Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD4889C6C28311EFA1B3238C762E951A.roa
File: FD4889C6C28311EFA1B3238C762E951A.roa (raw, json)
Hash identifier: 0Bw4V5aUkPTEoOfYUeCgn+gScj6V/cCkKyxVnod96Q4=
Subject key identifier: 5A:80:CF:9F:4E:01:AD:DA:30:78:E8:87:A8:77:3A:E4:CC:EB:F2:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E90D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD4889C6C28311EFA1B3238C762E951A.roa
Signing time: Wed 25 Dec 2024 05:49:22 +0000
ROA not before: Wed 25 Dec 2024 05:49:18 +0000
ROA not after: Wed 10 Dec 2025 05:49:18 +0000
asID: 984
IP address blocks: 156.228.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59661 (0xe90d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:49:18 2024 GMT
Not After : Dec 10 05:49:18 2025 GMT
Subject: CN=676b9ce2-d449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fa:63:5c:2e:43:a0:41:18:e4:b0:96:3c:23:
e0:58:38:30:00:89:e4:63:80:41:07:c1:0e:ff:1e:
65:ac:7d:86:d9:4a:fc:d1:26:41:9b:b8:5c:bb:f6:
04:f4:53:db:b4:ed:7c:4d:db:ef:43:05:d0:23:36:
98:ed:82:c3:9d:92:60:8a:1d:67:82:ad:b7:69:db:
9b:00:7a:ef:3a:4c:32:38:98:72:41:7d:a1:9f:62:
75:e4:ee:11:53:0e:bc:97:f8:8d:3b:f7:98:62:d2:
cb:6e:54:67:a6:ca:fe:22:4b:f1:ac:a8:76:88:2b:
44:9d:da:38:59:05:a3:00:8c:48:c6:89:70:b0:fc:
3b:c5:3f:ab:26:d5:57:75:38:f7:dc:4c:a8:1e:62:
93:a0:b8:59:1b:e6:35:60:ad:e9:5d:11:1c:a0:55:
73:3a:c0:8a:5e:a2:5b:77:8e:46:71:e0:c4:e2:fe:
40:52:c9:d6:87:74:2d:87:ba:23:be:00:7e:0f:e8:
8f:07:2b:a8:97:69:ff:02:81:04:a3:b2:e3:7a:f9:
97:fe:2a:fe:a2:c4:6f:da:60:7d:f7:14:8b:cb:40:
d5:06:43:bc:b6:3b:ff:18:09:7c:2a:cc:bf:18:c9:
67:0d:13:2d:f8:d4:30:f0:e8:8a:33:9e:77:4a:89:
9d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:80:CF:9F:4E:01:AD:DA:30:78:E8:87:A8:77:3A:E4:CC:EB:F2:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FD4889C6C28311EFA1B3238C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.38.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:05:84:a9:36:45:fb:6b:bb:6f:ad:46:35:6f:24:5d:11:16:
54:6b:71:43:aa:38:59:44:dc:93:23:76:bd:c6:3e:6f:d2:98:
4c:4c:22:cb:81:ad:a8:87:f9:a7:19:bf:38:8b:28:61:6e:b6:
ae:e1:a0:7b:94:3c:77:05:11:eb:c4:aa:52:b8:1e:cc:ae:24:
0d:98:23:11:0b:d4:04:f6:bf:18:50:9a:f3:02:a5:b5:53:1a:
99:6b:66:ab:fe:0d:8d:88:58:d2:f9:3e:be:39:7e:7e:22:94:
aa:64:7d:32:71:a8:cf:e9:cb:89:66:2c:20:d7:2a:e8:11:30:
f0:44:a3:fc:a8:2a:d9:64:c6:72:75:a1:3f:bf:fb:11:7d:44:
ef:0a:c6:34:84:e3:a5:1d:37:0d:e5:21:0e:f0:03:ec:40:94:
8e:cd:41:60:4d:9f:e7:5a:5c:14:a1:d3:51:7a:75:49:1e:d0:
e7:70:c2:42:50:41:ce:bc:ec:35:4c:dc:90:6e:cb:af:ef:62:
ad:0b:52:cd:70:88:7a:31:58:bf:af:f2:bb:92:b0:25:e8:be:
94:75:50:e9:60:e3:10:76:aa:4b:f6:f7:79:78:52:8e:fe:2e:
67:ea:0b:8a:f5:05:ab:f8:af:f4:12:8b:fc:9d:a2:4c:f4:07:
23:cc:fc:7c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOkNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDU0OTE4WhcNMjUxMjEwMDU0OTE4WjAYMRYw
FAYDVQQDEw02NzZiOWNlMi1kNDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/pjXC5DoEEY5LCWPCPgWDgwAInkY4BBB8EO/x5lrH2G2Ur80SZBm7hc
u/YE9FPbtO18TdvvQwXQIzaY7YLDnZJgih1ngq23adubAHrvOkwyOJhyQX2hn2J1
5O4RUw68l/iNO/eYYtLLblRnpsr+IkvxrKh2iCtEndo4WQWjAIxIxolwsPw7xT+r
JtVXdTj33EyoHmKToLhZG+Y1YK3pXREcoFVzOsCKXqJbd45GceDE4v5AUsnWh3Qt
h7ojvgB+D+iPByuol2n/AoEEo7LjevmX/ir+osRv2mB99xSLy0DVBkO8tjv/GAl8
Ksy/GMlnDRMt+NQw8OiKM553SomdUwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFqA
z59OAa3aMHjoh6h3OuTM6/IgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRDQ4ODlDNkMyODMxMUVGQTFCMzIzOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQmMA0GCSqGSIb3DQEBCwUA
A4IBAQAtBYSpNkX7a7tvrUY1byRdERZUa3FDqjhZRNyTI3a9xj5v0phMTCLLga2o
h/mnGb84iyhhbrau4aB7lDx3BRHrxKpSuB7MriQNmCMRC9QE9r8YUJrzAqW1UxqZ
a2ar/g2NiFjS+T6+OX5+IpSqZH0ycajP6cuJZiwg1yroETDwRKP8qCrZZMZydaE/
v/sRfUTvCsY0hOOlHTcN5SEO8APsQJSOzUFgTZ/nWlwUodNRenVJHtDncMJCUEHO
vOw1TNyQbsuv72KtC1LNcIh6MVi/r/K7krAl6L6UdVDpYOMQdqpL9vd5eFKO/i5n
6guK9QWr+K/0Eov8naJM9AcjzPx8
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:06 2025 by rpki-client