Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA816434CCC811EFA0D57C4E762E951A.roa
File: FA816434CCC811EFA0D57C4E762E951A.roa (raw, json)
Hash identifier: +8A1pVRd19alt8hidNc+n4VWxc/bmAx4QDQTAPZmOgk=
Subject key identifier: 52:F8:71:DC:7A:3A:CF:B0:F9:6D:61:40:17:B9:E2:77:AC:61:DE:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA68
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA816434CCC811EFA0D57C4E762E951A.roa
Signing time: Tue 07 Jan 2025 07:28:24 +0000
ROA not before: Tue 07 Jan 2025 07:28:20 +0000
ROA not after: Sat 13 Dec 2025 07:28:20 +0000
asID: 984
IP address blocks: 156.233.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64104 (0xfa68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 07:28:20 2025 GMT
Not After : Dec 13 07:28:20 2025 GMT
Subject: CN=677cd798-6464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b0:21:01:69:87:7e:f2:10:a0:a1:53:08:a1:
6c:f8:47:7a:d8:de:f8:97:78:a0:ea:b5:12:aa:b1:
ea:16:9f:c5:40:c3:87:10:36:89:f6:f0:9f:e8:68:
c1:23:7c:ad:8a:a1:e6:10:93:4c:9c:30:36:e2:04:
db:89:c4:c0:48:29:bd:4b:82:57:f3:6f:c3:40:eb:
61:a4:1a:41:68:db:e5:04:b0:d8:bb:84:e7:75:45:
23:f8:49:b0:e5:4d:7c:f4:86:b0:5c:6d:44:f2:08:
f9:ec:ac:60:12:4e:71:b9:17:bb:0c:ba:d3:ae:57:
ff:5a:92:26:c6:a3:7d:62:c1:b7:44:9e:16:2b:b0:
e8:4a:54:c2:10:93:95:f1:17:52:a6:73:73:4b:0c:
79:79:48:09:36:7c:09:3f:7c:dd:7a:8c:18:2a:f8:
39:43:6e:19:3e:15:b8:a6:d6:80:38:22:49:5a:e9:
72:7c:ec:65:56:13:fe:70:8d:d8:44:1b:66:9e:a6:
3a:cf:f9:e7:82:27:69:4f:e8:2c:d8:ed:c7:6d:da:
3a:f3:d6:ae:e9:45:3b:fc:6d:2d:ce:d0:20:fd:97:
b2:8e:19:fb:ea:a4:8d:20:87:18:4c:03:1a:d3:04:
4f:70:81:b9:64:92:2c:98:70:38:1d:b8:1f:46:1d:
36:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F8:71:DC:7A:3A:CF:B0:F9:6D:61:40:17:B9:E2:77:AC:61:DE:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA816434CCC811EFA0D57C4E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.78.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:be:be:48:17:8e:29:66:0f:85:73:5b:01:08:c6:2d:6d:38:
c5:74:c2:d1:d7:12:3c:ca:ca:ef:04:f7:d5:e3:d1:df:14:b1:
7b:33:2d:89:65:74:70:b8:a3:4c:db:77:84:3a:e7:da:25:81:
2e:a3:f2:a0:0e:27:a2:a3:9a:a1:a0:f0:54:78:32:f4:ea:d4:
98:a7:7d:4f:5c:2b:49:1d:df:21:a5:c8:e0:d1:e0:16:7c:75:
db:68:d4:84:93:9f:dd:da:dd:40:4c:3a:e0:3f:79:3f:da:fe:
cb:9e:89:2f:0c:d6:53:e1:90:b0:7c:9a:88:56:63:47:76:1f:
ed:f6:18:81:47:32:c0:29:de:6a:1a:29:7c:6e:19:44:e3:8e:
6f:61:51:d3:ea:f5:53:2c:f8:df:50:54:07:04:65:d7:ed:20:
27:cb:df:9c:1a:a1:94:ac:7b:b4:92:9d:06:59:d6:f8:ff:b1:
f8:6f:92:83:58:21:9b:58:74:42:de:00:99:ed:88:99:86:89:
c3:07:42:d1:ad:5d:3e:4b:01:ba:71:7b:ba:8e:df:88:34:fc:
10:d4:4c:e0:ac:5a:22:bd:96:a8:ce:4b:7d:35:28:b7:20:fa:
5d:3d:37:97:c9:70:19:99:64:82:7a:8a:0a:96:20:76:b3:4f:
2d:f3:d1:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPpoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDcyODIwWhcNMjUxMjEzMDcyODIwWjAYMRYw
FAYDVQQDEw02NzdjZDc5OC02NDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnLAhAWmHfvIQoKFTCKFs+Ed62N74l3ig6rUSqrHqFp/FQMOHEDaJ9vCf
6GjBI3ytiqHmEJNMnDA24gTbicTASCm9S4JX82/DQOthpBpBaNvlBLDYu4TndUUj
+Emw5U189IawXG1E8gj57KxgEk5xuRe7DLrTrlf/WpImxqN9YsG3RJ4WK7DoSlTC
EJOV8RdSpnNzSwx5eUgJNnwJP3zdeowYKvg5Q24ZPhW4ptaAOCJJWulyfOxlVhP+
cI3YRBtmnqY6z/nngidpT+gs2O3Hbdo689au6UU7/G0tztAg/Zeyjhn76qSNIIcY
TAMa0wRPcIG5ZJIsmHA4HbgfRh02sQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFL4
cdx6Os+w+W1hQBe54nesYd4bMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQTgxNjQzNENDQzgxMUVGQTBENTdDNEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlOMA0GCSqGSIb3DQEBCwUA
A4IBAQC0vr5IF44pZg+Fc1sBCMYtbTjFdMLR1xI8ysrvBPfV49HfFLF7My2JZXRw
uKNM23eEOufaJYEuo/KgDieio5qhoPBUeDL06tSYp31PXCtJHd8hpcjg0eAWfHXb
aNSEk5/d2t1ATDrgP3k/2v7LnokvDNZT4ZCwfJqIVmNHdh/t9hiBRzLAKd5qGil8
bhlE445vYVHT6vVTLPjfUFQHBGXX7SAny9+cGqGUrHu0kp0GWdb4/7H4b5KDWCGb
WHRC3gCZ7YiZhonDB0LRrV0+SwG6cXu6jt+INPwQ1EzgrFoivZaozkt9NSi3IPpd
PTeXyXAZmWSCeooKliB2s08t89Eb
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:34 2025 by rpki-client