Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55CA0682C97E11EFBE2F256B762E951A.roa
File: 55CA0682C97E11EFBE2F256B762E951A.roa (raw, json)
Hash identifier: ZRaSCVa1NR5qYqGXYZwA0/ie3JObLVLPWFCmYxjYblM=
Subject key identifier: A3:33:3A:3D:21:1B:95:11:00:78:39:42:86:0B:FE:CF:82:0F:6B:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F535
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55CA0682C97E11EFBE2F256B762E951A.roa
Signing time: Fri 03 Jan 2025 02:56:31 +0000
ROA not before: Fri 03 Jan 2025 02:56:28 +0000
ROA not after: Sat 13 Dec 2025 02:56:28 +0000
asID: 984
IP address blocks: 156.229.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62773 (0xf535)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 02:56:28 2025 GMT
Not After : Dec 13 02:56:28 2025 GMT
Subject: CN=677751df-bb6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0d:30:27:53:21:4c:bb:d7:01:13:57:b9:3d:
2a:1f:89:17:89:33:b3:af:53:72:9d:5d:cb:70:9f:
ce:a1:c3:16:8d:6c:8e:64:f6:83:68:20:7a:07:98:
7f:3d:1a:3e:b5:28:cc:3d:39:05:fe:bc:56:e0:b7:
23:3d:91:78:29:93:5b:00:dd:a4:87:fe:13:b3:7d:
0f:a5:9e:96:56:2f:35:a4:50:41:e0:5f:1b:fa:67:
77:dd:06:55:a5:06:06:94:5c:cc:1a:86:dc:5c:d3:
b8:a4:23:08:76:7a:c6:f7:a6:28:81:c7:09:a2:9b:
be:fc:ac:28:91:7a:c4:b5:ae:43:68:b5:a6:b6:96:
37:f7:97:69:76:43:f5:4f:1e:1c:c6:61:b1:d6:b8:
ee:48:0b:e4:cd:fb:fa:96:48:66:c9:96:56:58:62:
7b:4d:d3:e5:df:d1:35:50:bc:7c:36:87:c5:b3:4b:
bf:32:60:6a:c5:64:b0:b4:84:0a:e4:b0:58:27:18:
d1:de:78:05:f8:00:6b:35:82:e6:3d:cd:c3:10:1d:
fe:18:d5:7d:71:62:72:9f:64:27:af:7a:dd:b8:b0:
a4:79:49:d3:50:47:8f:54:e2:19:b3:d3:10:66:8b:
4d:44:d3:c2:7e:f4:d9:39:0c:b0:20:4f:f7:fd:2c:
7d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:33:3A:3D:21:1B:95:11:00:78:39:42:86:0B:FE:CF:82:0F:6B:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/55CA0682C97E11EFBE2F256B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.224.0/24
Signature Algorithm: sha256WithRSAEncryption
29:20:66:09:84:a4:0f:bb:12:2a:8f:99:ba:a2:79:2b:33:ce:
e7:a3:ae:07:de:55:99:dc:a1:b7:23:ca:ce:0b:4c:45:96:1f:
96:28:b8:3d:d0:31:ac:09:42:30:b4:6c:67:5f:52:21:0f:18:
13:7b:e2:1f:e2:f5:bd:99:d4:27:38:96:fc:d7:5c:78:c9:66:
73:21:62:c6:86:53:da:79:3c:ab:11:8b:ea:a7:82:fa:55:fc:
6f:4f:4b:fd:6c:81:86:be:f6:a4:4a:a5:92:09:db:8d:dc:00:
49:6d:ac:53:15:b2:1b:ee:76:d5:4b:45:9b:fd:36:2b:b2:af:
a5:a7:8a:c3:39:0e:c8:6e:f2:04:86:20:b5:2b:97:7e:30:ab:
04:52:2c:17:f9:d9:2b:61:28:6a:f8:67:22:9d:0b:fe:0b:b0:
f8:67:34:b7:7d:81:41:56:c9:9c:1d:8b:ef:2a:73:db:d8:6b:
70:39:4a:d9:1b:f2:ea:f9:cd:0b:ac:85:69:65:1c:1b:ee:67:
fb:17:ef:27:7c:04:06:f8:7a:6c:85:b3:aa:e8:0b:c4:fb:89:
4e:18:78:a1:7b:ae:0f:fd:da:ef:47:6f:81:9a:eb:dd:0b:df:
70:33:f6:2d:67:cd:57:98:71:97:87:18:34:bc:a9:1d:fa:5f:
de:6c:2e:d2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPU1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDI1NjI4WhcNMjUxMjEzMDI1NjI4WjAYMRYw
FAYDVQQDEw02Nzc3NTFkZi1iYjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzw0wJ1MhTLvXARNXuT0qH4kXiTOzr1NynV3LcJ/OocMWjWyOZPaDaCB6
B5h/PRo+tSjMPTkF/rxW4LcjPZF4KZNbAN2kh/4Ts30PpZ6WVi81pFBB4F8b+md3
3QZVpQYGlFzMGobcXNO4pCMIdnrG96YogccJopu+/KwokXrEta5DaLWmtpY395dp
dkP1Tx4cxmGx1rjuSAvkzfv6lkhmyZZWWGJ7TdPl39E1ULx8NofFs0u/MmBqxWSw
tIQK5LBYJxjR3ngF+ABrNYLmPc3DEB3+GNV9cWJyn2Qnr3rduLCkeUnTUEePVOIZ
s9MQZotNRNPCfvTZOQywIE/3/Sx9cwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKMz
Oj0hG5URAHg5QoYL/s+CD2vcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NUNBMDY4MkM5N0UxMUVGQkUyRjI1NkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXgMA0GCSqGSIb3DQEBCwUA
A4IBAQApIGYJhKQPuxIqj5m6onkrM87no64H3lWZ3KG3I8rOC0xFlh+WKLg90DGs
CUIwtGxnX1IhDxgTe+If4vW9mdQnOJb811x4yWZzIWLGhlPaeTyrEYvqp4L6Vfxv
T0v9bIGGvvakSqWSCduN3ABJbaxTFbIb7nbVS0Wb/TYrsq+lp4rDOQ7IbvIEhiC1
K5d+MKsEUiwX+dkrYShq+GcinQv+C7D4ZzS3fYFBVsmcHYvvKnPb2GtwOUrZG/Lq
+c0LrIVpZRwb7mf7F+8nfAQG+HpshbOq6AvE+4lOGHihe64P/drvR2+BmuvdC99w
M/YtZ81XmHGXhxg0vKkd+l/ebC7S
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:29 2025 by rpki-client