Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5930A5B0CD6111EFA0F7A993762E951A.roa
File: 5930A5B0CD6111EFA0F7A993762E951A.roa (raw, json)
Hash identifier: IeKx1Odi8qybesiD07B++8G1ssPJYT8jkijKpPdZk3g=
Subject key identifier: 45:A2:69:B5:1D:51:D5:C9:C5:4D:C8:56:11:11:79:BD:48:FC:4C:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF35
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5930A5B0CD6111EFA0F7A993762E951A.roa
Signing time: Wed 08 Jan 2025 01:39:06 +0000
ROA not before: Wed 08 Jan 2025 01:39:02 +0000
ROA not after: Sat 13 Dec 2025 01:39:02 +0000
asID: 984
IP address blocks: 156.247.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65333 (0xff35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 01:39:02 2025 GMT
Not After : Dec 13 01:39:02 2025 GMT
Subject: CN=677dd73a-7f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:d3:5d:5f:87:98:d6:b3:65:f4:b1:45:e8:
1f:e0:78:8b:6f:3e:e5:73:ea:c9:6b:6f:bd:da:bd:
19:7c:7b:83:94:74:44:7a:87:65:39:b0:c8:c3:ac:
cc:2c:2f:35:01:db:fe:6b:70:0a:43:18:2e:31:9e:
af:f2:28:43:a5:8c:fc:0c:51:08:5b:8e:15:25:31:
2f:f6:81:9d:f6:01:a1:cb:c1:7f:28:ea:f0:e9:af:
56:e1:d6:3e:7b:0d:0e:52:f8:3f:5b:51:dd:b8:f4:
ad:0d:2a:70:42:86:33:55:07:93:0d:a1:05:e0:32:
c4:09:7c:c0:c5:03:84:43:c7:8d:0a:4d:b5:42:29:
57:a0:8e:30:d7:73:73:ac:7d:02:bb:d0:b1:de:3f:
57:04:95:03:4c:60:26:32:a3:dd:6a:27:3f:f0:f5:
c4:1e:7b:e2:21:0e:a9:74:a5:9e:0d:48:11:70:a3:
c4:d4:88:15:a1:71:18:d1:cc:d4:3c:3f:e9:a1:9e:
12:0e:e2:e5:f0:b3:e3:a1:19:49:02:b8:c1:02:bb:
4c:7a:b1:c0:0a:e3:bf:05:a0:be:d1:1b:d7:99:aa:
6b:70:e1:05:ce:08:0d:3b:05:f9:43:c1:3c:0d:69:
c0:05:73:45:1b:e5:2f:fb:91:6b:ab:c6:22:c1:41:
f5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A2:69:B5:1D:51:D5:C9:C5:4D:C8:56:11:11:79:BD:48:FC:4C:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5930A5B0CD6111EFA0F7A993762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.99.0/24
Signature Algorithm: sha256WithRSAEncryption
46:f2:5f:58:92:3e:4d:69:93:88:cb:da:37:2f:0d:b7:1d:42:
f0:cc:48:b5:03:f6:1e:40:4a:cf:a7:82:fe:25:73:52:79:73:
f6:2e:a2:86:ed:16:bc:e3:b9:9d:f5:83:9c:dd:da:0d:7a:fc:
39:4a:58:3c:a0:28:5a:81:98:f6:21:9e:1d:2a:be:fa:09:26:
4f:b8:dd:01:8b:bb:71:6a:fd:47:ba:2e:8c:13:43:47:a2:59:
06:d5:3b:4b:ed:5c:b5:3b:1d:24:34:ec:ee:5f:69:23:d4:44:
1c:e3:5a:cc:29:db:bf:b8:14:86:f7:5d:13:91:56:da:bb:04:
3f:8e:14:bf:d7:8a:c9:5d:2e:c4:0a:54:b2:ac:9c:e9:cd:95:
20:54:79:67:e1:35:c6:1f:96:ad:05:46:d4:1d:ea:7f:46:f0:
24:8f:7c:78:eb:b7:cc:d5:8b:af:36:a1:fd:e8:b7:57:87:25:
44:7d:22:28:3d:89:e1:cf:0f:80:1f:38:09:45:fb:5f:21:c3:
d1:88:f6:6c:d7:a9:f4:95:2b:2d:c3:ca:ae:db:b4:07:99:96:
4c:20:e2:a4:1d:93:e4:06:e4:57:3e:ad:ae:8b:14:cb:28:48:
50:a9:e3:cf:3b:ba:4a:8f:fd:da:67:7c:e5:0a:91:54:2b:dd:
31:99:e9:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP81MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDEzOTAyWhcNMjUxMjEzMDEzOTAyWjAYMRYw
FAYDVQQDEw02NzdkZDczYS03ZjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsF3TXV+HmNazZfSxRegf4HiLbz7lc+rJa2+92r0ZfHuDlHREeodlObDI
w6zMLC81Adv+a3AKQxguMZ6v8ihDpYz8DFEIW44VJTEv9oGd9gGhy8F/KOrw6a9W
4dY+ew0OUvg/W1HduPStDSpwQoYzVQeTDaEF4DLECXzAxQOEQ8eNCk21QilXoI4w
13NzrH0Cu9Cx3j9XBJUDTGAmMqPdaic/8PXEHnviIQ6pdKWeDUgRcKPE1IgVoXEY
0czUPD/poZ4SDuLl8LPjoRlJArjBArtMerHACuO/BaC+0RvXmaprcOEFzggNOwX5
Q8E8DWnABXNFG+Uv+5Frq8YiwUH16wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEWi
abUdUdXJxU3IVhEReb1I/EzPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81OTMwQTVCMENENjExMUVGQTBGN0E5OTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdjMA0GCSqGSIb3DQEBCwUA
A4IBAQBG8l9Ykj5NaZOIy9o3Lw23HULwzEi1A/YeQErPp4L+JXNSeXP2LqKG7Ra8
47md9YOc3doNevw5Slg8oChagZj2IZ4dKr76CSZPuN0Bi7txav1Hui6ME0NHolkG
1TtL7Vy1Ox0kNOzuX2kj1EQc41rMKdu/uBSG910TkVbauwQ/jhS/14rJXS7EClSy
rJzpzZUgVHln4TXGH5atBUbUHep/RvAkj3x467fM1YuvNqH96LdXhyVEfSIoPYnh
zw+AHzgJRftfIcPRiPZs16n0lSstw8qu27QHmZZMIOKkHZPkBuRXPq2uixTLKEhQ
qePPO7pKj/3aZ3zlCpFUK90xmelc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:41 2025 by rpki-client