Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FDB432C6CE3F11EF9D98E3B1762E951A.roa
File: FDB432C6CE3F11EF9D98E3B1762E951A.roa (raw, json)
Hash identifier: DTsexceQ010zNOb6HDQr0l8FZXQHDxeQxz1PPiMTYzY=
Subject key identifier: F7:6B:50:83:92:5F:F1:1F:6F:EB:C6:4E:C2:7B:47:40:44:3D:32:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010269
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FDB432C6CE3F11EF9D98E3B1762E951A.roa
Signing time: Thu 09 Jan 2025 04:12:51 +0000
ROA not before: Thu 09 Jan 2025 04:12:47 +0000
ROA not after: Fri 09 Jan 2026 04:12:47 +0000
asID: 17561
IP address blocks: 156.245.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66153 (0x10269)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 04:12:47 2025 GMT
Not After : Jan 9 04:12:47 2026 GMT
Subject: CN=677f4cc3-4e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:87:8a:e9:c3:9d:0d:f9:22:a9:ca:b3:ae:84:
ea:76:b3:d2:a0:da:17:4b:7a:d0:36:0c:fb:83:62:
54:d3:27:5f:b4:46:10:69:31:59:e5:e2:be:27:27:
a1:de:c5:63:4e:27:61:52:62:8a:d7:f4:04:ff:3a:
f2:c8:a3:6c:2e:c3:9d:09:75:1c:71:ef:a9:e6:39:
af:fd:5a:35:c4:e3:28:de:3e:a2:60:0a:e1:56:be:
57:b3:5b:88:29:e7:08:4a:9b:02:2e:cf:6c:9a:5d:
37:3c:bf:18:59:a6:19:93:56:a4:5d:ea:f1:5f:74:
a6:14:f7:79:b3:46:f7:c3:fe:cb:cb:26:1e:84:e9:
35:6c:00:95:58:4e:64:ff:81:a2:e7:48:78:12:4a:
69:d3:1a:c1:c2:2c:e5:f8:60:77:1d:98:94:1c:f8:
26:15:9e:da:98:51:58:59:9d:30:4b:ce:eb:f9:c9:
2b:cf:ad:6b:ec:3d:7d:10:54:d0:b5:6b:d3:57:81:
34:3f:a7:3d:02:f1:88:17:17:e4:ef:23:71:d9:ef:
05:e6:4a:c8:7a:d5:b4:2e:a8:b9:a9:ae:b9:f1:23:
39:b4:6a:16:6d:23:5f:22:a0:ed:68:e4:4b:7d:91:
bd:fb:62:b5:c4:12:da:f8:55:17:1f:50:79:d2:0e:
4b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:6B:50:83:92:5F:F1:1F:6F:EB:C6:4E:C2:7B:47:40:44:3D:32:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FDB432C6CE3F11EF9D98E3B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.104.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:fc:13:89:f8:bd:a3:4f:06:85:3c:05:44:0e:86:b1:c8:ec:
f2:81:da:8f:62:f7:34:fc:8f:49:84:75:d8:ca:1e:db:ae:64:
b7:4c:ce:eb:90:a4:f2:c2:5e:fd:cc:d8:46:bd:15:15:f4:46:
d9:65:89:23:d5:7e:96:f3:4a:fe:b3:de:1e:b6:f8:d0:ac:96:
b0:17:37:8e:24:eb:ee:6d:80:56:d8:89:3c:05:19:e0:d7:0e:
f1:4f:a4:b0:af:37:b6:f4:25:92:07:f4:6e:6f:59:43:fe:84:
c2:33:dd:90:c4:7e:bc:36:f3:ef:ab:69:f7:4b:f0:d6:e3:62:
7e:e4:00:23:2a:be:29:e8:2d:56:7e:9c:1d:4c:61:d5:e2:f6:
c0:e6:63:e1:76:e8:c5:7f:65:38:22:8e:82:73:e5:09:65:be:
5b:75:ea:6b:99:dd:57:ac:d2:75:e6:74:2a:c0:0f:d1:1a:8b:
eb:fa:0e:c3:84:b2:01:75:5f:9e:ca:bb:1b:40:9e:34:b2:52:
d6:7d:91:ae:13:d3:26:ad:e3:44:29:67:57:87:1f:aa:ae:42:
0a:20:3f:dc:93:f1:6f:64:5f:17:b1:0c:a5:5b:fb:c6:e7:26:
7c:bf:eb:d6:59:91:3f:1d:42:02:f7:fc:69:90:ef:c7:9e:9b:
b3:8f:a9:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQJpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDQxMjQ3WhcNMjYwMTA5MDQxMjQ3WjAYMRYw
FAYDVQQDEw02NzdmNGNjMy00ZTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxoeK6cOdDfkiqcqzroTqdrPSoNoXS3rQNgz7g2JU0ydftEYQaTFZ5eK+
Jyeh3sVjTidhUmKK1/QE/zryyKNsLsOdCXUcce+p5jmv/Vo1xOMo3j6iYArhVr5X
s1uIKecISpsCLs9sml03PL8YWaYZk1akXerxX3SmFPd5s0b3w/7LyyYehOk1bACV
WE5k/4Gi50h4Ekpp0xrBwizl+GB3HZiUHPgmFZ7amFFYWZ0wS87r+ckrz61r7D19
EFTQtWvTV4E0P6c9AvGIFxfk7yNx2e8F5krIetW0Lqi5qa658SM5tGoWbSNfIqDt
aORLfZG9+2K1xBLa+FUXH1B50g5L1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPdr
UIOSX/Efb+vGTsJ7R0BEPTI4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GREI0MzJDNkNFM0YxMUVGOUQ5OEUzQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPVoMA0GCSqGSIb3DQEBCwUA
A4IBAQA//BOJ+L2jTwaFPAVEDoaxyOzygdqPYvc0/I9JhHXYyh7brmS3TM7rkKTy
wl79zNhGvRUV9EbZZYkj1X6W80r+s94etvjQrJawFzeOJOvubYBW2Ik8BRng1w7x
T6Swrze29CWSB/Rub1lD/oTCM92QxH68NvPvq2n3S/DW42J+5AAjKr4p6C1Wfpwd
TGHV4vbA5mPhdujFf2U4Io6Cc+UJZb5bdeprmd1XrNJ15nQqwA/RGovr+g7DhLIB
dV+eyrsbQJ40slLWfZGuE9MmreNEKWdXhx+qrkIKID/ck/FvZF8XsQylW/vG5yZ8
v+vWWZE/HUIC9/xpkO/Hnpuzj6l/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:44 2025 by rpki-client