Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5977EBBECCFD11EFB1B1B498762E951A.roa
File: 5977EBBECCFD11EFB1B1B498762E951A.roa (raw, json)
Hash identifier: dWU8uU+2vHoz9c9+jbO1AUARrQZRa08vJlR6BWks+gY=
Subject key identifier: B7:59:01:79:CE:2B:C6:F9:AA:F6:C1:A0:36:50:57:F4:B2:10:DD:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC53
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5977EBBECCFD11EFB1B1B498762E951A.roa
Signing time: Tue 07 Jan 2025 13:43:17 +0000
ROA not before: Tue 07 Jan 2025 13:43:14 +0000
ROA not after: Sat 13 Dec 2025 13:43:14 +0000
asID: 984
IP address blocks: 156.238.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64595 (0xfc53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 13:43:14 2025 GMT
Not After : Dec 13 13:43:14 2025 GMT
Subject: CN=677d2f75-3eb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:00:d9:4c:03:68:81:c2:3c:a8:5b:fd:c9:31:
aa:a3:e3:4c:6d:e3:af:e9:16:cc:f2:75:7d:01:06:
15:f5:48:20:67:2d:06:fe:95:48:6a:21:6f:ff:94:
2b:d8:d9:0a:be:e0:d5:6f:a4:07:05:ed:3d:d8:55:
9f:28:f2:d5:9e:14:e0:0b:ff:a1:01:0e:cb:f8:56:
6b:cd:cd:0d:17:cd:c8:b3:66:c4:76:df:8a:9c:d2:
83:a7:9a:64:c8:8f:a6:b2:2a:37:54:15:5a:f3:ea:
1b:58:4b:e0:e8:8d:88:38:ba:16:be:97:5e:14:ec:
28:56:ca:f4:38:da:67:87:d2:d8:f3:65:59:ad:87:
4d:ee:41:d2:20:29:af:85:1a:b2:2f:7f:fc:96:12:
c0:6b:ab:3a:6b:a1:14:cd:23:44:ce:1c:13:6d:02:
b1:c8:ed:44:51:5d:50:e9:3f:15:4b:67:6d:9c:a3:
82:b7:23:14:63:30:e8:3f:69:b1:0e:1c:42:33:1d:
94:8d:d8:94:3d:6f:62:18:4d:f5:4d:9a:82:8b:04:
37:9b:84:e6:75:60:10:37:65:44:c9:f9:ce:63:d7:
9a:e8:4d:b8:c0:b1:d4:5d:9e:0a:5a:8f:78:70:0a:
e9:c8:9a:a7:bc:89:fb:8f:bc:72:d2:8d:4e:67:3f:
b7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:59:01:79:CE:2B:C6:F9:AA:F6:C1:A0:36:50:57:F4:B2:10:DD:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5977EBBECCFD11EFB1B1B498762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.94.0/24
Signature Algorithm: sha256WithRSAEncryption
48:16:2e:2a:1d:f6:16:39:66:13:06:4d:26:ee:f3:c0:75:a5:
ac:91:ba:59:c4:d7:6c:1f:7f:e0:81:5e:14:6e:9b:32:9e:6e:
41:3e:43:93:84:6a:6e:a3:36:83:10:8f:40:8c:3a:78:6f:7a:
61:a5:95:55:ce:43:e4:bf:ee:c2:3b:e1:e0:29:0b:c2:8a:47:
0d:87:83:16:a0:ae:05:c6:e7:5b:d4:70:b6:8f:ce:f8:f2:68:
13:26:1c:e3:e1:4b:ee:5d:01:65:38:34:2e:75:20:98:cf:4b:
1d:38:90:6b:5b:6a:b6:62:39:8c:01:56:1c:b3:26:53:01:3b:
ba:08:ba:d7:cc:ca:f8:bb:ac:d5:fe:ef:f3:9d:0e:87:ca:17:
98:ca:2c:1f:8b:2d:7a:96:00:67:d8:02:cf:93:a9:fc:58:41:
6e:50:1c:8c:06:6b:68:b6:af:8f:60:35:b9:d1:7b:27:8c:21:
a7:cc:6d:83:bb:74:a6:92:b3:73:38:93:cd:7c:65:4a:cc:d9:
cd:08:36:df:d3:0d:4d:51:38:59:54:0d:d0:cc:bb:e6:38:66:
7a:56:22:48:2b:b0:5d:79:cc:37:49:c6:81:5c:20:94:8d:c4:
35:d3:56:30:b0:9a:02:98:95:5d:ea:ba:62:f5:40:4f:14:ec:
94:80:d3:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPxTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTM0MzE0WhcNMjUxMjEzMTM0MzE0WjAYMRYw
FAYDVQQDEw02NzdkMmY3NS0zZWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtwDZTANogcI8qFv9yTGqo+NMbeOv6RbM8nV9AQYV9UggZy0G/pVIaiFv
/5Qr2NkKvuDVb6QHBe092FWfKPLVnhTgC/+hAQ7L+FZrzc0NF83Is2bEdt+KnNKD
p5pkyI+msio3VBVa8+obWEvg6I2IOLoWvpdeFOwoVsr0ONpnh9LY82VZrYdN7kHS
ICmvhRqyL3/8lhLAa6s6a6EUzSNEzhwTbQKxyO1EUV1Q6T8VS2dtnKOCtyMUYzDo
P2mxDhxCMx2UjdiUPW9iGE31TZqCiwQ3m4TmdWAQN2VEyfnOY9ea6E24wLHUXZ4K
Wo94cArpyJqnvIn7j7xy0o1OZz+3fQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLdZ
AXnOK8b5qvbBoDZQV/SyEN0GMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81OTc3RUJCRUNDRkQxMUVGQjFCMUI0OTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5eMA0GCSqGSIb3DQEBCwUA
A4IBAQBIFi4qHfYWOWYTBk0m7vPAdaWskbpZxNdsH3/ggV4Ubpsynm5BPkOThGpu
ozaDEI9AjDp4b3phpZVVzkPkv+7CO+HgKQvCikcNh4MWoK4Fxudb1HC2j8748mgT
Jhzj4UvuXQFlODQudSCYz0sdOJBrW2q2YjmMAVYcsyZTATu6CLrXzMr4u6zV/u/z
nQ6HyheYyiwfiy16lgBn2ALPk6n8WEFuUByMBmtotq+PYDW50XsnjCGnzG2Du3Sm
krNzOJPNfGVKzNnNCDbf0w1NUThZVA3QzLvmOGZ6ViJIK7Bdecw3ScaBXCCUjcQ1
01YwsJoCmJVd6rpi9UBPFOyUgNOP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:47 2025 by rpki-client