Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC02A6F8C33411EFA566FD6C762E951A.roa
File: FC02A6F8C33411EFA566FD6C762E951A.roa (raw, json)
Hash identifier: EqG34s1jKJwOnOJOUhJmEUG7t7ZjmahCd8mtTuljNMo=
Subject key identifier: 4D:F1:4C:94:EF:2C:89:3C:C5:40:7C:E3:96:FB:51:2B:BC:AF:A1:A9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB3D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC02A6F8C33411EFA566FD6C762E951A.roa
Signing time: Thu 26 Dec 2024 02:56:21 +0000
ROA not before: Thu 26 Dec 2024 02:56:17 +0000
ROA not after: Wed 10 Dec 2025 02:56:17 +0000
asID: 984
IP address blocks: 156.244.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60221 (0xeb3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:56:17 2024 GMT
Not After : Dec 10 02:56:17 2025 GMT
Subject: CN=676cc5d4-f286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:90:f3:16:71:d7:19:ae:1e:a7:ff:98:06:54:
b0:d1:52:c3:ea:07:f8:17:b6:c2:25:ab:b2:f1:6d:
52:17:fc:fb:49:20:c6:7f:18:6c:25:b1:d5:66:3e:
af:fb:95:db:61:30:c6:d8:89:9c:c5:ac:c6:6c:e3:
4b:1f:f6:c1:1c:45:fd:65:50:11:b2:d7:c3:91:69:
26:d5:c5:28:4a:b1:c3:f6:98:7c:b7:1d:3e:36:95:
4b:21:63:7f:54:80:21:86:7f:e9:9a:70:cd:a1:24:
44:db:f6:f8:10:64:83:21:37:c0:e0:81:bc:f8:17:
4e:ce:a0:a7:83:ba:6c:db:88:bd:5d:4c:06:dd:0e:
8d:21:9a:32:6d:1c:02:f9:36:ff:7c:ef:39:57:46:
04:ef:88:44:a2:c3:c8:80:8c:5e:3c:bc:fa:97:78:
a9:8d:c6:e0:10:c1:f8:59:8d:1c:b4:61:f9:61:9f:
a1:c4:fe:a0:98:d3:0d:41:b0:7f:bf:e8:f7:e6:e9:
ac:a2:38:ba:6c:5d:03:27:24:2b:0b:c9:b1:8c:f6:
80:45:50:58:af:52:7e:2d:97:1b:4a:8d:a9:ba:9b:
11:5e:2c:c3:83:ad:ff:ab:8a:24:b7:2b:a8:52:26:
97:d6:71:bb:11:48:7f:01:50:da:be:3e:6c:6d:79:
0f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F1:4C:94:EF:2C:89:3C:C5:40:7C:E3:96:FB:51:2B:BC:AF:A1:A9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC02A6F8C33411EFA566FD6C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.154.0/24
Signature Algorithm: sha256WithRSAEncryption
31:05:56:c9:1f:8a:21:f9:9c:8a:fd:b1:08:6e:b2:a4:bf:bb:
7e:1f:88:3d:8a:59:cd:11:9c:2b:08:73:55:5c:49:61:69:df:
b9:68:83:2b:83:4e:d3:3f:e0:3c:7f:d1:45:a0:c3:03:12:97:
15:f9:6d:c0:4d:1f:c8:07:12:90:bf:22:40:dd:55:2d:6a:45:
e1:f1:0c:4c:54:7a:b4:82:92:ae:a1:f0:5e:f7:39:08:a1:39:
56:b9:42:ad:ea:5f:03:ae:26:f8:f0:cd:4b:87:8a:16:04:47:
67:be:e5:29:4e:05:e7:cc:35:e3:dd:6c:c7:39:f3:f9:cb:82:
1c:24:6f:7f:d1:df:05:a4:04:a3:b2:83:c5:27:50:9e:bc:cb:
1b:ab:ee:0b:be:5b:50:09:72:57:df:6a:6a:ae:78:82:35:d7:
97:75:10:d7:75:6b:bb:b2:f4:32:39:23:a6:ac:f3:cc:1c:f3:
89:06:0e:54:2f:22:31:1e:1a:c7:89:7e:97:1a:92:97:c9:be:
1f:9b:22:3c:39:0f:19:b7:e1:af:6c:bb:e2:61:7e:53:5c:1f:
05:7c:c7:56:5b:73:bd:ff:bd:df:a7:c3:4b:94:39:eb:30:c4:
d9:b8:bc:a7:16:13:59:80:6d:aa:c5:0f:1d:f0:cf:63:23:4f:
49:66:ca:a6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOs9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDI1NjE3WhcNMjUxMjEwMDI1NjE3WjAYMRYw
FAYDVQQDEw02NzZjYzVkNC1mMjg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwJDzFnHXGa4ep/+YBlSw0VLD6gf4F7bCJauy8W1SF/z7SSDGfxhsJbHV
Zj6v+5XbYTDG2ImcxazGbONLH/bBHEX9ZVARstfDkWkm1cUoSrHD9ph8tx0+NpVL
IWN/VIAhhn/pmnDNoSRE2/b4EGSDITfA4IG8+BdOzqCng7ps24i9XUwG3Q6NIZoy
bRwC+Tb/fO85V0YE74hEosPIgIxePLz6l3ipjcbgEMH4WY0ctGH5YZ+hxP6gmNMN
QbB/v+j35umsoji6bF0DJyQrC8mxjPaARVBYr1J+LZcbSo2pupsRXizDg63/q4ok
tyuoUiaX1nG7EUh/AVDavj5sbXkP2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE3x
TJTvLIk8xUB845b7USu8r6GpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQzAyQTZGOEMzMzQxMUVGQTU2NkZENkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSaMA0GCSqGSIb3DQEBCwUA
A4IBAQAxBVbJH4oh+ZyK/bEIbrKkv7t+H4g9ilnNEZwrCHNVXElhad+5aIMrg07T
P+A8f9FFoMMDEpcV+W3ATR/IBxKQvyJA3VUtakXh8QxMVHq0gpKuofBe9zkIoTlW
uUKt6l8Drib48M1Lh4oWBEdnvuUpTgXnzDXj3WzHOfP5y4IcJG9/0d8FpASjsoPF
J1CevMsbq+4LvltQCXJX32pqrniCNdeXdRDXdWu7svQyOSOmrPPMHPOJBg5ULyIx
HhrHiX6XGpKXyb4fmyI8OQ8Zt+GvbLviYX5TXB8FfMdWW3O9/73fp8NLlDnrMMTZ
uLynFhNZgG2qxQ8d8M9jI09JZsqm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:38 2025 by rpki-client