Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2601D9F2CD9D11EFA8A9EF9B762E951A.roa
File: 2601D9F2CD9D11EFA8A9EF9B762E951A.roa (raw, json)
Hash identifier: w23bWza8w9Zo6CHfaUSrI1Wn82Naih/+Mo8MHNhL/AY=
Subject key identifier: 63:23:F5:F2:65:29:BC:71:4D:F1:21:C2:B4:49:BF:1D:9D:80:8D:8F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010099
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2601D9F2CD9D11EFA8A9EF9B762E951A.roa
Signing time: Wed 08 Jan 2025 08:47:10 +0000
ROA not before: Wed 08 Jan 2025 08:47:07 +0000
ROA not after: Tue 16 Dec 2025 08:47:07 +0000
asID: 984
IP address blocks: 156.249.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65689 (0x10099)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:47:07 2025 GMT
Not After : Dec 16 08:47:07 2025 GMT
Subject: CN=677e3b8e-103d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:56:d4:2e:06:a7:e8:3c:4c:cd:fc:07:5b:16:
a7:f6:53:30:d3:5d:e4:e5:24:ea:d5:ae:33:cb:01:
67:00:5d:e1:63:19:cc:87:89:8e:8b:6c:6c:69:42:
ec:5a:c7:bb:91:d5:b4:37:96:3c:24:72:a6:94:4e:
f7:a6:8d:32:d7:6b:ba:7d:50:21:e8:7d:c5:82:8f:
52:82:e5:0a:0e:c1:8d:66:4b:28:46:1f:15:fa:72:
d4:88:a5:86:b8:09:56:85:b0:28:1a:dd:93:d8:59:
09:ab:f5:9a:a7:8f:2e:10:ce:11:1e:cb:46:fa:ff:
f9:0f:00:f9:9d:1a:b0:58:aa:30:b4:b0:8b:a5:c7:
12:c2:af:7e:a3:1c:22:10:c9:03:86:8a:7a:47:c2:
ea:06:af:99:68:78:4b:10:f0:7a:ec:9b:d5:0e:77:
14:6e:23:aa:37:8d:9f:3f:e5:50:a8:3d:51:de:93:
c9:c4:48:bc:cf:b5:ba:c4:03:14:fa:c8:50:03:00:
4b:63:37:8d:9b:ee:d9:f2:26:67:81:ed:9b:b9:be:
41:fa:90:fc:da:90:7e:53:48:54:22:62:3b:c9:8e:
72:9e:41:c7:a8:1d:3b:b4:58:09:19:93:3f:53:17:
34:6f:f2:6d:ac:09:77:f4:a9:46:e4:76:c9:b1:bb:
a5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:23:F5:F2:65:29:BC:71:4D:F1:21:C2:B4:49:BF:1D:9D:80:8D:8F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2601D9F2CD9D11EFA8A9EF9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.93.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:27:c9:b2:26:91:32:e6:52:22:81:a8:cb:f4:f3:9a:a0:99:
42:b3:91:bd:29:bc:56:9f:bb:67:60:c8:7f:bd:92:5f:20:9e:
72:cc:1f:5e:f5:51:c5:a2:de:f7:cd:a7:8d:dc:d7:8e:81:2a:
d4:a8:e1:56:f5:22:bc:f8:36:9d:a1:93:26:83:a5:06:89:80:
47:37:29:73:3d:26:3a:55:22:f4:05:6f:b2:e9:96:69:0f:8a:
78:7f:7a:1c:c1:35:2c:ba:b1:5f:74:40:cc:4f:8f:17:06:43:
71:53:d9:d7:fa:09:ef:b2:3e:ef:2b:4b:9d:95:b7:fe:68:94:
cd:65:d1:97:c0:d1:ef:b5:09:66:39:49:bf:cd:a4:10:8e:81:
45:c2:5b:d6:55:6a:66:d1:48:b7:14:ca:0f:8e:ea:8d:ca:b4:
34:b4:4f:cb:7f:73:79:80:68:14:90:e3:fc:af:da:1d:0c:28:
18:5d:21:52:25:2f:2b:ec:80:9c:4e:a6:92:1e:e6:0f:8d:74:
40:2c:20:c9:5a:d7:e5:d5:6c:d6:8f:e7:3d:a0:ec:d8:44:03:
0e:7a:19:15:dd:fa:97:b9:7c:66:4f:52:56:6c:4f:e7:58:56:
bd:1e:dd:fa:60:2c:a2:e1:3c:bd:9b:93:20:8a:87:59:0d:cf:
98:a6:d0:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQCZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDg0NzA3WhcNMjUxMjE2MDg0NzA3WjAYMRYw
FAYDVQQDEw02NzdlM2I4ZS0xMDNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt1bULgan6DxMzfwHWxan9lMw013k5STq1a4zywFnAF3hYxnMh4mOi2xs
aULsWse7kdW0N5Y8JHKmlE73po0y12u6fVAh6H3Fgo9SguUKDsGNZksoRh8V+nLU
iKWGuAlWhbAoGt2T2FkJq/Wap48uEM4RHstG+v/5DwD5nRqwWKowtLCLpccSwq9+
oxwiEMkDhop6R8LqBq+ZaHhLEPB67JvVDncUbiOqN42fP+VQqD1R3pPJxEi8z7W6
xAMU+shQAwBLYzeNm+7Z8iZnge2bub5B+pD82pB+U0hUImI7yY5ynkHHqB07tFgJ
GZM/Uxc0b/JtrAl39KlG5HbJsbulMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGMj
9fJlKbxxTfEhwrRJvx2dgI2PMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNjAxRDlGMkNEOUQxMUVGQThBOUVGOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPldMA0GCSqGSIb3DQEBCwUA
A4IBAQArJ8myJpEy5lIigajL9POaoJlCs5G9KbxWn7tnYMh/vZJfIJ5yzB9e9VHF
ot73zaeN3NeOgSrUqOFW9SK8+DadoZMmg6UGiYBHNylzPSY6VSL0BW+y6ZZpD4p4
f3ocwTUsurFfdEDMT48XBkNxU9nX+gnvsj7vK0udlbf+aJTNZdGXwNHvtQlmOUm/
zaQQjoFFwlvWVWpm0Ui3FMoPjuqNyrQ0tE/Lf3N5gGgUkOP8r9odDCgYXSFSJS8r
7ICcTqaSHuYPjXRALCDJWtfl1WzWj+c9oOzYRAMOehkV3fqXuXxmT1JWbE/nWFa9
Ht36YCyi4Ty9m5MgiodZDc+YptCd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:17 2025 by rpki-client