Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8AD56BCC32D11EF883D06B8762E951A.roa
File: F8AD56BCC32D11EF883D06B8762E951A.roa (raw, json)
Hash identifier: bIGXa2Ua1tZQ1c58tzCzAbsdZucePyRloEm5yyMn3qE=
Subject key identifier: 21:E0:F4:FE:C6:84:B7:41:2C:44:AD:8A:56:87:67:F9:0A:B9:70:AB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAE9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8AD56BCC32D11EF883D06B8762E951A.roa
Signing time: Thu 26 Dec 2024 02:06:08 +0000
ROA not before: Thu 26 Dec 2024 02:06:05 +0000
ROA not after: Wed 10 Dec 2025 02:06:05 +0000
asID: 984
IP address blocks: 156.243.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60137 (0xeae9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:06:05 2024 GMT
Not After : Dec 10 02:06:05 2025 GMT
Subject: CN=676cba10-fab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9c:51:48:2b:79:56:a0:93:58:c9:be:8b:6f:
ef:1d:df:15:f7:cd:2e:0d:b9:ac:7a:91:e8:fb:ef:
ce:ca:42:30:de:4f:29:e8:c4:41:14:7e:08:f7:f2:
f6:a3:15:e4:a3:a0:7c:a3:b3:32:1d:a3:b4:19:cd:
7a:f1:37:a8:d0:4d:a5:ca:2d:1f:14:65:1e:3d:ca:
1b:54:e4:ed:db:e9:bf:9a:2d:10:fa:9c:75:44:a6:
13:b6:e0:7b:e0:51:1b:c0:1f:52:96:bf:c3:d0:99:
ee:b4:83:b2:b0:62:19:87:21:68:b7:ff:a9:69:6a:
60:ae:07:a6:0d:13:de:82:64:bb:a9:17:f2:79:6d:
47:b0:8f:db:86:10:71:5e:1c:21:69:fd:be:9a:1e:
51:5d:ad:7d:de:f1:2f:b5:4f:13:51:60:62:fb:b8:
c3:3a:85:61:53:04:ad:32:25:22:7b:97:64:a1:21:
69:01:70:c9:b7:89:51:00:68:2d:a1:f3:97:8a:bf:
38:57:07:15:9f:71:c6:14:85:da:6e:84:6a:a1:96:
87:d3:d9:60:ae:14:b1:19:c1:d0:91:71:27:a6:42:
69:16:6a:ba:de:7b:cb:45:db:e4:9f:9a:1d:fb:6d:
6d:39:6c:8a:27:4d:d1:4a:cd:f0:4a:7c:ab:01:66:
91:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E0:F4:FE:C6:84:B7:41:2C:44:AD:8A:56:87:67:F9:0A:B9:70:AB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8AD56BCC32D11EF883D06B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.213.0/24
Signature Algorithm: sha256WithRSAEncryption
25:ad:f4:b1:ed:b4:8b:3d:ed:10:b6:9c:4d:73:31:61:80:ee:
bc:83:63:22:14:9b:d6:a5:f2:06:ee:38:85:0c:6e:2e:f8:80:
68:c3:5d:cc:56:14:3f:41:16:89:d2:0c:27:f2:15:1b:91:48:
38:11:a1:53:06:1c:26:80:9d:a8:12:86:87:f4:1f:fa:fd:3c:
4d:21:9a:a0:bc:b2:4a:9d:52:30:f9:71:ff:36:41:90:47:dc:
9a:51:4b:0a:1d:fa:66:eb:79:42:6c:4c:50:be:37:f5:1b:6a:
15:9a:95:18:01:3e:88:df:d9:98:ab:30:8b:d1:1a:ff:65:86:
61:1d:21:0a:43:bc:a4:0c:5c:3c:66:5d:d6:63:10:c7:04:b0:
d8:39:c2:38:45:7d:d4:2b:06:12:de:6a:d0:9b:1d:58:10:f7:
0a:37:e6:f0:cb:4b:5f:d7:ed:ec:e0:35:68:18:99:ad:59:27:
b4:7b:36:36:56:30:ed:e2:f0:7c:b0:5d:df:89:95:6d:6d:1a:
35:bb:25:0c:fe:5d:71:14:3c:f9:31:76:17:63:85:d7:ee:91:
02:fb:84:5e:f2:98:2b:9a:fc:57:0e:d2:88:b3:88:65:a1:9f:
88:f9:79:c3:24:76:15:63:72:16:70:53:2a:d3:38:c8:bb:ee:
69:28:6f:83
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIwNjA1WhcNMjUxMjEwMDIwNjA1WjAYMRYw
FAYDVQQDEw02NzZjYmExMC1mYWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3ZxRSCt5VqCTWMm+i2/vHd8V980uDbmsepHo++/OykIw3k8p6MRBFH4I
9/L2oxXko6B8o7MyHaO0Gc168Teo0E2lyi0fFGUePcobVOTt2+m/mi0Q+px1RKYT
tuB74FEbwB9Slr/D0JnutIOysGIZhyFot/+paWpgrgemDRPegmS7qRfyeW1HsI/b
hhBxXhwhaf2+mh5RXa193vEvtU8TUWBi+7jDOoVhUwStMiUie5dkoSFpAXDJt4lR
AGgtofOXir84VwcVn3HGFIXaboRqoZaH09lgrhSxGcHQkXEnpkJpFmq63nvLRdvk
n5od+21tOWyKJ03RSs3wSnyrAWaRPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCHg
9P7GhLdBLEStilaHZ/kKuXCrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GOEFENTZCQ0MzMkQxMUVGODgzRDA2Qjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPVMA0GCSqGSIb3DQEBCwUA
A4IBAQAlrfSx7bSLPe0QtpxNczFhgO68g2MiFJvWpfIG7jiFDG4u+IBow13MVhQ/
QRaJ0gwn8hUbkUg4EaFTBhwmgJ2oEoaH9B/6/TxNIZqgvLJKnVIw+XH/NkGQR9ya
UUsKHfpm63lCbExQvjf1G2oVmpUYAT6I39mYqzCL0Rr/ZYZhHSEKQ7ykDFw8Zl3W
YxDHBLDYOcI4RX3UKwYS3mrQmx1YEPcKN+bwy0tf1+3s4DVoGJmtWSe0ezY2VjDt
4vB8sF3fiZVtbRo1uyUM/l1xFDz5MXYXY4XX7pEC+4Re8pgrmvxXDtKIs4hloZ+I
+XnDJHYVY3IWcFMq0zjIu+5pKG+D
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:27 2025 by rpki-client