Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFE1C320C97011EF970B7187762E951A.roa
File: FFE1C320C97011EF970B7187762E951A.roa (raw, json)
Hash identifier: ECHU+sFSzyfqQFISdjFSBLTxr5e5YbQGAvsjauRzrlE=
Subject key identifier: B5:37:41:82:6C:56:D9:D7:27:94:07:89:08:19:B9:D9:88:ED:1A:1E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4B5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFE1C320C97011EF970B7187762E951A.roa
Signing time: Fri 03 Jan 2025 01:21:04 +0000
ROA not before: Fri 03 Jan 2025 01:21:00 +0000
ROA not after: Sat 13 Dec 2025 01:21:00 +0000
asID: 984
IP address blocks: 156.227.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62645 (0xf4b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:21:00 2025 GMT
Not After : Dec 13 01:21:00 2025 GMT
Subject: CN=67773b80-cebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:33:d2:b0:b6:3f:9c:93:41:d8:2c:ec:16:f6:
79:fb:0b:d5:ca:6d:7b:8d:c2:36:97:2c:53:fb:56:
5a:b4:bc:d4:75:ba:c9:70:62:60:3c:aa:30:21:80:
ca:9f:ea:89:ec:a1:d3:ef:ab:ac:5f:0a:d0:3a:86:
39:59:c1:a2:6f:0b:38:98:ec:0b:4a:87:52:be:e1:
fd:32:7b:fa:60:82:c8:0e:0f:74:40:5e:ae:91:e5:
1b:1b:29:68:98:08:87:fa:6f:14:54:29:42:65:6c:
99:4b:67:c1:1b:97:cc:f2:83:04:84:3f:a7:63:3e:
7a:3e:f9:99:b5:59:24:03:7e:07:f5:a7:a5:b1:d8:
4b:44:65:0f:52:42:35:cb:cb:5e:c7:76:17:94:cb:
8f:5a:64:77:ea:67:f8:ba:c4:c2:7b:29:d6:d8:a7:
7b:64:44:93:05:7a:0e:5d:bb:9e:da:f7:98:4b:b2:
57:ee:32:ad:de:19:7a:9c:7e:8d:84:30:e2:cb:1a:
69:44:7a:36:dc:94:fe:4f:de:e1:1a:f6:c9:84:80:
59:7f:2a:5c:2b:95:05:78:98:13:27:47:77:cd:6b:
11:5d:3d:cb:06:09:d4:99:6b:77:1c:55:8b:d9:f5:
df:d1:30:6b:61:9a:5e:c7:e7:62:34:2a:44:f0:d7:
8c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:37:41:82:6C:56:D9:D7:27:94:07:89:08:19:B9:D9:88:ED:1A:1E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FFE1C320C97011EF970B7187762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.76.0/24
Signature Algorithm: sha256WithRSAEncryption
45:0d:6b:94:62:86:d6:f8:2b:cc:96:91:e9:2b:bf:4f:33:1e:
94:72:1f:32:02:7d:b5:24:a8:37:cc:60:51:f4:fd:c6:65:f7:
59:8f:26:09:85:fd:7e:82:5f:71:5b:5b:bc:88:e8:da:e1:3b:
fd:5d:f6:94:a7:70:31:6c:f7:5d:7b:a6:a5:78:9a:0b:0b:ee:
2b:d6:e2:b2:8f:c6:00:de:fb:a4:43:27:c8:e6:e9:0a:66:dc:
e5:57:91:ce:38:e2:b7:04:92:bb:62:b9:b8:90:8b:e0:b7:97:
c0:f6:60:11:4d:50:a7:5b:e2:c7:b2:66:bb:b2:64:6b:c0:54:
bb:2a:19:61:bb:21:43:f0:0f:1f:78:3e:fb:af:b8:ba:c9:eb:
1d:ab:1d:31:82:02:a2:62:7a:2e:d7:86:6a:74:41:62:8d:9c:
0a:f5:dd:f3:49:e3:8f:f9:31:f1:45:dc:03:7f:cc:75:ac:04:
7d:93:7b:a2:96:28:c6:e9:cf:e7:53:09:b4:06:bb:2b:13:d8:
37:e3:a2:00:bd:23:e2:10:f5:74:37:6f:15:20:0e:60:e3:aa:
f8:cb:f7:05:c2:b0:35:79:84:ab:ad:0f:9a:f8:3b:32:cb:bd:
cd:a8:5b:cf:56:0a:86:dc:7b:fb:d2:1d:cd:0d:40:e8:fc:b0:
a4:c0:60:9f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPS1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEyMTAwWhcNMjUxMjEzMDEyMTAwWjAYMRYw
FAYDVQQDEw02Nzc3M2I4MC1jZWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAujPSsLY/nJNB2CzsFvZ5+wvVym17jcI2lyxT+1ZatLzUdbrJcGJgPKow
IYDKn+qJ7KHT76usXwrQOoY5WcGibws4mOwLSodSvuH9Mnv6YILIDg90QF6ukeUb
GylomAiH+m8UVClCZWyZS2fBG5fM8oMEhD+nYz56PvmZtVkkA34H9aelsdhLRGUP
UkI1y8tex3YXlMuPWmR36mf4usTCeynW2Kd7ZESTBXoOXbue2veYS7JX7jKt3hl6
nH6NhDDiyxppRHo23JT+T97hGvbJhIBZfypcK5UFeJgTJ0d3zWsRXT3LBgnUmWt3
HFWL2fXf0TBrYZpex+diNCpE8NeMFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLU3
QYJsVtnXJ5QHiQgZudmI7RoeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRkUxQzMyMEM5NzAxMUVGOTcwQjcxODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONMMA0GCSqGSIb3DQEBCwUA
A4IBAQBFDWuUYobW+CvMlpHpK79PMx6Uch8yAn21JKg3zGBR9P3GZfdZjyYJhf1+
gl9xW1u8iOja4Tv9XfaUp3AxbPdde6aleJoLC+4r1uKyj8YA3vukQyfI5ukKZtzl
V5HOOOK3BJK7Yrm4kIvgt5fA9mARTVCnW+LHsma7smRrwFS7KhlhuyFD8A8feD77
r7i6yesdqx0xggKiYnou14ZqdEFijZwK9d3zSeOP+THxRdwDf8x1rAR9k3uilijG
6c/nUwm0BrsrE9g346IAvSPiEPV0N28VIA5g46r4y/cFwrA1eYSrrQ+a+Dsyy73N
qFvPVgqG3Hv70h3NDUDo/LCkwGCf
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:16 2025 by rpki-client