Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F7227F80C33B11EFAAFA7A9B762E951A.roa
File: F7227F80C33B11EFAAFA7A9B762E951A.roa (raw, json)
Hash identifier: QohEl+ltqSsl69zLxyyKGtRP20peBgmEeXr4u0mOPLM=
Subject key identifier: 76:44:47:CE:D9:97:1F:D8:23:E3:11:E8:16:38:A3:44:E5:E9:0B:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB8F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F7227F80C33B11EFAAFA7A9B762E951A.roa
Signing time: Thu 26 Dec 2024 03:46:19 +0000
ROA not before: Thu 26 Dec 2024 03:46:15 +0000
ROA not after: Wed 10 Dec 2025 03:46:15 +0000
asID: 984
IP address blocks: 156.244.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60303 (0xeb8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:46:15 2024 GMT
Not After : Dec 10 03:46:15 2025 GMT
Subject: CN=676cd18b-95db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ad:10:15:2d:e1:ea:e6:20:b7:be:62:2c:d3:
08:0b:e0:cd:15:16:63:0f:bf:65:f9:66:90:4c:a0:
e1:26:0a:9e:43:b5:c7:00:84:49:f8:91:dc:f7:ee:
48:52:a3:5f:b5:13:ce:f4:7f:fb:64:23:8e:0d:4f:
93:88:2b:7d:ee:ec:49:0a:4c:9d:ea:c5:62:91:db:
9b:db:c8:d8:a1:44:e3:26:8a:bb:eb:51:da:3a:ee:
7f:cf:33:10:b2:b0:bc:c1:e5:a0:1b:71:83:a8:7d:
b6:89:01:d3:f0:98:94:47:f4:d4:3a:d4:97:68:23:
cd:46:4f:9d:a0:b3:2f:4b:81:31:49:f0:4a:4a:9b:
26:c5:f0:82:3f:ce:ba:49:cb:53:2d:ff:f0:2a:46:
56:ac:38:38:af:32:f9:51:56:02:45:aa:e3:82:7b:
ef:54:a2:2d:10:24:4f:c1:70:be:21:1d:7b:a3:ee:
e3:6f:31:fb:47:78:b6:0a:4e:ec:83:50:5b:e0:a7:
59:64:be:8b:07:b0:70:f8:39:e8:e0:a6:8b:c6:88:
8a:ab:99:02:99:45:5a:8a:c7:11:c4:1c:e1:a2:e1:
8c:87:0a:0f:05:19:30:06:c9:67:3e:7c:5a:aa:92:
8a:bb:2d:7d:90:8e:55:35:e8:98:83:27:a3:9c:06:
f6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:44:47:CE:D9:97:1F:D8:23:E3:11:E8:16:38:A3:44:E5:E9:0B:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F7227F80C33B11EFAAFA7A9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.195.0/24
Signature Algorithm: sha256WithRSAEncryption
93:0a:fe:11:14:ab:dd:f1:12:66:47:70:9b:39:f7:b5:e5:f7:
4a:54:33:41:66:68:f8:83:2f:49:01:c7:5d:71:60:14:48:8b:
5c:b5:b1:05:d4:28:af:b4:c6:0e:c2:03:ad:4f:a0:ed:d3:4c:
b4:38:fb:88:f7:77:7b:b3:5e:fc:99:88:0a:8b:c6:c6:05:98:
d5:d1:38:f7:67:9f:a0:e4:48:16:54:f1:9a:ee:97:6e:dd:08:
26:20:aa:4a:be:6b:4b:68:01:bc:40:3f:85:83:7f:68:34:63:
34:17:da:42:52:e2:19:a9:c8:82:42:be:19:ee:65:c9:d2:ff:
04:ae:4e:a3:36:e2:d6:29:0c:ba:95:79:bb:d2:c9:aa:4d:08:
5b:fd:57:ca:e9:79:4a:5e:d4:1d:c5:ca:51:f2:6d:4b:6f:f3:
a7:a5:f9:fb:7a:64:73:1e:fb:07:e2:57:a3:3e:b8:0b:4c:8b:
2e:4b:cc:61:99:a2:6e:47:d0:ae:a6:c7:7f:40:37:fc:bd:12:
f5:98:8d:48:8d:fa:26:43:ba:49:a9:65:bb:51:7e:f9:dc:fe:
69:34:b4:1f:38:45:89:da:ce:f8:1f:0b:41:be:9e:db:7c:5d:
8f:a6:8b:5e:56:df:0e:e9:be:66:21:2e:b6:c0:87:23:a4:12:
5c:05:76:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOuPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDM0NjE1WhcNMjUxMjEwMDM0NjE1WjAYMRYw
FAYDVQQDEw02NzZjZDE4Yi05NWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmK0QFS3h6uYgt75iLNMIC+DNFRZjD79l+WaQTKDhJgqeQ7XHAIRJ+JHc
9+5IUqNftRPO9H/7ZCOODU+TiCt97uxJCkyd6sVikdub28jYoUTjJoq761HaOu5/
zzMQsrC8weWgG3GDqH22iQHT8JiUR/TUOtSXaCPNRk+doLMvS4ExSfBKSpsmxfCC
P866SctTLf/wKkZWrDg4rzL5UVYCRarjgnvvVKItECRPwXC+IR17o+7jbzH7R3i2
Ck7sg1Bb4KdZZL6LB7Bw+Dno4KaLxoiKq5kCmUVaiscRxBzhouGMhwoPBRkwBsln
PnxaqpKKuy19kI5VNeiYgyejnAb2WQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHZE
R87Zlx/YI+MR6BY4o0Tl6QttMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNzIyN0Y4MEMzM0IxMUVGQUFGQTdBOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTDMA0GCSqGSIb3DQEBCwUA
A4IBAQCTCv4RFKvd8RJmR3CbOfe15fdKVDNBZmj4gy9JAcddcWAUSItctbEF1Civ
tMYOwgOtT6Dt00y0OPuI93d7s178mYgKi8bGBZjV0Tj3Z5+g5EgWVPGa7pdu3Qgm
IKpKvmtLaAG8QD+Fg39oNGM0F9pCUuIZqciCQr4Z7mXJ0v8Erk6jNuLWKQy6lXm7
0smqTQhb/VfK6XlKXtQdxcpR8m1Lb/Onpfn7emRzHvsH4lejPrgLTIsuS8xhmaJu
R9Cupsd/QDf8vRL1mI1IjfomQ7pJqWW7UX753P5pNLQfOEWJ2s74HwtBvp7bfF2P
poteVt8O6b5mIS62wIcjpBJcBXbO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:32 2025 by rpki-client