Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE9B5988CC8E11EFA061344A762E951A.roa
File: FE9B5988CC8E11EFA061344A762E951A.roa (raw, json)
Hash identifier: /yMB+i6xHDOt+k79JqYJcX3ofrYglnNmEmp1oqF0Xtw=
Subject key identifier: A3:17:F7:47:1E:97:59:BE:EB:3F:2A:13:52:F4:37:AD:3C:A9:09:60
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8F7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE9B5988CC8E11EFA061344A762E951A.roa
Signing time: Tue 07 Jan 2025 00:33:20 +0000
ROA not before: Tue 07 Jan 2025 00:00:16 +0000
ROA not after: Sat 13 Dec 2025 00:00:16 +0000
asID: 984
IP address blocks: 156.226.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63735 (0xf8f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 00:00:16 2025 GMT
Not After : Dec 13 00:00:16 2025 GMT
Subject: CN=677c7650-2e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ac:62:bd:25:9f:ba:78:be:11:21:66:5a:82:
c5:fe:45:9d:7c:e4:31:5b:96:14:5b:8c:fc:ff:b1:
0e:8f:9c:34:71:d0:ee:32:4b:38:eb:bd:1f:49:64:
ee:4d:05:8c:55:6a:cf:a6:6f:0c:35:ca:5e:de:ab:
e7:60:fc:d4:bb:3d:94:87:1a:55:0d:74:ab:da:ce:
df:cb:35:2b:b0:da:9d:2c:85:11:a6:77:ed:4f:7e:
a3:c0:eb:cc:2b:87:a8:a7:8f:2a:65:f0:5e:50:37:
97:b7:c7:e4:9b:f8:9e:e6:e1:ea:72:10:c1:da:0f:
4f:f6:d3:d1:f3:1b:09:c2:9d:0e:ba:a3:c5:0a:0d:
be:e9:61:51:22:7d:5b:ee:f4:af:71:65:25:e4:7a:
f8:07:8e:16:00:93:9e:a7:d5:d0:fb:02:93:26:56:
78:ff:1d:30:b7:2f:fc:8a:dc:06:a2:19:ef:d3:19:
6e:ae:8d:08:ab:2f:3a:c8:bf:65:8d:3e:b9:56:eb:
99:43:26:2a:fa:e4:fd:bd:2b:99:6f:8a:37:c0:6d:
5b:f7:87:45:8c:9c:30:10:2a:18:21:cc:4c:e0:59:
15:0d:b4:11:57:e2:4f:77:db:7b:50:34:86:71:3f:
c3:e4:c3:d3:bc:7f:fa:39:05:a5:9b:c5:53:2c:eb:
0f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:17:F7:47:1E:97:59:BE:EB:3F:2A:13:52:F4:37:AD:3C:A9:09:60
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE9B5988CC8E11EFA061344A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.240.0/24
Signature Algorithm: sha256WithRSAEncryption
21:91:ab:5e:42:85:ac:81:84:4e:a2:74:05:0a:a6:37:4e:77:
ac:aa:11:b9:0a:8b:ff:ce:b5:ad:db:ac:7a:e6:1f:30:71:1e:
ad:d9:b2:be:51:fe:52:1f:98:45:56:6c:e5:0c:1e:93:ac:e9:
5f:1c:db:f6:7d:6d:93:ab:3c:25:52:de:87:a2:a2:bd:77:25:
58:ba:a7:22:43:7d:9d:c5:c6:ed:55:24:6c:f5:99:75:9b:d0:
8e:19:5e:4e:fd:ac:70:26:f2:16:8a:16:05:24:ab:2e:14:aa:
af:29:92:57:83:15:58:1a:48:94:2e:c4:26:30:89:50:c0:2c:
29:0a:f7:c5:7b:7c:a1:28:9f:f6:55:5c:3a:ea:a4:26:10:1b:
09:ae:d3:a8:c6:52:63:61:91:14:7b:63:d4:d5:9b:7a:5d:41:
f7:cb:c8:34:75:cf:d1:c0:10:8a:76:c1:0e:32:6b:a5:58:50:
68:58:fb:c7:cb:f1:c1:65:28:a1:40:75:c9:b0:78:22:61:85:
17:11:ac:fa:35:22:33:e1:5e:bb:a2:a1:90:97:94:fc:ac:47:
67:7b:b1:28:be:09:9e:0e:ad:2f:69:55:d6:48:42:49:39:cc:
72:37:0b:69:f9:2a:bd:dd:1d:0f:02:5c:be:d6:93:bb:cb:2d:
6b:3e:f0:3d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPj3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDAwMDE2WhcNMjUxMjEzMDAwMDE2WjAYMRYw
FAYDVQQDEw02NzdjNzY1MC0yZTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyKxivSWfuni+ESFmWoLF/kWdfOQxW5YUW4z8/7EOj5w0cdDuMks4670f
SWTuTQWMVWrPpm8MNcpe3qvnYPzUuz2UhxpVDXSr2s7fyzUrsNqdLIURpnftT36j
wOvMK4eop48qZfBeUDeXt8fkm/ie5uHqchDB2g9P9tPR8xsJwp0OuqPFCg2+6WFR
In1b7vSvcWUl5Hr4B44WAJOep9XQ+wKTJlZ4/x0wty/8itwGohnv0xluro0Iqy86
yL9ljT65VuuZQyYq+uT9vSuZb4o3wG1b94dFjJwwECoYIcxM4FkVDbQRV+JPd9t7
UDSGcT/D5MPTvH/6OQWlm8VTLOsPewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKMX
90cel1m+6z8qE1L0N608qQlgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRTlCNTk4OENDOEUxMUVGQTA2MTM0NEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLwMA0GCSqGSIb3DQEBCwUA
A4IBAQAhkateQoWsgYROonQFCqY3TnesqhG5Cov/zrWt26x65h8wcR6t2bK+Uf5S
H5hFVmzlDB6TrOlfHNv2fW2TqzwlUt6HoqK9dyVYuqciQ32dxcbtVSRs9Zl1m9CO
GV5O/axwJvIWihYFJKsuFKqvKZJXgxVYGkiULsQmMIlQwCwpCvfFe3yhKJ/2VVw6
6qQmEBsJrtOoxlJjYZEUe2PU1Zt6XUH3y8g0dc/RwBCKdsEOMmulWFBoWPvHy/HB
ZSihQHXJsHgiYYUXEaz6NSIz4V67oqGQl5T8rEdne7EovgmeDq0vaVXWSEJJOcxy
Nwtp+Sq93R0PAly+1pO7yy1rPvA9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:00 2025 by rpki-client