Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD355D1ECD3811EF91C5B390762E951A.roa
File: FD355D1ECD3811EF91C5B390762E951A.roa (raw, json)
Hash identifier: 7kJi6kqmaI57veRRAHlad7B2Cf3r+t1WsZOwC7tJPE8=
Subject key identifier: 73:27:72:6F:6C:01:AB:5D:D0:E6:C1:A4:7A:45:22:84:88:D7:B4:5F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE31
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD355D1ECD3811EF91C5B390762E951A.roa
Signing time: Tue 07 Jan 2025 20:50:12 +0000
ROA not before: Tue 07 Jan 2025 20:50:08 +0000
ROA not after: Sat 13 Dec 2025 20:50:08 +0000
asID: 984
IP address blocks: 156.243.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65073 (0xfe31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:50:08 2025 GMT
Not After : Dec 13 20:50:08 2025 GMT
Subject: CN=677d9384-486b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b6:e6:7e:1b:53:18:0f:13:bd:48:54:67:15:
6c:40:23:33:55:da:fb:21:fd:47:0b:ed:a9:cb:37:
35:28:50:e3:fd:f2:5e:6e:ca:c4:a2:0a:68:4a:b6:
28:6b:8b:76:7e:39:e0:9e:30:df:68:99:5a:81:3e:
c7:46:ec:55:40:2e:24:d3:1f:55:51:e8:7c:52:c1:
b9:f7:59:4b:24:9d:d7:db:35:80:29:f2:ba:ef:9d:
e9:27:f0:a2:0d:e9:da:ec:f5:fe:73:0f:62:80:41:
a3:6f:cc:b3:6f:06:e1:80:bd:ad:d4:ca:92:da:5c:
02:26:6c:0e:99:5b:68:12:58:de:8c:4e:3e:7b:91:
a3:c8:69:63:c2:43:dc:d4:5e:89:46:be:78:e3:69:
52:ab:b9:08:c1:61:26:ce:ed:96:06:94:02:cd:ba:
e5:4a:b6:4d:46:db:f6:e0:c7:56:08:22:30:45:29:
76:97:36:d2:3c:41:47:cc:08:87:30:a1:a0:d1:6c:
27:b7:a4:2a:98:1b:34:ef:af:09:b0:1d:1d:78:c7:
8b:7a:9d:f3:95:84:9b:f1:47:b4:73:bb:35:01:0f:
dd:b5:35:69:26:69:6f:9b:e9:ed:3a:a5:dd:72:ed:
31:e7:54:ee:b2:cf:f6:58:de:02:1e:40:de:02:2e:
69:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:27:72:6F:6C:01:AB:5D:D0:E6:C1:A4:7A:45:22:84:88:D7:B4:5F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD355D1ECD3811EF91C5B390762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.65.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:20:03:1c:a1:e0:e0:1e:91:2a:cb:90:56:49:9b:1b:fc:be:
8e:67:b0:af:e5:6e:fd:fa:d4:c7:fd:73:d2:5c:5c:a2:27:8a:
59:ba:84:3b:d3:be:c5:71:53:5d:29:89:1d:e2:62:fa:98:02:
8c:14:35:3e:d3:aa:af:51:b0:6e:a0:87:17:12:df:63:b6:f1:
fe:0b:56:28:72:09:26:51:63:52:d7:e3:7f:c7:48:80:f9:b9:
7a:21:a6:fb:e6:a4:e2:e4:16:ca:c5:65:15:45:71:89:84:23:
76:53:d2:99:99:08:e1:66:a6:7b:b9:d9:35:ad:dc:bc:3d:92:
fa:84:58:fa:dc:81:89:df:74:d5:86:e0:ee:9a:37:de:51:e2:
fb:c8:e4:1f:fe:6f:e9:cb:c5:28:74:c6:8b:8e:80:b6:93:b5:
d8:94:4a:8d:be:67:73:d7:86:94:5e:9d:4f:94:fc:4b:22:1b:
42:61:1a:fd:9f:37:e5:fd:f9:f3:2a:fb:3d:67:55:e9:cf:c4:
84:c9:78:81:6a:d6:26:ca:12:be:89:96:c1:12:aa:b0:fe:a1:
c2:c2:20:59:40:36:f5:38:9c:1c:ca:db:02:c8:bd:c3:79:8f:
83:85:b6:89:f0:42:e1:78:62:46:b6:7b:9d:3e:ca:c9:5f:fd:
2e:b3:0e:43
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjA1MDA4WhcNMjUxMjEzMjA1MDA4WjAYMRYw
FAYDVQQDEw02NzdkOTM4NC00ODZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsbbmfhtTGA8TvUhUZxVsQCMzVdr7If1HC+2pyzc1KFDj/fJebsrEogpo
SrYoa4t2fjngnjDfaJlagT7HRuxVQC4k0x9VUeh8UsG591lLJJ3X2zWAKfK6753p
J/CiDena7PX+cw9igEGjb8yzbwbhgL2t1MqS2lwCJmwOmVtoEljejE4+e5GjyGlj
wkPc1F6JRr5442lSq7kIwWEmzu2WBpQCzbrlSrZNRtv24MdWCCIwRSl2lzbSPEFH
zAiHMKGg0Wwnt6QqmBs0768JsB0deMeLep3zlYSb8Ue0c7s1AQ/dtTVpJmlvm+nt
OqXdcu0x51Tuss/2WN4CHkDeAi5pmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHMn
cm9sAatd0ObBpHpFIoSI17RfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRDM1NUQxRUNEMzgxMUVGOTFDNUIzOTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNBMA0GCSqGSIb3DQEBCwUA
A4IBAQBNIAMcoeDgHpEqy5BWSZsb/L6OZ7Cv5W79+tTH/XPSXFyiJ4pZuoQ7077F
cVNdKYkd4mL6mAKMFDU+06qvUbBuoIcXEt9jtvH+C1YocgkmUWNS1+N/x0iA+bl6
Iab75qTi5BbKxWUVRXGJhCN2U9KZmQjhZqZ7udk1rdy8PZL6hFj63IGJ33TVhuDu
mjfeUeL7yOQf/m/py8UodMaLjoC2k7XYlEqNvmdz14aUXp1PlPxLIhtCYRr9nzfl
/fnzKvs9Z1Xpz8SEyXiBatYmyhK+iZbBEqqw/qHCwiBZQDb1OJwcytsCyL3DeY+D
hbaJ8ELheGJGtnudPsrJX/0usw5D
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:41 2025 by rpki-client