Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6539D37CCC9E11EFB30FC8B7762E951A.roa
File: 6539D37CCC9E11EFB30FC8B7762E951A.roa (raw, json)
Hash identifier: 880guufDDdjw7+fSARnv6ubCHZeeq06xji2q6HXbHg4=
Subject key identifier: 07:C0:10:76:B6:5B:54:08:5E:B9:73:62:E8:90:2B:06:33:E6:E3:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F97C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6539D37CCC9E11EFB30FC8B7762E951A.roa
Signing time: Tue 07 Jan 2025 02:23:35 +0000
ROA not before: Tue 07 Jan 2025 02:23:31 +0000
ROA not after: Sat 13 Dec 2025 02:23:31 +0000
asID: 984
IP address blocks: 156.227.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63868 (0xf97c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:23:31 2025 GMT
Not After : Dec 13 02:23:31 2025 GMT
Subject: CN=677c9027-f216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:62:35:6a:2d:fc:07:ea:1d:bd:4c:f5:33:cc:
fc:e0:27:7c:9f:f6:7a:1b:69:55:13:ee:84:60:6d:
76:b7:1c:20:9c:80:00:9a:1b:c4:0e:92:c8:c1:79:
f7:7d:c9:ca:f4:a2:58:5d:48:63:ed:cc:bd:f4:c7:
05:7d:5e:61:c6:7d:28:a5:d2:1d:58:1e:9d:81:06:
0c:4b:1a:c3:0c:12:ab:27:3e:c6:0c:34:ec:cb:57:
40:2c:88:5e:66:d0:53:e3:57:04:40:18:6e:c7:19:
02:94:06:f2:3a:0e:05:cf:de:14:54:47:22:0a:4f:
0e:b6:ca:de:f3:2e:6d:5c:c3:ad:b6:94:d6:09:de:
65:b7:84:4a:57:81:bf:84:40:57:5a:b3:d4:74:d7:
63:bf:d2:ba:53:77:e1:f2:29:6a:c1:26:fd:2d:dd:
09:7e:ee:6b:88:15:b7:11:47:06:63:39:52:b5:4d:
2a:d0:2e:f1:66:f1:ca:90:be:92:0d:07:84:e3:51:
dc:df:07:37:cf:2a:71:2f:1f:b0:f7:c0:d4:82:27:
ca:76:04:c1:6a:98:80:03:db:b4:ba:49:e9:93:a6:
53:b1:92:65:33:38:fa:a8:22:16:73:2e:83:81:f6:
90:56:a3:6c:75:59:9b:9b:cd:20:dc:10:51:a6:18:
68:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C0:10:76:B6:5B:54:08:5E:B9:73:62:E8:90:2B:06:33:E6:E3:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6539D37CCC9E11EFB30FC8B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.116.0/24
Signature Algorithm: sha256WithRSAEncryption
85:3d:bc:10:d6:c6:37:62:fd:22:78:0a:2f:01:ad:1e:af:7a:
6d:c7:55:53:72:b6:3b:9f:5d:73:ac:65:63:fa:07:4f:cc:b1:
d6:44:26:6e:b8:75:10:07:4d:52:86:d4:74:fe:0f:2b:20:70:
c5:61:f3:11:bb:2a:8d:31:f9:88:22:06:57:d1:d3:a1:68:c7:
d9:1f:e9:09:e6:eb:3e:e0:d9:4a:61:2f:6f:3a:6e:f2:b4:51:
a3:8e:87:ba:2d:1f:78:8f:3b:30:01:e5:7c:fc:8e:e4:9b:2d:
71:ad:8d:80:1e:db:9b:cb:99:a9:bb:fd:c8:47:f3:62:22:b1:
bc:92:16:1b:af:0f:bd:82:e3:2e:08:05:ae:ad:68:6b:f6:21:
54:7f:36:22:61:5e:8c:e6:d5:9b:19:b6:44:3a:a0:0b:c0:19:
f4:0a:9e:e3:54:d1:b2:31:c2:76:29:69:ec:ee:2c:57:b3:5d:
4b:01:5b:2f:59:73:7d:2f:91:01:f9:38:79:5d:4a:46:1c:e9:
b2:10:24:f9:16:2f:5c:dc:86:1a:1a:6b:2b:50:8b:85:3d:b2:
0e:9b:03:d8:ad:b2:ef:4a:16:2e:ac:f9:8c:95:05:fd:48:84:
4f:52:ea:96:ce:95:76:d8:8f:dc:e1:6d:6c:c0:1c:ab:13:ae:
82:71:14:96
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPl8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDIyMzMxWhcNMjUxMjEzMDIyMzMxWjAYMRYw
FAYDVQQDEw02NzdjOTAyNy1mMjE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtGI1ai38B+odvUz1M8z84Cd8n/Z6G2lVE+6EYG12txwgnIAAmhvEDpLI
wXn3fcnK9KJYXUhj7cy99McFfV5hxn0opdIdWB6dgQYMSxrDDBKrJz7GDDTsy1dA
LIheZtBT41cEQBhuxxkClAbyOg4Fz94UVEciCk8Otsre8y5tXMOttpTWCd5lt4RK
V4G/hEBXWrPUdNdjv9K6U3fh8ilqwSb9Ld0Jfu5riBW3EUcGYzlStU0q0C7xZvHK
kL6SDQeE41Hc3wc3zypxLx+w98DUgifKdgTBapiAA9u0uknpk6ZTsZJlMzj6qCIW
cy6DgfaQVqNsdVmbm80g3BBRphhomwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAfA
EHa2W1QIXrlzYuiQKwYz5uOLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NTM5RDM3Q0NDOUUxMUVGQjMwRkM4Qjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnON0MA0GCSqGSIb3DQEBCwUA
A4IBAQCFPbwQ1sY3Yv0ieAovAa0er3ptx1VTcrY7n11zrGVj+gdPzLHWRCZuuHUQ
B01ShtR0/g8rIHDFYfMRuyqNMfmIIgZX0dOhaMfZH+kJ5us+4NlKYS9vOm7ytFGj
joe6LR94jzswAeV8/I7kmy1xrY2AHtuby5mpu/3IR/NiIrG8khYbrw+9guMuCAWu
rWhr9iFUfzYiYV6M5tWbGbZEOqALwBn0Cp7jVNGyMcJ2KWns7ixXs11LAVsvWXN9
L5EB+Th5XUpGHOmyECT5Fi9c3IYaGmsrUIuFPbIOmwPYrbLvShYurPmMlQX9SIRP
UuqWzpV22I/c4W1swByrE66CcRSW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:54 2025 by rpki-client