Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6710A62CD4411EF8F6C985B762E951A.roa
File: F6710A62CD4411EF8F6C985B762E951A.roa (raw, json)
Hash identifier: NG9L29MvJZ6cmmpY8hz5eohHh9v7hOIiB6MwF81IUF8=
Subject key identifier: BE:34:A6:31:94:6D:AE:1E:19:8F:A8:22:56:58:D9:C6:BE:3D:19:D0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE8F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6710A62CD4411EF8F6C985B762E951A.roa
Signing time: Tue 07 Jan 2025 22:15:55 +0000
ROA not before: Tue 07 Jan 2025 22:15:51 +0000
ROA not after: Sat 13 Dec 2025 22:15:51 +0000
asID: 984
IP address blocks: 156.243.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65167 (0xfe8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:15:51 2025 GMT
Not After : Dec 13 22:15:51 2025 GMT
Subject: CN=677da79b-11e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:d4:42:c2:a1:49:fe:02:8a:d2:7b:96:01:
b3:61:58:6f:e7:d1:5f:9f:87:d8:b9:db:9e:92:1e:
c3:87:1b:21:b3:5c:86:5d:1a:85:4a:bc:6e:a9:c7:
27:cf:72:0a:75:13:e3:9f:8a:3b:e0:ed:b6:b8:d4:
67:74:40:b2:56:a7:e6:6f:c9:7c:21:12:29:5c:32:
76:57:07:0e:1f:41:67:bd:ce:b6:11:22:d5:60:ce:
a6:52:e3:eb:31:dc:3d:44:b1:08:ff:9d:50:03:20:
a6:2b:37:a9:ce:7e:14:9c:e5:7f:81:ea:9c:5e:44:
7f:6b:0e:37:1b:c9:6c:23:fb:4c:c4:af:44:49:a0:
34:76:aa:1a:a4:08:a1:eb:99:a1:70:0a:74:93:65:
30:8b:a3:24:fd:f4:9b:36:0a:e0:aa:70:ad:dd:71:
94:d1:35:09:c9:46:c6:2e:59:86:98:94:0f:45:6c:
39:b4:57:c8:c6:18:17:2d:50:a1:f7:b5:4e:5a:8e:
e4:8d:4f:7a:a1:34:15:b9:13:91:e2:a3:51:34:f6:
91:07:37:0a:6d:8e:c9:c3:ff:54:69:91:a4:16:6d:
5f:50:2e:5d:1b:60:f5:08:15:ec:b1:f1:76:74:64:
94:d2:a3:81:5c:71:61:81:90:b9:6a:51:44:8e:69:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:34:A6:31:94:6D:AE:1E:19:8F:A8:22:56:58:D9:C6:BE:3D:19:D0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F6710A62CD4411EF8F6C985B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.114.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:cf:ef:02:d8:61:98:d9:2d:28:e1:f5:8a:18:78:0a:0e:32:
a6:4c:dc:59:b8:1b:3a:56:1a:20:48:56:80:19:53:0d:a0:91:
90:1f:0b:b1:ba:2b:40:d5:af:d0:f5:73:b3:2d:2a:bf:11:d6:
9b:22:03:d8:18:ca:2c:2a:50:c8:8f:53:70:3a:92:58:16:c1:
6f:fd:46:88:17:5f:c6:92:fc:de:57:32:80:e1:3c:7d:e4:03:
d8:ea:f3:56:35:8a:60:96:20:89:7e:c3:29:81:e4:c6:3b:3a:
ff:37:90:d8:cd:89:2e:84:c9:69:9d:72:cc:5c:f0:0e:c5:84:
25:ff:ca:00:7b:81:66:49:b0:b2:9e:90:6f:3e:ef:9c:ad:e0:
8e:13:30:e5:77:08:d9:5e:ea:ad:38:2a:be:3b:3a:d1:e3:39:
8f:39:c1:9a:99:9c:3f:12:2d:5a:7d:5f:96:46:cd:f1:18:04:
58:79:77:61:2b:c9:13:4c:3c:4b:d5:32:6a:28:cb:eb:c5:9f:
54:4c:d8:7f:dc:d6:3a:da:c2:33:e5:8d:6e:98:74:26:10:97:
df:f9:1f:f5:02:06:a3:51:56:4e:3e:fe:92:ce:94:69:4a:e7:
e9:0b:97:e3:9f:57:ab:74:aa:96:bf:80:57:b2:c0:3f:53:6a:
71:11:56:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjIxNTUxWhcNMjUxMjEzMjIxNTUxWjAYMRYw
FAYDVQQDEw02NzdkYTc5Yi0xMWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAppLUQsKhSf4CitJ7lgGzYVhv59Ffn4fYuduekh7Dhxshs1yGXRqFSrxu
qccnz3IKdRPjn4o74O22uNRndECyVqfmb8l8IRIpXDJ2VwcOH0Fnvc62ESLVYM6m
UuPrMdw9RLEI/51QAyCmKzepzn4UnOV/geqcXkR/aw43G8lsI/tMxK9ESaA0dqoa
pAih65mhcAp0k2Uwi6Mk/fSbNgrgqnCt3XGU0TUJyUbGLlmGmJQPRWw5tFfIxhgX
LVCh97VOWo7kjU96oTQVuROR4qNRNPaRBzcKbY7Jw/9UaZGkFm1fUC5dG2D1CBXs
sfF2dGSU0qOBXHFhgZC5alFEjmlENQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL40
pjGUba4eGY+oIlZY2ca+PRnQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNjcxMEE2MkNENDQxMUVGOEY2Qzk4NUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNyMA0GCSqGSIb3DQEBCwUA
A4IBAQCcz+8C2GGY2S0o4fWKGHgKDjKmTNxZuBs6VhogSFaAGVMNoJGQHwuxuitA
1a/Q9XOzLSq/EdabIgPYGMosKlDIj1NwOpJYFsFv/UaIF1/GkvzeVzKA4Tx95APY
6vNWNYpgliCJfsMpgeTGOzr/N5DYzYkuhMlpnXLMXPAOxYQl/8oAe4FmSbCynpBv
Pu+creCOEzDldwjZXuqtOCq+OzrR4zmPOcGamZw/Ei1afV+WRs3xGARYeXdhK8kT
TDxL1TJqKMvrxZ9UTNh/3NY62sIz5Y1umHQmEJff+R/1AgajUVZOPv6SzpRpSufp
C5fjn1erdKqWv4BXssA/U2pxEVbO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:04 2025 by rpki-client