Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFDEF208C97511EFB78C15AC762E951A.roa
File: FFDEF208C97511EFB78C15AC762E951A.roa (raw, json)
Hash identifier: jmdxf22/CghRDCmZqkXVuCtZMiyYfuZsukOqlntrTOc=
Subject key identifier: C6:EE:87:71:AF:B2:6F:E1:A6:E6:C9:E3:8D:32:18:19:60:42:02:DA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFDEF208C97511EFB78C15AC762E951A.roa
Signing time: Fri 03 Jan 2025 01:56:51 +0000
ROA not before: Fri 03 Jan 2025 01:56:48 +0000
ROA not after: Mon 13 Dec 2027 01:56:48 +0000
asID: 17561
IP address blocks: 156.227.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62693 (0xf4e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:56:48 2025 GMT
Not After : Dec 13 01:56:48 2027 GMT
Subject: CN=677743e3-c465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:3c:be:e7:d8:45:9d:2d:b6:26:c3:7c:62:65:
ff:42:6f:5f:4c:de:2f:3d:84:8b:10:c7:25:ea:6a:
b2:39:aa:03:d9:23:85:f7:eb:f7:a4:50:47:b8:af:
43:e6:17:6b:2d:51:58:fa:fb:00:82:62:81:b0:d9:
26:22:e1:bf:9d:2c:bc:ab:bf:86:95:0f:93:9b:83:
e0:67:97:98:52:47:0c:73:f7:7c:ae:8f:56:28:4f:
8a:43:68:36:7b:bb:4d:74:b2:fb:24:63:a4:e6:6c:
57:64:bf:2f:6c:e1:52:51:a9:d6:09:53:cf:d3:8d:
bf:24:27:2d:8c:de:f6:fb:10:b5:2f:4d:c4:9b:02:
d0:cd:bd:0a:25:b8:57:b9:fd:c6:2c:a3:41:5c:f4:
cf:f3:83:75:69:86:90:ef:cf:ba:b1:5f:80:c8:66:
b7:09:98:33:20:1f:90:3d:13:af:57:7a:57:22:af:
ec:bf:2a:61:7c:e1:e3:cd:d8:b9:5f:45:f7:e3:dd:
b1:49:74:7a:65:ec:c0:99:9a:0c:69:5f:5a:a1:73:
33:b1:15:cf:04:25:1f:1e:a1:1a:ec:77:b7:bb:37:
e1:22:05:61:e7:69:2d:6c:8a:e9:19:83:c2:dc:69:
96:09:2e:cf:29:a2:52:6f:86:e2:2c:7e:3b:20:5c:
7b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:EE:87:71:AF:B2:6F:E1:A6:E6:C9:E3:8D:32:18:19:60:42:02:DA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFDEF208C97511EFB78C15AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.100.0/24
Signature Algorithm: sha256WithRSAEncryption
79:a7:8c:92:91:7c:f9:e6:6e:14:23:45:5b:ec:80:df:f1:bb:
f6:30:64:1d:08:c4:7c:a4:78:57:eb:2d:63:88:b2:55:59:09:
b8:f4:74:0e:12:5d:35:9d:75:c5:23:d9:8b:2d:39:04:6d:26:
9a:65:97:97:c5:30:13:84:d6:75:ef:66:10:81:bd:cd:06:f9:
a4:5c:53:3a:29:87:86:f7:5c:ef:2e:46:a6:49:36:8b:59:b1:
5f:90:97:5d:db:07:0e:b0:ed:57:56:34:2e:10:d1:b8:91:76:
55:4b:ad:2f:7e:d2:e6:1e:31:e2:dd:5a:ee:61:c1:08:94:3c:
ed:f6:5b:5e:76:08:2f:03:f8:78:4d:e2:9b:a7:d9:e6:95:26:
33:44:9d:e2:65:99:75:e9:1e:f4:e2:e0:07:8e:4b:98:b0:23:
66:54:f1:97:d6:3a:d5:17:b8:42:cb:b4:e2:80:ce:b0:bb:8a:
d2:dc:7c:0d:da:5e:7c:d1:b7:c8:c4:1b:ab:3a:54:0d:c4:06:
8a:b4:4d:a4:f3:cd:94:15:6a:ae:bd:c6:3d:fb:fb:64:ed:60:
b6:20:33:cf:9f:73:b7:e0:86:92:94:d4:1f:a0:b8:bc:aa:76:
ba:e8:f3:56:63:ed:61:c7:83:9d:8e:3e:70:be:36:e7:95:52:
58:64:ea:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPTlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDE1NjQ4WhcNMjcxMjEzMDE1NjQ4WjAYMRYw
FAYDVQQDEw02Nzc3NDNlMy1jNDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8jy+59hFnS22JsN8YmX/Qm9fTN4vPYSLEMcl6mqyOaoD2SOF9+v3pFBH
uK9D5hdrLVFY+vsAgmKBsNkmIuG/nSy8q7+GlQ+Tm4PgZ5eYUkcMc/d8ro9WKE+K
Q2g2e7tNdLL7JGOk5mxXZL8vbOFSUanWCVPP042/JCctjN72+xC1L03EmwLQzb0K
JbhXuf3GLKNBXPTP84N1aYaQ78+6sV+AyGa3CZgzIB+QPROvV3pXIq/svyphfOHj
zdi5X0X3492xSXR6ZezAmZoMaV9aoXMzsRXPBCUfHqEa7He3uzfhIgVh52ktbIrp
GYPC3GmWCS7PKaJSb4biLH47IFx7kwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMbu
h3Gvsm/hpubJ440yGBlgQgLaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRkRFRjIwOEM5NzUxMUVGQjc4QzE1QUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONkMA0GCSqGSIb3DQEBCwUA
A4IBAQB5p4ySkXz55m4UI0Vb7IDf8bv2MGQdCMR8pHhX6y1jiLJVWQm49HQOEl01
nXXFI9mLLTkEbSaaZZeXxTAThNZ172YQgb3NBvmkXFM6KYeG91zvLkamSTaLWbFf
kJdd2wcOsO1XVjQuENG4kXZVS60vftLmHjHi3VruYcEIlDzt9ltedggvA/h4TeKb
p9nmlSYzRJ3iZZl16R704uAHjkuYsCNmVPGX1jrVF7hCy7TigM6wu4rS3HwN2l58
0bfIxBurOlQNxAaKtE2k882UFWquvcY9+/tk7WC2IDPPn3O34IaSlNQfoLi8qna6
6PNWY+1hx4Odjj5wvjbnlVJYZOqE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:03 2025 by rpki-client