Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC3C45B8C98611EFBB4CE4A6762E951A.roa
File: FC3C45B8C98611EFBB4CE4A6762E951A.roa (raw, json)
Hash identifier: zHYafyN99CaBbjlM5iMZNyAnxC7ItCppXIFtP5J7EBA=
Subject key identifier: CC:1A:E0:A9:91:A0:86:47:F9:BA:2F:F3:63:1C:B8:14:E3:6E:4A:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F587
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC3C45B8C98611EFBB4CE4A6762E951A.roa
Signing time: Fri 03 Jan 2025 03:58:27 +0000
ROA not before: Fri 03 Jan 2025 03:58:23 +0000
ROA not after: Mon 13 Dec 2027 03:58:23 +0000
asID: 17561
IP address blocks: 156.233.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62855 (0xf587)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:58:23 2025 GMT
Not After : Dec 13 03:58:23 2027 GMT
Subject: CN=67776063-3327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9c:43:2f:da:a9:07:33:52:0e:30:4e:5e:12:
1a:a2:be:54:d3:78:e7:d1:44:6b:4e:8b:6b:10:a1:
28:20:c4:ad:4d:0c:dc:8b:65:cb:54:de:63:cf:73:
78:62:69:29:fb:7a:a2:cc:76:12:22:c0:20:68:d9:
02:04:9e:1f:a6:91:61:a9:41:32:0f:cf:c6:86:93:
22:b4:c0:60:12:94:a9:38:ad:de:56:ea:43:c7:8d:
d5:2f:51:f7:e7:9e:f6:f1:e2:29:1f:cb:dd:fc:ff:
b0:14:e6:60:fe:8a:0f:5d:d0:c5:aa:e0:49:68:c9:
06:d0:7a:2f:67:26:5c:75:9e:8d:60:d1:c0:97:49:
69:12:60:42:fa:d2:25:ce:e7:92:ab:4a:37:8c:d8:
c4:5a:a6:8d:dc:e0:58:3a:bd:cb:fa:1a:a5:56:c8:
d7:34:76:4e:b2:0e:c4:01:ba:d3:6f:a9:36:2f:79:
da:ac:ee:ec:ce:6d:14:5b:a1:08:2d:fa:b8:5b:3b:
4d:96:7a:e0:05:21:ee:1a:66:18:2f:7a:4c:e8:c6:
1c:3a:9d:09:07:4c:7e:bb:f5:4b:b5:3c:71:1f:66:
7e:4c:d0:3c:ce:54:43:f7:d4:5e:25:48:1a:bb:30:
2a:6d:3f:84:b7:c9:ab:d8:3a:38:78:1a:c1:84:f7:
e3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1A:E0:A9:91:A0:86:47:F9:BA:2F:F3:63:1C:B8:14:E3:6E:4A:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC3C45B8C98611EFBB4CE4A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.9.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a9:47:4d:cc:31:e5:da:eb:c2:1b:11:dc:de:a8:a6:69:56:
69:bb:a2:9f:2c:19:39:ef:99:4c:fe:83:e6:67:a6:fc:61:07:
2c:30:81:28:fd:cc:eb:04:42:bd:c7:64:94:20:d6:cd:58:73:
90:d1:0c:20:d1:ee:fe:e8:20:c0:f8:11:d5:26:df:3b:d4:42:
65:d4:66:c2:7a:5c:8e:b1:c5:d3:27:7e:b6:27:41:21:8a:ab:
a5:46:9b:d7:81:1b:bb:dc:72:9f:8b:f9:36:b3:f4:97:04:35:
18:9f:0e:49:6f:dd:c2:da:39:91:ba:ac:0a:b0:35:ec:17:97:
e3:66:c6:e9:3e:ba:e6:e2:a3:c8:16:64:5f:9c:f4:f5:1c:65:
4b:f6:7b:69:15:51:05:3c:c1:f9:a9:53:7b:58:1c:90:dd:40:
a5:b7:19:c3:46:3a:0c:0b:35:79:f6:e1:b5:2b:44:0e:6a:13:
23:64:c6:a4:b2:9b:21:98:29:e1:50:f8:38:ad:c0:a1:cc:a5:
b3:df:56:b5:9f:06:0e:24:20:da:27:de:43:31:dd:b6:e3:62:
39:4b:a6:c5:33:f7:12:0c:ae:37:e0:87:3a:02:9a:5b:5f:6b:
bd:53:74:11:dc:fe:b8:58:f4:3b:7a:44:3d:f7:72:a0:26:1d:
ba:ea:d8:a3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDM1ODIzWhcNMjcxMjEzMDM1ODIzWjAYMRYw
FAYDVQQDEw02Nzc3NjA2My0zMzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzZxDL9qpBzNSDjBOXhIaor5U03jn0URrTotrEKEoIMStTQzci2XLVN5j
z3N4Ymkp+3qizHYSIsAgaNkCBJ4fppFhqUEyD8/GhpMitMBgEpSpOK3eVupDx43V
L1H355728eIpH8vd/P+wFOZg/ooPXdDFquBJaMkG0HovZyZcdZ6NYNHAl0lpEmBC
+tIlzueSq0o3jNjEWqaN3OBYOr3L+hqlVsjXNHZOsg7EAbrTb6k2L3narO7szm0U
W6EILfq4WztNlnrgBSHuGmYYL3pM6MYcOp0JB0x+u/VLtTxxH2Z+TNA8zlRD99Re
JUgauzAqbT+Et8mr2Do4eBrBhPfjIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMwa
4KmRoIZH+bov82McuBTjbkpJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQzNDNDVCOEM5ODYxMUVGQkI0Q0U0QTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkJMA0GCSqGSIb3DQEBCwUA
A4IBAQBaqUdNzDHl2uvCGxHc3qimaVZpu6KfLBk575lM/oPmZ6b8YQcsMIEo/czr
BEK9x2SUINbNWHOQ0Qwg0e7+6CDA+BHVJt871EJl1GbCelyOscXTJ362J0Ehiqul
RpvXgRu73HKfi/k2s/SXBDUYnw5Jb93C2jmRuqwKsDXsF5fjZsbpPrrm4qPIFmRf
nPT1HGVL9ntpFVEFPMH5qVN7WByQ3UCltxnDRjoMCzV59uG1K0QOahMjZMakspsh
mCnhUPg4rcChzKWz31a1nwYOJCDaJ95DMd2242I5S6bFM/cSDK434Ic6AppbX2u9
U3QR3P64WPQ7ekQ993KgJh266tij
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:57 2025 by rpki-client