Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F82A98A6CF5F11EF9A08DE53762E951A.roa
File: F82A98A6CF5F11EF9A08DE53762E951A.roa (raw, json)
Hash identifier: EhJOKZHqKhOMTpHWi/P8QpPNND+8XAll2kz9AbAMngs=
Subject key identifier: EE:61:F5:F0:1F:F5:80:DE:D2:AE:D8:C5:DA:D5:66:AE:EA:3F:B0:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01055D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F82A98A6CF5F11EF9A08DE53762E951A.roa
Signing time: Fri 10 Jan 2025 14:34:17 +0000
ROA not before: Fri 10 Jan 2025 14:34:13 +0000
ROA not after: Wed 05 Feb 2025 14:34:13 +0000
asID: 4809
IP address blocks: 156.242.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 05 Feb 2025 14:34:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66909 (0x1055d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 14:34:13 2025 GMT
Not After : Feb 5 14:34:13 2025 GMT
Subject: CN=67812fe8-f22c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ba:64:77:94:7d:c5:03:9c:c0:d9:7a:b1:b1:
b0:2a:db:44:81:69:3a:8a:73:d6:89:80:3f:b2:c6:
f6:63:12:47:ed:2c:5b:62:79:2c:58:77:f9:27:94:
28:32:17:45:8e:2f:bb:79:cc:ee:05:3e:99:b6:07:
ba:0f:22:94:6f:b1:92:49:55:ce:b4:ae:21:e9:dd:
03:40:4d:15:02:33:16:8b:da:13:1c:3d:6c:96:b8:
aa:32:b0:d1:c8:63:52:eb:30:c1:dc:9b:f4:25:af:
12:2a:ea:2c:fc:11:39:7a:00:4e:26:fa:d5:79:7a:
68:0e:78:a0:f2:35:67:a0:d3:9c:d1:83:80:4e:d3:
a9:dc:a6:7c:3a:2a:cf:5c:5c:e8:f2:b5:1e:2f:93:
f3:ba:b8:ee:45:0e:21:5e:67:a0:1b:35:cf:ef:01:
41:8f:78:63:59:51:e5:86:01:1b:48:b7:49:52:ec:
04:e5:51:2d:15:c4:2b:c1:b0:6b:20:a7:bf:10:f9:
09:3e:02:93:10:0f:51:ee:ee:77:c7:68:e0:c4:12:
a7:84:ad:ab:88:36:93:a7:33:34:a2:9f:c3:67:43:
50:06:08:19:4f:59:30:16:68:7e:14:b9:d9:a8:e2:
36:61:77:6d:76:70:e3:cf:ce:e1:fa:7f:73:07:b9:
c5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:61:F5:F0:1F:F5:80:DE:D2:AE:D8:C5:DA:D5:66:AE:EA:3F:B0:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F82A98A6CF5F11EF9A08DE53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.6.0/24
Signature Algorithm: sha256WithRSAEncryption
87:84:e6:36:c3:f4:78:57:2b:fe:7e:b3:2e:ef:b3:55:50:33:
33:e3:b9:b6:b6:1c:d9:9b:3c:cc:e1:aa:d2:d5:b2:c3:90:1d:
e7:a0:58:b7:3f:65:6e:9b:b1:e7:80:c0:f2:9e:b0:ba:8f:cc:
b2:71:84:04:6d:2e:01:dd:2a:9c:0a:f9:9a:7c:5e:06:ab:c5:
09:2b:b4:6f:b5:13:7f:bc:87:57:f2:8e:f7:63:30:fd:a5:71:
13:ff:ce:18:d3:04:14:6b:29:7a:6b:78:29:37:e2:f6:6b:f1:
b5:cf:fc:b5:e0:5a:8f:4b:51:37:68:79:3d:7f:85:c1:10:19:
07:6d:ac:06:67:6c:8b:7c:01:f2:4e:0c:e3:03:19:68:50:82:
09:a3:83:cf:ad:f5:d9:f2:ab:85:f6:40:10:19:9b:0d:df:45:
a9:15:47:21:c3:1c:8d:fd:1f:34:8e:6d:0d:f6:39:1c:60:e0:
63:07:5d:12:55:63:94:9c:aa:b0:b0:9a:7b:52:96:74:b1:80:
ed:2e:76:3b:6c:1f:32:5b:16:6f:39:23:4e:ac:c8:06:49:ed:
46:fd:1d:cf:05:9c:9b:3e:cb:63:2e:ed:18:9d:8c:d5:ef:a8:
cd:f9:2b:98:9b:05:ef:ba:fd:83:ec:70:cd:7d:1c:80:9c:66:
42:31:b0:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTQzNDEzWhcNMjUwMjA1MTQzNDEzWjAYMRYw
FAYDVQQDEw02NzgxMmZlOC1mMjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0rpkd5R9xQOcwNl6sbGwKttEgWk6inPWiYA/ssb2YxJH7SxbYnksWHf5
J5QoMhdFji+7eczuBT6Ztge6DyKUb7GSSVXOtK4h6d0DQE0VAjMWi9oTHD1slriq
MrDRyGNS6zDB3Jv0Ja8SKuos/BE5egBOJvrVeXpoDnig8jVnoNOc0YOATtOp3KZ8
OirPXFzo8rUeL5PzurjuRQ4hXmegGzXP7wFBj3hjWVHlhgEbSLdJUuwE5VEtFcQr
wbBrIKe/EPkJPgKTEA9R7u53x2jgxBKnhK2riDaTpzM0op/DZ0NQBggZT1kwFmh+
FLnZqOI2YXdtdnDjz87h+n9zB7nFVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO5h
9fAf9YDe0q7YxdrVZq7qP7BdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GODJBOThBNkNGNUYxMUVGOUEwOERFNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPIGMA0GCSqGSIb3DQEBCwUA
A4IBAQCHhOY2w/R4Vyv+frMu77NVUDMz47m2thzZmzzM4arS1bLDkB3noFi3P2Vu
m7HngMDynrC6j8yycYQEbS4B3SqcCvmafF4Gq8UJK7RvtRN/vIdX8o73YzD9pXET
/84Y0wQUayl6a3gpN+L2a/G1z/y14FqPS1E3aHk9f4XBEBkHbawGZ2yLfAHyTgzj
AxloUIIJo4PPrfXZ8quF9kAQGZsN30WpFUchwxyN/R80jm0N9jkcYOBjB10SVWOU
nKqwsJp7UpZ0sYDtLnY7bB8yWxZvOSNOrMgGSe1G/R3PBZybPstjLu0YnYzV76jN
+SuYmwXvuv2D7HDNfRyAnGZCMbDB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:21 2025 by rpki-client