Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FBE7065EC32B11EF9E89F9A7762E951A.roa
File: FBE7065EC32B11EF9E89F9A7762E951A.roa (raw, json)
Hash identifier: krPLBrcBn0vGSIH5j94zpC+W545mr57QS6f6yPw6Xw4=
Subject key identifier: A5:E0:06:87:63:EB:1F:0B:90:5A:1B:06:8A:3C:73:21:4F:C8:17:D6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAD1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FBE7065EC32B11EF9E89F9A7762E951A.roa
Signing time: Thu 26 Dec 2024 01:51:55 +0000
ROA not before: Thu 26 Dec 2024 01:51:51 +0000
ROA not after: Wed 10 Dec 2025 01:51:51 +0000
asID: 984
IP address blocks: 156.243.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60113 (0xead1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:51:51 2024 GMT
Not After : Dec 10 01:51:51 2025 GMT
Subject: CN=676cb6bb-24ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e0:1c:11:82:c0:6d:2d:86:e4:cb:6f:2e:cf:
f7:5a:fd:4e:46:c4:7d:5f:92:a5:57:22:f9:1f:d2:
4e:73:56:17:98:19:86:24:72:ee:a7:b9:b5:ec:2b:
b1:e8:0e:d4:5e:47:0e:f5:1d:13:bd:b6:b9:6e:a5:
49:50:56:ce:98:29:03:29:f3:38:be:4b:21:e9:aa:
01:66:4e:88:4c:37:9a:e9:74:20:e2:f5:36:a6:ed:
47:48:c8:1d:65:6b:ff:36:5e:26:40:81:57:ce:8c:
ca:bf:2b:78:ad:71:c1:39:14:64:a3:44:d6:82:b2:
28:91:d1:33:5f:52:39:4e:7a:ec:67:45:b2:b0:44:
f7:2e:e9:f3:03:50:1e:e0:26:64:b3:52:be:bf:69:
ed:36:27:62:6d:51:2e:fc:40:32:30:3c:91:0b:30:
70:92:bc:37:64:32:81:d6:d7:df:de:fd:6c:f1:49:
31:ae:45:1a:11:74:11:0d:30:ff:2c:1b:ca:1a:1a:
0a:9e:8f:57:7a:37:f0:da:3a:f7:ac:e4:49:b4:29:
94:7b:9f:7f:d6:87:a3:76:cb:3c:21:2e:48:d6:ba:
af:72:c5:25:d4:4a:d9:fd:2b:81:12:45:40:cd:81:
07:f2:e9:73:2d:c6:96:75:0f:6f:c4:45:10:ea:e2:
92:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E0:06:87:63:EB:1F:0B:90:5A:1B:06:8A:3C:73:21:4F:C8:17:D6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FBE7065EC32B11EF9E89F9A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.201.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:29:c5:19:e7:31:03:57:d0:65:27:ba:37:a1:5e:87:0c:e9:
8f:d5:a9:dc:6f:ec:2f:a4:74:22:60:ea:fc:d4:05:15:43:2f:
b8:d9:de:b1:36:b3:96:fc:e1:2a:e4:f3:88:39:c0:5f:0e:18:
9e:14:95:92:c9:b9:e3:29:59:45:71:b7:49:67:ce:ff:73:a2:
8f:83:34:d3:2f:fc:72:7c:e6:bb:25:8d:98:f0:89:44:bd:43:
05:32:6d:e5:c0:13:57:78:52:54:b4:46:6b:06:5e:c0:73:86:
7d:ea:2a:3b:ba:9b:a2:93:cc:0a:c5:1c:5b:27:ee:5e:2b:e9:
d6:32:d6:ab:bc:3d:84:74:a7:4b:79:27:25:92:3d:d3:b6:1d:
97:63:41:67:9f:e6:a9:1b:66:b1:0d:9c:57:41:82:ae:e5:3c:
63:d4:ae:4b:e9:7e:1b:39:23:44:43:a0:8f:a7:cc:ae:e7:5d:
dd:11:b7:55:19:94:0c:d4:4e:aa:83:eb:87:bc:71:fe:b1:be:
90:d7:96:8f:d9:66:c6:98:59:84:b1:3d:07:b0:90:87:07:82:
91:a8:aa:08:b0:8b:97:cb:44:6f:42:52:12:2e:0b:c2:0a:41:
d2:6a:4a:ef:9e:36:3f:9a:bd:1d:73:d0:d2:15:ca:64:73:fc:
b3:3b:dd:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDE1MTUxWhcNMjUxMjEwMDE1MTUxWjAYMRYw
FAYDVQQDEw02NzZjYjZiYi0yNGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxuAcEYLAbS2G5MtvLs/3Wv1ORsR9X5KlVyL5H9JOc1YXmBmGJHLup7m1
7Cux6A7UXkcO9R0Tvba5bqVJUFbOmCkDKfM4vksh6aoBZk6ITDea6XQg4vU2pu1H
SMgdZWv/Nl4mQIFXzozKvyt4rXHBORRko0TWgrIokdEzX1I5TnrsZ0WysET3Lunz
A1Ae4CZks1K+v2ntNidibVEu/EAyMDyRCzBwkrw3ZDKB1tff3v1s8UkxrkUaEXQR
DTD/LBvKGhoKno9Xejfw2jr3rORJtCmUe59/1oejdss8IS5I1rqvcsUl1ErZ/SuB
EkVAzYEH8ulzLcaWdQ9vxEUQ6uKSMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKXg
Bodj6x8LkFobBoo8cyFPyBfWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQkU3MDY1RUMzMkIxMUVGOUU4OUY5QTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPJMA0GCSqGSIb3DQEBCwUA
A4IBAQAbKcUZ5zEDV9BlJ7o3oV6HDOmP1ancb+wvpHQiYOr81AUVQy+42d6xNrOW
/OEq5POIOcBfDhieFJWSybnjKVlFcbdJZ87/c6KPgzTTL/xyfOa7JY2Y8IlEvUMF
Mm3lwBNXeFJUtEZrBl7Ac4Z96io7upuik8wKxRxbJ+5eK+nWMtarvD2EdKdLeScl
kj3Tth2XY0Fnn+apG2axDZxXQYKu5Txj1K5L6X4bOSNEQ6CPp8yu513dEbdVGZQM
1E6qg+uHvHH+sb6Q15aP2WbGmFmEsT0HsJCHB4KRqKoIsIuXy0RvQlISLgvCCkHS
akrvnjY/mr0dc9DSFcpkc/yzO900
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:37 2025 by rpki-client