Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE3FBF08C32711EFBDD80B8C762E951A.roa
File: FE3FBF08C32711EFBDD80B8C762E951A.roa (raw, json)
Hash identifier: cJeZVIPBCNsWwH/x9ZgK+iSwmiDbllJMDUnHHfVU2l8=
Subject key identifier: 76:EC:96:2A:9B:38:CB:DA:BD:96:3C:D2:43:49:2A:48:75:A3:2F:80
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAA1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE3FBF08C32711EFBDD80B8C762E951A.roa
Signing time: Thu 26 Dec 2024 01:23:21 +0000
ROA not before: Thu 26 Dec 2024 01:23:17 +0000
ROA not after: Wed 10 Dec 2025 01:23:17 +0000
asID: 984
IP address blocks: 156.243.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60065 (0xeaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:23:17 2024 GMT
Not After : Dec 10 01:23:17 2025 GMT
Subject: CN=676cb009-69f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8f:69:31:dd:94:87:6a:3a:62:99:3f:56:2f:
ee:ae:bb:e5:3a:52:3e:db:af:f9:d7:f4:4b:8e:1c:
69:c3:55:ed:e8:01:e0:3d:41:48:57:b0:93:2b:ef:
8d:88:36:5c:f2:dc:dc:bd:0f:57:05:78:10:54:c2:
fe:ae:82:cf:31:38:c4:fc:2e:c0:6c:ec:c6:14:b4:
d8:df:a6:04:f8:de:89:53:16:df:bd:ab:e6:7e:35:
51:13:0a:8e:29:0a:9b:10:a4:70:d6:25:30:76:a2:
64:12:1f:39:5a:b9:8b:fa:2c:50:fa:4a:39:e2:8c:
56:70:05:be:66:2b:51:88:84:87:8f:26:44:f6:48:
e9:71:bf:5f:19:89:7f:96:fd:80:57:83:89:78:12:
68:11:ac:3d:54:7a:cc:db:17:a2:12:d9:a0:0e:04:
11:79:50:c2:be:b8:d6:ce:99:e9:86:07:1a:2a:d4:
7f:e6:37:f8:e1:3a:f3:6d:21:d4:7f:6a:95:2e:4d:
bf:4f:86:28:a0:41:67:ea:c1:99:33:32:37:11:97:
d1:45:c5:b5:ae:78:41:d3:99:4c:11:ab:2c:1e:54:
ba:ef:51:a9:7d:f7:56:0d:55:7b:03:c4:e4:26:f9:
af:e5:2f:60:72:38:f7:fa:f9:60:0a:ae:b6:ef:be:
d6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EC:96:2A:9B:38:CB:DA:BD:96:3C:D2:43:49:2A:48:75:A3:2F:80
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE3FBF08C32711EFBDD80B8C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.144.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c0:81:bb:49:c5:f9:f6:5a:14:b1:93:3d:a8:1e:d8:b8:a5:
3d:a5:45:32:d2:50:33:0d:07:63:ce:75:b0:99:cb:be:90:dc:
39:f9:4d:4b:47:7c:44:92:4b:4e:7b:1b:f2:d1:20:f5:7f:be:
ac:1f:8b:69:01:16:80:49:6b:27:fb:40:c3:c5:b2:d9:96:56:
3d:87:42:80:e3:87:d2:26:b8:8e:9c:68:48:c0:17:9c:d2:02:
df:4c:fe:02:7e:92:39:e5:bb:73:bb:3c:7e:ba:b6:63:34:45:
2d:99:c8:90:99:2a:bd:69:b6:06:cc:c9:c9:ae:e3:3f:6b:42:
dc:80:c7:4b:5f:64:27:c7:4b:a4:49:0b:8f:88:ea:36:75:25:
d8:98:50:61:95:9b:07:4e:03:95:f4:76:e6:da:30:f6:71:b1:
56:81:7d:16:f0:5a:1b:e9:22:ab:ed:ec:b8:38:58:6c:9b:be:
96:3c:c6:14:44:28:46:90:93:69:8e:26:79:b4:56:b2:db:24:
ca:a6:33:7b:85:5f:61:f5:22:a3:60:09:55:41:a0:f0:e9:7b:
53:17:61:a3:0f:e9:94:16:9b:67:d6:d5:05:8f:1a:a6:75:6e:
ea:59:2f:30:e7:e5:30:ed:a6:5f:7a:e4:60:76:40:8d:08:49:
e0:5a:03:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOqhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDEyMzE3WhcNMjUxMjEwMDEyMzE3WjAYMRYw
FAYDVQQDEw02NzZjYjAwOS02OWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzY9pMd2Uh2o6Ypk/Vi/urrvlOlI+26/51/RLjhxpw1Xt6AHgPUFIV7CT
K++NiDZc8tzcvQ9XBXgQVML+roLPMTjE/C7AbOzGFLTY36YE+N6JUxbfvavmfjVR
EwqOKQqbEKRw1iUwdqJkEh85WrmL+ixQ+ko54oxWcAW+ZitRiISHjyZE9kjpcb9f
GYl/lv2AV4OJeBJoEaw9VHrM2xeiEtmgDgQReVDCvrjWzpnphgcaKtR/5jf44Trz
bSHUf2qVLk2/T4YooEFn6sGZMzI3EZfRRcW1rnhB05lMEassHlS671GpffdWDVV7
A8TkJvmv5S9gcjj3+vlgCq62777WbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHbs
liqbOMvavZY80kNJKkh1oy+AMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRTNGQkYwOEMzMjcxMUVGQkREODBCOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPOQMA0GCSqGSIb3DQEBCwUA
A4IBAQBewIG7ScX59loUsZM9qB7YuKU9pUUy0lAzDQdjznWwmcu+kNw5+U1LR3xE
kktOexvy0SD1f76sH4tpARaASWsn+0DDxbLZllY9h0KA44fSJriOnGhIwBec0gLf
TP4CfpI55btzuzx+urZjNEUtmciQmSq9abYGzMnJruM/a0LcgMdLX2Qnx0ukSQuP
iOo2dSXYmFBhlZsHTgOV9Hbm2jD2cbFWgX0W8Fob6SKr7ey4OFhsm76WPMYURChG
kJNpjiZ5tFay2yTKpjN7hV9h9SKjYAlVQaDw6XtTF2GjD+mUFptn1tUFjxqmdW7q
WS8w5+Uw7aZfeuRgdkCNCEngWgMw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:41 2025 by rpki-client