Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB8CCCC6D31F11EF8F760093762E951A.roa
File: FB8CCCC6D31F11EF8F760093762E951A.roa (raw, json)
Hash identifier: Eq3JLoTY6ZZTqSRL/GIfWW7KhfvoIr3XMoqCAMvLhw4=
Subject key identifier: 02:77:2E:E9:CA:98:6C:DE:D9:A1:27:5A:77:9D:E2:F9:ED:AA:A4:C8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010889
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB8CCCC6D31F11EF8F760093762E951A.roa
Signing time: Wed 15 Jan 2025 09:06:19 +0000
ROA not before: Wed 15 Jan 2025 09:06:15 +0000
ROA not after: Mon 03 Jan 2028 09:06:15 +0000
asID: 17561
IP address blocks: 156.254.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67721 (0x10889)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 09:06:15 2025 GMT
Not After : Jan 3 09:06:15 2028 GMT
Subject: CN=67877a8b-cc6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:98:d2:d3:a4:8d:76:7f:a7:36:79:00:58:b8:
7b:5a:6a:e7:15:2d:0e:e6:65:93:d5:23:c8:23:1a:
1c:4a:da:46:49:d2:cd:75:ea:da:7f:75:20:f7:38:
e8:a6:e0:98:1c:80:12:83:44:a0:05:7c:3c:52:ae:
ee:52:ba:ca:32:f9:b8:c6:5a:ca:48:e6:bd:cc:18:
2c:9b:e3:96:c1:42:83:ab:86:df:9e:b9:e5:2f:87:
a3:6f:b3:4a:55:9b:90:ec:c5:4c:0c:8d:a7:22:9d:
b0:87:db:07:ea:2f:11:86:ff:19:3c:6b:82:04:7b:
75:ee:bd:f2:d7:40:57:67:3d:52:ae:76:ea:1b:c6:
f3:02:ba:5b:16:e7:2b:c6:be:e2:dc:05:8a:65:0a:
db:10:32:b3:65:78:6d:3a:b2:06:f9:2a:90:bc:a7:
2a:1a:31:c1:96:28:81:8f:04:fd:8a:9c:f9:7d:ad:
ba:77:a7:94:88:1d:46:12:f3:d0:40:a7:31:ae:ed:
fe:1d:0d:d6:67:04:c5:7d:90:4f:f8:4f:9a:83:fb:
cf:88:a2:6f:12:98:c2:de:a9:86:52:55:14:cb:fa:
a1:ca:a2:c9:8b:c8:d0:ea:50:43:87:83:ce:d0:48:
22:e7:ad:a8:b7:75:11:f7:d3:88:9b:8b:6a:f6:ab:
c4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:77:2E:E9:CA:98:6C:DE:D9:A1:27:5A:77:9D:E2:F9:ED:AA:A4:C8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB8CCCC6D31F11EF8F760093762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.90.0/24
Signature Algorithm: sha256WithRSAEncryption
29:b1:ca:7f:5a:2b:90:2e:cb:1e:c2:ee:16:07:82:0d:d9:61:
db:76:5a:49:8a:2e:83:8f:de:a0:f7:66:74:3a:57:e7:99:ad:
33:6c:84:a1:bd:10:93:f2:a9:be:bd:e1:1b:15:58:03:90:f3:
c3:b9:f5:b2:4a:aa:81:f5:fd:2a:a2:fa:84:87:da:ce:18:39:
c8:a0:35:14:7c:0c:96:96:7b:31:8e:af:c9:fb:e7:49:10:41:
3a:dc:84:57:a3:d2:dd:41:05:5c:ba:5a:55:df:f5:ff:b4:43:
a3:08:aa:35:62:21:c5:68:23:ee:88:53:4c:f5:d0:c6:d6:d8:
09:14:8f:e4:70:4a:4c:bd:1e:15:8c:c0:eb:ad:5f:62:ba:26:
8a:09:cd:f2:e1:18:d6:31:54:96:20:8e:97:08:c4:a4:7e:9a:
52:0c:66:9c:28:d2:a4:a6:9a:be:f6:26:90:75:e8:37:16:b7:
db:0e:3d:e1:84:ad:82:16:75:60:30:e5:e6:8f:4a:5d:01:64:
7a:f0:50:d1:d6:3c:5d:97:61:e8:ae:9c:a2:64:82:75:2b:3d:
75:4a:9d:b2:3e:c5:b7:26:96:0a:00:e4:78:85:4d:38:2f:3b:
46:9c:d4:c1:50:44:ca:0a:b2:de:65:2a:32:25:1d:cd:7f:a3:
df:0c:c9:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQiJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDkwNjE1WhcNMjgwMTAzMDkwNjE1WjAYMRYw
FAYDVQQDEw02Nzg3N2E4Yi1jYzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyZjS06SNdn+nNnkAWLh7WmrnFS0O5mWT1SPIIxocStpGSdLNderaf3Ug
9zjopuCYHIASg0SgBXw8Uq7uUrrKMvm4xlrKSOa9zBgsm+OWwUKDq4bfnrnlL4ej
b7NKVZuQ7MVMDI2nIp2wh9sH6i8Rhv8ZPGuCBHt17r3y10BXZz1SrnbqG8bzArpb
Fucrxr7i3AWKZQrbEDKzZXhtOrIG+SqQvKcqGjHBliiBjwT9ipz5fa26d6eUiB1G
EvPQQKcxru3+HQ3WZwTFfZBP+E+ag/vPiKJvEpjC3qmGUlUUy/qhyqLJi8jQ6lBD
h4PO0Egi562ot3UR99OIm4tq9qvEawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAJ3
LunKmGze2aEnWned4vntqqTIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjhDQ0NDNkQzMUYxMUVGOEY3NjAwOTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5aMA0GCSqGSIb3DQEBCwUA
A4IBAQApscp/WiuQLssewu4WB4IN2WHbdlpJii6Dj96g92Z0Olfnma0zbIShvRCT
8qm+veEbFVgDkPPDufWySqqB9f0qovqEh9rOGDnIoDUUfAyWlnsxjq/J++dJEEE6
3IRXo9LdQQVculpV3/X/tEOjCKo1YiHFaCPuiFNM9dDG1tgJFI/kcEpMvR4VjMDr
rV9iuiaKCc3y4RjWMVSWII6XCMSkfppSDGacKNKkppq+9iaQdeg3FrfbDj3hhK2C
FnVgMOXmj0pdAWR68FDR1jxdl2HorpyiZIJ1Kz11Sp2yPsW3JpYKAOR4hU04LztG
nNTBUETKCrLeZSoyJR3Nf6PfDMmB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:17 2025 by rpki-client