Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC1F3B74CCE411EFAE49F97E762E951A.roa
File: FC1F3B74CCE411EFAE49F97E762E951A.roa (raw, json)
Hash identifier: v1mNovy46hiVnP1zpxdzjj6OuVGibae1XnaEjJYy3zI=
Subject key identifier: FD:9B:2E:30:01:32:DE:48:B6:C4:5D:6C:EA:18:DF:E9:DF:11:BE:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBC5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC1F3B74CCE411EFAE49F97E762E951A.roa
Signing time: Tue 07 Jan 2025 10:48:53 +0000
ROA not before: Tue 07 Jan 2025 10:48:49 +0000
ROA not after: Mon 13 Dec 2027 10:48:49 +0000
asID: 17561
IP address blocks: 156.233.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64453 (0xfbc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:48:49 2025 GMT
Not After : Dec 13 10:48:49 2027 GMT
Subject: CN=677d0695-0c05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c2:cb:09:12:a7:cd:dd:90:d4:54:e0:0e:8d:
12:2d:6f:ff:ab:49:4b:0a:af:80:36:e8:ee:65:dc:
a9:9f:c6:b7:92:28:95:75:ba:5c:bc:0e:40:57:30:
3c:9e:5f:7a:8d:e1:11:ce:00:98:7a:b9:a5:55:d2:
e1:9b:e5:7e:7a:25:8a:42:cf:8f:1b:c8:2e:aa:00:
27:88:8f:ad:db:9e:76:a7:3d:66:42:f4:e8:b9:84:
ca:bb:6e:3b:fe:c8:27:a8:8a:2c:b5:ca:86:ad:42:
99:e3:2e:a6:05:bb:bd:8f:2e:7a:45:48:40:2f:dc:
ed:55:97:ea:50:c3:20:17:2a:26:5b:d5:ab:5e:c5:
79:08:ad:a7:46:5d:f0:2d:e5:2a:f0:c7:a1:17:ef:
91:3f:4b:d7:59:86:84:09:56:71:52:4f:ac:51:cf:
a8:46:ce:6c:a0:95:ae:07:c4:ed:bb:e4:89:d0:dd:
53:de:e1:c9:9a:97:e1:95:b1:1a:7c:ee:98:4e:b8:
f8:0c:65:0e:f6:d1:fb:41:5d:b3:cf:ca:4c:74:d0:
11:b1:71:7f:db:13:8d:3c:92:1a:56:f5:9d:74:3a:
33:ec:dc:07:2a:0d:c6:eb:1e:30:e6:e2:43:c3:1d:
b5:f8:a8:fb:3f:5b:14:22:51:d5:29:08:57:e0:25:
1a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9B:2E:30:01:32:DE:48:B6:C4:5D:6C:EA:18:DF:E9:DF:11:BE:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC1F3B74CCE411EFAE49F97E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.247.0/24
Signature Algorithm: sha256WithRSAEncryption
99:50:aa:a2:e5:06:07:90:da:ec:b5:b6:33:d6:3e:05:9e:65:
29:16:6c:0c:8c:0c:4f:76:a1:7c:0c:7f:ac:99:4a:55:4e:0a:
31:02:9a:1a:55:7b:73:86:07:f2:0b:46:57:f6:ee:0b:dc:f5:
7f:cb:8b:23:e1:2c:04:33:e6:e5:e0:56:7b:86:6f:a4:10:b8:
7c:b1:bb:96:f9:e0:c6:de:41:19:b4:3c:d6:fe:c0:01:ec:10:
01:8b:26:b7:55:b6:37:b9:a6:d5:0a:73:1d:04:cb:4f:66:e8:
bf:3a:f0:7a:ba:a1:d7:ec:97:74:c5:e7:07:b4:18:b0:64:85:
cf:a9:dc:d6:c6:67:3c:3c:5e:1d:20:2b:e8:96:a6:22:12:5a:
28:78:27:77:5a:93:d9:ae:6a:31:39:c5:f3:bd:92:92:c9:91:
e9:87:a9:0b:1b:73:97:e9:81:8f:70:14:f7:92:30:f9:cb:56:
bd:8d:8c:05:9f:a3:d5:30:ac:f0:d0:b3:0f:03:2d:c7:75:fd:
7d:bb:2d:0e:04:fa:ae:5f:24:7d:31:fb:c2:88:11:40:a7:9a:
53:6d:32:db:aa:d1:6d:9b:77:d4:10:e5:28:06:52:3a:b4:fa:
54:23:1c:44:1e:07:1e:95:96:89:70:58:43:e0:cc:86:81:55:
51:3a:cf:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTA0ODQ5WhcNMjcxMjEzMTA0ODQ5WjAYMRYw
FAYDVQQDEw02NzdkMDY5NS0wYzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo8LLCRKnzd2Q1FTgDo0SLW//q0lLCq+ANujuZdypn8a3kiiVdbpcvA5A
VzA8nl96jeERzgCYermlVdLhm+V+eiWKQs+PG8guqgAniI+t2552pz1mQvTouYTK
u247/sgnqIostcqGrUKZ4y6mBbu9jy56RUhAL9ztVZfqUMMgFyomW9WrXsV5CK2n
Rl3wLeUq8MehF++RP0vXWYaECVZxUk+sUc+oRs5soJWuB8Ttu+SJ0N1T3uHJmpfh
lbEafO6YTrj4DGUO9tH7QV2zz8pMdNARsXF/2xONPJIaVvWddDoz7NwHKg3G6x4w
5uJDwx21+Kj7P1sUIlHVKQhX4CUaqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP2b
LjABMt5ItsRdbOoY3+nfEb6yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQzFGM0I3NENDRTQxMUVGQUU0OUY5N0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOn3MA0GCSqGSIb3DQEBCwUA
A4IBAQCZUKqi5QYHkNrstbYz1j4FnmUpFmwMjAxPdqF8DH+smUpVTgoxApoaVXtz
hgfyC0ZX9u4L3PV/y4sj4SwEM+bl4FZ7hm+kELh8sbuW+eDG3kEZtDzW/sAB7BAB
iya3VbY3uabVCnMdBMtPZui/OvB6uqHX7Jd0xecHtBiwZIXPqdzWxmc8PF4dICvo
lqYiElooeCd3WpPZrmoxOcXzvZKSyZHph6kLG3OX6YGPcBT3kjD5y1a9jYwFn6PV
MKzw0LMPAy3Hdf19uy0OBPquXyR9MfvCiBFAp5pTbTLbqtFtm3fUEOUoBlI6tPpU
IxxEHgcelZaJcFhD4MyGgVVROs8h
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:48 2025 by rpki-client