Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FEBCA996C27D11EFBD3FCD67762E951A.roa
File: FEBCA996C27D11EFBD3FCD67762E951A.roa (raw, json)
Hash identifier: MeROFRlmzCUCUE7e8PqUzDV06Rm98h3aQq18xQXnNDw=
Subject key identifier: 85:06:9C:CF:3F:7C:0D:E5:37:6F:B2:C8:03:BB:14:D0:BF:37:C9:2C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8C3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FEBCA996C27D11EFBD3FCD67762E951A.roa
Signing time: Wed 25 Dec 2024 05:06:27 +0000
ROA not before: Wed 25 Dec 2024 05:06:24 +0000
ROA not after: Wed 10 Dec 2025 05:06:24 +0000
asID: 984
IP address blocks: 156.227.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59587 (0xe8c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:06:24 2024 GMT
Not After : Dec 10 05:06:24 2025 GMT
Subject: CN=676b92d3-0ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cd:bf:1e:37:7a:ec:3e:6a:7f:4e:43:ce:82:
e0:4f:4f:4a:08:c9:f9:df:da:c2:50:98:96:af:f2:
52:92:c2:e5:da:bf:6f:84:17:99:36:93:0e:79:da:
57:2a:d5:ec:6f:38:bb:68:60:20:f9:fb:db:f9:02:
ce:dc:ce:eb:55:56:29:61:b2:e7:9f:0a:7e:7f:03:
6c:0e:c4:aa:6c:ec:66:31:39:ff:75:de:bb:c3:15:
e5:a3:65:9d:2d:29:b2:32:b3:9c:8b:f5:41:63:9a:
f3:bf:09:a1:8d:fb:08:b0:7d:6c:26:a0:c1:42:11:
c1:9f:74:e1:8d:7f:c1:62:92:4b:5e:af:fe:bb:c5:
a7:ea:6a:aa:fd:de:d3:03:97:4b:92:c6:ce:87:14:
0b:5c:2f:bf:0a:eb:87:de:42:78:f5:45:94:06:f7:
d0:28:e2:19:21:e3:83:52:40:f6:af:4c:9d:cc:e1:
b5:7d:89:ff:09:c6:50:78:5f:24:e8:61:35:24:42:
f6:3a:9d:01:0d:00:ba:d2:0b:c0:64:8a:b8:2f:84:
81:a3:81:b2:01:af:a8:06:f3:3d:00:49:89:a4:fb:
5b:97:d4:3d:54:b1:84:f5:fb:3f:34:27:fa:9a:69:
4e:58:5a:51:8a:aa:72:e8:93:1d:bc:e4:33:06:30:
6a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:06:9C:CF:3F:7C:0D:E5:37:6F:B2:C8:03:BB:14:D0:BF:37:C9:2C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FEBCA996C27D11EFBD3FCD67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.179.0/24
Signature Algorithm: sha256WithRSAEncryption
32:5a:5d:fe:49:a9:bb:1c:19:f5:19:90:81:1e:37:94:83:dd:
64:43:f5:63:0c:fb:63:d0:26:15:25:fc:47:0c:18:da:dc:53:
1a:0d:b4:0f:92:02:ac:4b:20:14:7d:00:26:25:3e:b2:48:f3:
45:15:d2:8d:52:f7:da:c8:2f:7c:b6:24:28:6f:55:04:70:49:
84:7f:0a:41:cc:bd:38:e0:22:b7:32:d4:e4:ae:c7:31:1c:d7:
89:8c:36:2f:09:9d:45:35:27:4d:fe:ea:9d:5c:33:91:ce:ad:
07:e5:a0:83:f5:74:85:c7:c2:c7:44:e1:b4:fc:5c:d2:07:3d:
77:f4:09:37:79:ca:43:8f:47:92:c5:d2:44:bb:9d:f2:8c:af:
62:8c:1e:28:98:7d:24:48:b9:3b:42:b2:f4:4a:fb:49:bb:7c:
f0:af:9c:b3:64:b3:99:f6:26:ff:78:77:da:0e:17:6a:2d:d0:
b3:55:f8:8b:f0:52:7c:35:fa:14:5a:fe:72:7e:15:41:38:41:
a6:8a:0a:4c:cd:31:bf:df:2e:5d:5f:09:9d:b6:30:93:fb:94:
c9:9a:7b:c9:2b:87:c9:56:18:d3:9b:96:62:f9:f7:aa:49:67:
bc:67:a3:b0:d7:a9:cc:a4:a7:2a:d5:d4:8f:67:99:8f:41:6d:
33:33:11:eb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOjDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUwNjI0WhcNMjUxMjEwMDUwNjI0WjAYMRYw
FAYDVQQDEw02NzZiOTJkMy0wZWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvc2/Hjd67D5qf05DzoLgT09KCMn539rCUJiWr/JSksLl2r9vhBeZNpMO
edpXKtXsbzi7aGAg+fvb+QLO3M7rVVYpYbLnnwp+fwNsDsSqbOxmMTn/dd67wxXl
o2WdLSmyMrOci/VBY5rzvwmhjfsIsH1sJqDBQhHBn3ThjX/BYpJLXq/+u8Wn6mqq
/d7TA5dLksbOhxQLXC+/CuuH3kJ49UWUBvfQKOIZIeODUkD2r0ydzOG1fYn/CcZQ
eF8k6GE1JEL2Op0BDQC60gvAZIq4L4SBo4GyAa+oBvM9AEmJpPtbl9Q9VLGE9fs/
NCf6mmlOWFpRiqpy6JMdvOQzBjBqCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIUG
nM8/fA3lN2+yyAO7FNC/N8ksMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRUJDQTk5NkMyN0QxMUVGQkQzRkNENjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOOzMA0GCSqGSIb3DQEBCwUA
A4IBAQAyWl3+Sam7HBn1GZCBHjeUg91kQ/VjDPtj0CYVJfxHDBja3FMaDbQPkgKs
SyAUfQAmJT6ySPNFFdKNUvfayC98tiQob1UEcEmEfwpBzL044CK3MtTkrscxHNeJ
jDYvCZ1FNSdN/uqdXDORzq0H5aCD9XSFx8LHROG0/FzSBz139Ak3ecpDj0eSxdJE
u53yjK9ijB4omH0kSLk7QrL0SvtJu3zwr5yzZLOZ9ib/eHfaDhdqLdCzVfiL8FJ8
NfoUWv5yfhVBOEGmigpMzTG/3y5dXwmdtjCT+5TJmnvJK4fJVhjTm5Zi+feqSWe8
Z6Ow16nMpKcq1dSPZ5mPQW0zMxHr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:38 2025 by rpki-client