Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8E6B6ECD2F411EFBFA00885762E951A.roa
File: F8E6B6ECD2F411EFBFA00885762E951A.roa (raw, json)
Hash identifier: xMPOwaVkfqXddwzuGI8UCR1f2ThHEbuU4RIXI78fSQA=
Subject key identifier: 38:DE:AC:CD:96:E2:B7:86:9A:25:E8:59:8A:21:5A:8C:FF:80:6F:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01079B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8E6B6ECD2F411EFBFA00885762E951A.roa
Signing time: Wed 15 Jan 2025 03:58:26 +0000
ROA not before: Wed 15 Jan 2025 03:58:22 +0000
ROA not after: Sat 03 Jan 2026 03:58:22 +0000
asID: 984
IP address blocks: 156.249.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67483 (0x1079b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 03:58:22 2025 GMT
Not After : Jan 3 03:58:22 2026 GMT
Subject: CN=67873262-81c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b2:1a:1a:4c:25:42:08:5c:3f:a9:fd:22:0c:
2b:d8:41:7e:70:40:80:2e:73:20:54:61:31:bd:a0:
59:2d:b8:de:f7:e2:2d:66:70:be:d7:5f:dc:30:bb:
8f:3e:d0:ac:dc:41:0b:a5:d3:02:8c:1c:81:5f:6a:
f8:cb:a4:03:58:8b:5a:fd:1a:a9:39:ab:0a:82:f2:
b7:45:3d:50:4c:a9:46:1b:78:8f:97:e5:fa:df:de:
93:43:2d:a5:3e:cd:d2:73:71:22:c2:0f:85:cf:a5:
3f:cb:13:6c:ec:fb:db:5e:ad:fb:93:ae:f4:b2:22:
00:9c:13:b5:08:d4:c9:96:ce:6f:36:f6:e5:4f:35:
c5:55:15:5f:ac:d8:df:30:66:e8:3b:bc:a3:c3:f4:
9d:bf:a6:f3:c3:d9:08:66:c5:d2:cc:d8:4a:2f:a4:
00:9f:d0:d2:c9:82:e8:12:fd:99:f2:65:5c:53:db:
6d:80:39:ad:67:93:97:0d:0c:92:b9:b8:d2:21:df:
f6:e2:9c:68:db:59:12:15:80:0d:52:d4:8a:44:49:
3f:00:47:09:a2:cd:76:98:67:ad:61:4d:f2:5b:7c:
88:85:75:1b:b3:e0:d8:62:cb:ae:f7:51:06:0f:e6:
bf:08:98:44:fd:5d:71:cc:32:61:99:a1:33:a2:27:
60:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:DE:AC:CD:96:E2:B7:86:9A:25:E8:59:8A:21:5A:8C:FF:80:6F:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F8E6B6ECD2F411EFBFA00885762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.118.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:98:67:49:b4:85:63:2d:37:0b:e0:fb:d3:15:9c:af:34:14:
15:22:b3:93:0c:2f:47:a6:e0:b7:6c:84:12:dd:16:69:74:35:
19:36:ab:a1:5b:90:93:c7:ee:92:ba:03:04:f3:9f:1f:d6:2e:
71:c8:ff:60:dd:69:6b:8a:d4:3f:ed:90:51:09:11:64:ee:3a:
60:66:11:80:cb:ba:a0:06:c5:9b:8c:63:61:6b:d0:68:11:82:
0e:60:29:00:2c:d0:46:ad:e5:f6:ae:11:3d:19:91:21:7f:97:
1c:47:2b:5f:1e:24:87:60:7e:60:0b:59:da:c4:6d:85:90:e1:
75:6e:98:f7:3b:f1:92:f4:a0:6c:9b:1c:47:f9:c2:90:49:50:
ed:24:9e:b9:d9:af:ec:62:35:e4:e5:8f:3a:d9:eb:23:f0:88:
b9:35:c1:8f:8c:1e:cc:be:11:38:e4:14:5c:0b:0c:70:0b:c8:
9e:85:e8:df:37:ad:6a:ec:7b:33:e8:a5:1b:78:20:46:5e:bd:
91:ed:6d:6d:c6:22:51:73:31:f9:12:e6:86:95:b9:9b:8f:c0:
7f:30:c5:10:5e:3a:ae:4a:e5:5c:74:e5:3f:e1:1f:96:0e:78:
c4:31:8c:ed:ef:25:ba:9d:7b:1d:48:b4:74:a1:fd:db:85:6a:
59:fc:16:e0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQebMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDM1ODIyWhcNMjYwMTAzMDM1ODIyWjAYMRYw
FAYDVQQDEw02Nzg3MzI2Mi04MWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzLIaGkwlQghcP6n9Igwr2EF+cECALnMgVGExvaBZLbje9+ItZnC+11/c
MLuPPtCs3EELpdMCjByBX2r4y6QDWIta/RqpOasKgvK3RT1QTKlGG3iPl+X6396T
Qy2lPs3Sc3Eiwg+Fz6U/yxNs7PvbXq37k670siIAnBO1CNTJls5vNvblTzXFVRVf
rNjfMGboO7yjw/Sdv6bzw9kIZsXSzNhKL6QAn9DSyYLoEv2Z8mVcU9ttgDmtZ5OX
DQySubjSId/24pxo21kSFYANUtSKREk/AEcJos12mGetYU3yW3yIhXUbs+DYYsuu
91EGD+a/CJhE/V1xzDJhmaEzoidg+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDje
rM2W4reGmiXoWYohWoz/gG/EMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GOEU2QjZFQ0QyRjQxMUVGQkZBMDA4ODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPl2MA0GCSqGSIb3DQEBCwUA
A4IBAQC1mGdJtIVjLTcL4PvTFZyvNBQVIrOTDC9HpuC3bIQS3RZpdDUZNquhW5CT
x+6SugME858f1i5xyP9g3WlritQ/7ZBRCRFk7jpgZhGAy7qgBsWbjGNha9BoEYIO
YCkALNBGreX2rhE9GZEhf5ccRytfHiSHYH5gC1naxG2FkOF1bpj3O/GS9KBsmxxH
+cKQSVDtJJ652a/sYjXk5Y862esj8Ii5NcGPjB7MvhE45BRcCwxwC8iehejfN61q
7Hsz6KUbeCBGXr2R7W1txiJRczH5EuaGlbmbj8B/MMUQXjquSuVcdOU/4R+WDnjE
MYzt7yW6nXsdSLR0of3bhWpZ/Bbg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:42 2025 by rpki-client