Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25409DBACCE311EFA7FF3574762E951A.roa
File: 25409DBACCE311EFA7FF3574762E951A.roa (raw, json)
Hash identifier: 5nZ2MLZij60bQRwOvn0sjeFUty+i2sJ+dh0wI1qH4gU=
Subject key identifier: F7:94:C1:D9:DC:66:D0:BC:70:31:3E:08:6F:AD:23:5A:61:EB:49:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBB5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25409DBACCE311EFA7FF3574762E951A.roa
Signing time: Tue 07 Jan 2025 10:35:43 +0000
ROA not before: Tue 07 Jan 2025 10:35:39 +0000
ROA not after: Sat 13 Dec 2025 10:35:39 +0000
asID: 984
IP address blocks: 156.233.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64437 (0xfbb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:35:39 2025 GMT
Not After : Dec 13 10:35:39 2025 GMT
Subject: CN=677d037f-e20b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:49:60:cf:e3:10:21:32:d2:25:52:87:ef:29:
a8:94:ad:74:c8:11:de:58:3e:3e:cb:27:97:3d:8e:
e2:87:9c:79:84:6c:3a:a4:45:59:c4:5e:8c:fc:25:
92:d5:77:3d:52:84:f0:d3:8c:14:cf:06:5c:80:80:
cd:84:1a:40:e3:94:7a:47:93:5d:12:70:a5:ca:f9:
e4:fc:fe:fd:5d:ca:06:51:e3:9b:fb:64:43:8b:64:
5f:7d:00:d6:39:a7:97:41:d2:8d:aa:83:cf:0e:85:
03:b7:36:ba:33:a2:cc:f1:34:b6:24:d0:87:a3:48:
8f:9a:b0:43:cc:f1:7c:8b:0e:66:1e:23:de:79:6d:
a5:8a:19:51:e8:e6:a9:41:68:52:0c:1c:19:bf:10:
ba:93:82:1b:a9:2e:7b:8f:9c:19:1a:03:d9:52:28:
f0:7f:5c:e8:69:13:d5:6d:63:63:79:b7:10:20:e4:
90:76:02:52:5f:6f:9e:9a:15:27:0f:ed:2c:c1:62:
f3:a8:8d:21:f0:db:03:87:06:45:89:2f:3f:27:69:
aa:50:c7:37:47:69:16:fa:fa:a7:06:1a:e8:a5:f5:
4a:53:65:4d:7e:26:33:cc:28:d1:80:d5:1e:51:6c:
fa:ef:f7:41:d0:fe:e5:70:05:a6:35:72:9a:e8:8e:
d9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:94:C1:D9:DC:66:D0:BC:70:31:3E:08:6F:AD:23:5A:61:EB:49:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25409DBACCE311EFA7FF3574762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.239.0/24
Signature Algorithm: sha256WithRSAEncryption
16:eb:cf:72:88:d0:a7:b9:c4:88:fc:ad:df:a8:4d:84:21:5a:
f1:92:80:01:7e:b6:aa:11:a8:bd:47:b0:73:6b:2a:c9:06:d4:
5e:27:77:e6:bf:c4:8f:8d:91:71:35:98:8e:80:a9:31:7b:7d:
70:15:5e:f3:b2:a1:5c:4b:d8:b2:0d:64:f1:ad:20:aa:57:95:
7d:64:2c:a8:e3:59:e7:c0:0c:ae:5d:11:77:65:9c:fc:3a:42:
00:b5:68:0b:0d:8a:99:25:44:6c:87:03:2c:0b:a2:a5:eb:43:
77:6e:cb:91:53:03:b3:d0:44:4b:5e:cd:78:f8:85:b5:d1:ae:
79:0e:c6:2b:c5:d6:66:a3:29:b6:e3:f2:11:29:8e:e2:9c:9f:
70:f3:d2:f2:d7:2f:e8:64:d1:61:d1:df:95:e0:a8:ba:4e:52:
79:87:52:b3:30:e0:a5:84:d9:b7:bb:94:59:3e:7f:33:cd:24:
2c:19:a2:33:d2:ba:7f:df:1e:c9:7c:b2:1e:69:1b:71:ba:2a:
6f:78:eb:c5:28:e0:02:34:0a:d1:04:32:c5:ef:28:c1:09:d0:
a1:fc:83:aa:9e:f0:82:6f:69:cb:be:f4:27:00:72:9c:bf:81:
08:a5:02:51:9e:2a:35:08:54:88:10:26:e0:5d:76:24:00:aa:
6d:87:28:73
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPu1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAzNTM5WhcNMjUxMjEzMTAzNTM5WjAYMRYw
FAYDVQQDEw02NzdkMDM3Zi1lMjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA50lgz+MQITLSJVKH7ymolK10yBHeWD4+yyeXPY7ih5x5hGw6pEVZxF6M
/CWS1Xc9UoTw04wUzwZcgIDNhBpA45R6R5NdEnClyvnk/P79XcoGUeOb+2RDi2Rf
fQDWOaeXQdKNqoPPDoUDtza6M6LM8TS2JNCHo0iPmrBDzPF8iw5mHiPeeW2lihlR
6OapQWhSDBwZvxC6k4IbqS57j5wZGgPZUijwf1zoaRPVbWNjebcQIOSQdgJSX2+e
mhUnD+0swWLzqI0h8NsDhwZFiS8/J2mqUMc3R2kW+vqnBhropfVKU2VNfiYzzCjR
gNUeUWz67/dB0P7lcAWmNXKa6I7ZAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPeU
wdncZtC8cDE+CG+tI1ph60k6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNTQwOURCQUNDRTMxMUVGQTdGRjM1NzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnvMA0GCSqGSIb3DQEBCwUA
A4IBAQAW689yiNCnucSI/K3fqE2EIVrxkoABfraqEai9R7BzayrJBtReJ3fmv8SP
jZFxNZiOgKkxe31wFV7zsqFcS9iyDWTxrSCqV5V9ZCyo41nnwAyuXRF3ZZz8OkIA
tWgLDYqZJURshwMsC6Kl60N3bsuRUwOz0ERLXs14+IW10a55DsYrxdZmoym24/IR
KY7inJ9w89Ly1y/oZNFh0d+V4Ki6TlJ5h1KzMOClhNm3u5RZPn8zzSQsGaIz0rp/
3x7JfLIeaRtxuipveOvFKOACNArRBDLF7yjBCdCh/IOqnvCCb2nLvvQnAHKcv4EI
pQJRnio1CFSIECbgXXYkAKpthyhz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:59 2025 by rpki-client