c:48:f7:65:f9:ff:ad:50:87:21:c7:78:35:b3:
6c:aa:17:48:3f:4e:d6:17:45:39:e7:e9:fe:8c:97:
79:73:14:cb:0c:ff:43:5f:bb:ba:20:89:95:bb:55:
eb:37:22:1c:c5:21:2e:50:5a:bc:0a:06:dc:70:ec:
67:9f:e6:47:e7:59:f2:73:ae:29:d1:db:2f:42:fe:
18:d2:5d:3b:e5:9c:4f:67:50:ef:8b:05:30:65:05:
44:77:be:57:6f:17:37:07:d3:5d:e8:00:69:14:ca:
c2:0c:76:67:21:ea:95:ca:ef:f5:94:1a:46:90:ea:
6d:2c:82:fc:43:54:d4:e8:6d:b5:12:71:0b:10:34:
31:87:01:90:ea:25:ce:74:5f:96:8f:77:4c:26:89:
48:0c:c0:18:35:08:40:eb:62:3a:1a:68:e4:43:32:
e4:30:29:37:87:8f:8b:42:be:c3:1c:a1:7b:e8:2c:
6e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:96:83:07:C4:84:9F:E0:71:68:9E:70:50:F4:26:2B:F9:DE:C7:5B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F4B6B6C2CC9A11EF864D569E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.103.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:20:36:87:53:d6:d3:72:2e:ba:90:ca:2c:ea:b1:3a:5c:70:
ea:13:50:12:c4:02:fa:63:79:f9:1c:77:84:b2:45:a0:1b:45:
c9:8c:34:6a:84:8e:01:17:23:e2:25:43:1f:40:a2:93:6f:5a:
ed:14:04:b9:34:17:4d:d7:09:fd:35:8c:41:04:5e:fb:ab:01:
e4:e7:01:3a:fe:53:1d:b2:8d:0a:ce:96:1c:a0:e3:e9:8b:e3:
ee:18:48:76:28:d0:9a:95:7f:8f:c1:10:75:2d:ff:68:a4:ee:
c7:ac:4c:ab:8b:9e:9c:4e:77:19:5c:5a:60:ae:d7:af:6d:4c:
0d:35:38:1a:8f:cf:2a:ae:a5:bc:8a:c7:57:83:7e:53:8e:dc:
cb:89:8a:07:38:56:13:9f:5e:69:00:6a:e7:bf:4e:d7:fa:87:
2e:4a:7b:d0:20:d8:86:22:ca:0a:39:21:33:55:3b:32:aa:98:
47:e0:9f:af:02:a1:91:1d:ff:0c:7e:43:23:1c:de:f6:06:fc:
58:53:0a:c5:9a:bc:0a:06:9b:3f:e4:c5:2a:8a:1e:ed:25:bb:
4c:94:45:23:a2:f1:31:22:b5:cb:00:44:44:6f:cc:17:f8:3b:
ff:da:fd:58:e5:20:db:9d:c3:8d:87:d4:72:3f:e2:26:8a:42:
c5:0a:04:cb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPliMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDE1ODU0WhcNMjcxMjEzMDE1ODU0WjAYMRYw
FAYDVQQDEw02NzdjOGE2MS03MzJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0PdphFxMobkDUGovPVEM84QOjw5RTFEk5M3DAMVJgG9QZ3r4sRR7eREl
jh1dsD7OW9EhSddgaa6pOTlrtLvMyYYF9ClMKEhEpxXynEj3Zfn/rVCHIcd4NbNs
qhdIP07WF0U55+n+jJd5cxTLDP9DX7u6IImVu1XrNyIcxSEuUFq8CgbccOxnn+ZH
51nyc64p0dsvQv4Y0l075ZxPZ1DviwUwZQVEd75Xbxc3B9Nd6ABpFMrCDHZnIeqV
yu/1lBpGkOptLIL8Q1TU6G21EnELEDQxhwGQ6iXOdF+Wj3dMJolIDMAYNQhA62I6
GmjkQzLkMCk3h4+LQr7DHKF76CxuWQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAWW
gwfEhJ/gcWiecFD0Jiv53sdbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNEI2QjZDMkNDOUExMUVGODY0RDU2OUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONnMA0GCSqGSIb3DQEBCwUA
A4IBAQBPIDaHU9bTci66kMos6rE6XHDqE1ASxAL6Y3n5HHeEskWgG0XJjDRqhI4B
FyPiJUMfQKKTb1rtFAS5NBdN1wn9NYxBBF77qwHk5wE6/lMdso0KzpYcoOPpi+Pu
GEh2KNCalX+PwRB1Lf9opO7HrEyri56cTncZXFpgrtevbUwNNTgaj88qrqW8isdX
g35TjtzLiYoHOFYTn15pAGrnv07X+ocuSnvQINiGIsoKOSEzVTsyqphH4J+vAqGR
Hf8MfkMjHN72BvxYUwrFmrwKBps/5MUqih7tJbtMlEUjovExIrXLAEREb8wX+Dv/
2v1Y5SDbncONh9RyP+ImikLFCgTL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:50 2025 by rpki-client