Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09E2CD68CCA211EF9F8C4B53762E951A.roa
File: 09E2CD68CCA211EF9F8C4B53762E951A.roa (raw, json)
Hash identifier: 3sJRc4ti/26jPZRmexeAi1XsZTmqFToKLVpSf4xGa0I=
Subject key identifier: B9:57:A6:4E:87:A3:DF:AA:73:A5:F7:AF:2B:6F:0F:6B:FB:02:7E:8E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F99C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09E2CD68CCA211EF9F8C4B53762E951A.roa
Signing time: Tue 07 Jan 2025 02:49:39 +0000
ROA not before: Tue 07 Jan 2025 02:49:36 +0000
ROA not after: Sat 13 Dec 2025 02:49:36 +0000
asID: 984
IP address blocks: 156.229.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63900 (0xf99c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:49:36 2025 GMT
Not After : Dec 13 02:49:36 2025 GMT
Subject: CN=677c9643-7be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:13:78:16:48:3c:73:a0:ae:67:ea:c4:00:5e:
5a:b5:31:51:b6:c4:da:5e:3a:0f:d9:68:d1:6b:58:
c9:41:91:91:96:27:d5:c6:76:98:9f:2a:19:5e:65:
5e:8a:a6:83:f5:f4:80:c8:07:14:6f:f7:ad:43:ec:
05:64:55:ce:25:ac:ed:7e:cc:0f:e5:aa:09:29:40:
67:91:96:da:a2:86:04:15:28:9c:f2:81:63:b3:70:
c7:77:4a:9d:f1:68:8c:c3:96:41:3a:0e:a0:27:c8:
3a:ad:03:cd:ea:41:ae:32:96:86:8d:78:89:3e:4c:
a0:e2:d4:7a:ea:e2:f9:a9:ce:6e:0c:a2:eb:b7:8d:
0a:44:9c:88:d3:ae:6f:90:b4:1f:cb:4a:d1:11:60:
6b:82:6b:cc:5a:d5:fc:14:43:82:05:67:80:9b:2c:
4a:3f:d4:70:9b:dc:c9:4c:a7:30:e1:e6:f2:93:39:
1b:88:fe:29:e4:37:00:eb:89:46:cd:38:46:fe:90:
1f:0f:ed:8b:9c:72:d1:27:5d:0c:a1:73:92:28:52:
2b:f1:c5:8f:ea:85:df:fc:bb:de:6d:f5:75:ac:ff:
bc:23:76:54:74:75:e0:8d:9d:ec:c2:35:68:78:31:
38:a6:d8:f7:3a:13:14:f8:a4:f3:bb:ce:9f:ad:7d:
ae:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:57:A6:4E:87:A3:DF:AA:73:A5:F7:AF:2B:6F:0F:6B:FB:02:7E:8E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09E2CD68CCA211EF9F8C4B53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.1.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:4b:4a:3c:4c:e6:9f:dc:ab:e0:b1:c6:a6:22:b9:94:33:23:
f6:97:e7:95:f1:16:9f:18:77:19:9c:66:4d:31:4b:b7:03:47:
d0:14:eb:3d:fb:65:09:2b:da:bd:6a:38:6a:8b:ad:7c:a9:07:
93:d4:36:55:23:9a:e6:c1:57:e7:19:3c:6c:51:a9:e8:83:6e:
70:79:c0:ea:97:14:c5:9a:a7:3a:bf:78:3e:04:33:e1:90:04:
d6:be:73:24:ec:7b:9c:cb:d0:e2:7b:9c:e3:28:57:2f:80:be:
0b:3b:3a:9e:f2:ed:e5:c8:f0:4e:32:c2:24:f0:b2:4a:8e:e3:
15:2e:66:e0:21:26:b4:46:9f:83:4b:96:1b:8e:cf:72:fa:60:
72:c9:ac:ce:8f:d8:65:10:4b:a7:bb:b8:ff:b0:a4:21:bb:90:
4d:b7:41:1e:b1:c6:09:0f:1b:ca:71:bc:b4:ec:57:51:41:bc:
cd:ab:11:1d:c7:a0:e6:15:ba:76:b2:39:fe:2f:3c:8c:e3:52:
46:f3:25:85:f6:cf:74:da:65:bd:65:20:c7:26:25:b1:f0:97:
44:c3:84:92:50:b1:92:b4:3a:f5:c8:8a:68:19:0e:73:ad:1c:
7e:85:01:3d:65:4e:d5:f4:59:60:d8:d0:d9:20:d9:e0:09:77:
86:33:aa:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPmcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDI0OTM2WhcNMjUxMjEzMDI0OTM2WjAYMRYw
FAYDVQQDEw02NzdjOTY0My03YmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyRN4Fkg8c6CuZ+rEAF5atTFRtsTaXjoP2WjRa1jJQZGRlifVxnaYnyoZ
XmVeiqaD9fSAyAcUb/etQ+wFZFXOJaztfswP5aoJKUBnkZbaooYEFSic8oFjs3DH
d0qd8WiMw5ZBOg6gJ8g6rQPN6kGuMpaGjXiJPkyg4tR66uL5qc5uDKLrt40KRJyI
065vkLQfy0rREWBrgmvMWtX8FEOCBWeAmyxKP9Rwm9zJTKcw4ebykzkbiP4p5DcA
64lGzThG/pAfD+2LnHLRJ10MoXOSKFIr8cWP6oXf/LvebfV1rP+8I3ZUdHXgjZ3s
wjVoeDE4ptj3OhMU+KTzu86frX2upwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLlX
pk6Ho9+qc6X3rytvD2v7An6OMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOUUyQ0Q2OENDQTIxMUVGOUY4QzRCNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOUBMA0GCSqGSIb3DQEBCwUA
A4IBAQC6S0o8TOaf3KvgscamIrmUMyP2l+eV8RafGHcZnGZNMUu3A0fQFOs9+2UJ
K9q9ajhqi618qQeT1DZVI5rmwVfnGTxsUanog25wecDqlxTFmqc6v3g+BDPhkATW
vnMk7Hucy9Die5zjKFcvgL4LOzqe8u3lyPBOMsIk8LJKjuMVLmbgISa0Rp+DS5Yb
js9y+mByyazOj9hlEEunu7j/sKQhu5BNt0EescYJDxvKcby07FdRQbzNqxEdx6Dm
Fbp2sjn+LzyM41JG8yWF9s902mW9ZSDHJiWx8JdEw4SSULGStDr1yIpoGQ5zrRx+
hQE9ZU7V9Flg2NDZINngCXeGM6q8
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:51 2025 by rpki-client