Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65F45D14CC9911EF8384F793762E951A.roa
File: 65F45D14CC9911EF8384F793762E951A.roa (raw, json)
Hash identifier: T61k7uIbjaF8LohzR235a59WneXE17RcAGH8vYMVCFo=
Subject key identifier: 1F:0A:95:9B:B6:3A:6B:F7:16:7D:F6:5C:D9:BE:95:7A:55:90:54:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F954
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65F45D14CC9911EF8384F793762E951A.roa
Signing time: Tue 07 Jan 2025 01:47:48 +0000
ROA not before: Tue 07 Jan 2025 01:47:45 +0000
ROA not after: Sat 13 Dec 2025 01:47:45 +0000
asID: 984
IP address blocks: 156.227.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63828 (0xf954)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 01:47:45 2025 GMT
Not After : Dec 13 01:47:45 2025 GMT
Subject: CN=677c87c4-8175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5f:b9:bd:e8:7c:0f:f9:a1:95:fb:2c:4e:87:
21:9a:16:a9:f3:30:22:34:1b:60:38:55:40:66:9d:
c0:5a:3c:ce:08:cb:cb:cc:22:77:61:43:93:ff:23:
22:02:8e:96:74:6e:2b:80:02:bf:31:21:10:09:e0:
42:ee:89:44:9b:64:93:8a:8d:b0:6d:09:c4:de:87:
da:08:b4:40:26:7d:54:7f:be:51:83:3f:9f:cc:72:
cd:33:9f:e6:4e:d1:a9:ac:bc:bb:47:83:a3:b7:0e:
40:4b:a6:88:e1:a4:04:96:9d:2e:08:21:63:13:78:
d6:c8:16:c2:c5:83:f7:6f:eb:15:c5:24:a8:83:85:
f2:6b:2b:ae:8f:f5:cf:bf:b1:65:5e:59:de:ce:c8:
26:d4:9b:d0:42:13:b9:5a:5c:46:67:77:eb:c6:94:
c3:cd:1a:e9:5a:2e:a0:b2:a8:55:e9:b0:f3:53:a7:
c4:3d:e5:1d:1a:d0:61:9e:d1:a1:a1:81:e4:0c:96:
07:d0:b7:74:69:6e:20:24:6a:38:ea:05:90:22:94:
99:24:4a:35:91:50:88:02:5c:4e:b0:da:98:55:8b:
7d:32:78:0e:1b:81:8a:85:3b:35:7b:ac:d1:ae:2a:
12:0d:26:f9:c0:ca:5c:13:fe:ae:f1:91:9a:83:ca:
c0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:0A:95:9B:B6:3A:6B:F7:16:7D:F6:5C:D9:BE:95:7A:55:90:54:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65F45D14CC9911EF8384F793762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.96.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:72:72:b6:fd:f2:7e:a6:0c:a7:6b:bb:e0:23:f8:b4:fe:8e:
f9:45:4f:60:46:5c:b0:1c:e9:ad:b7:71:ea:bc:01:bc:b4:56:
db:76:19:d4:69:bb:2b:1d:96:8e:f8:84:77:cc:06:0b:51:97:
9c:81:ff:6e:0e:20:63:7e:01:22:4a:4f:69:45:87:41:12:a9:
25:3e:8c:a6:ea:1a:ef:a9:6a:68:c5:f2:6b:92:ca:f8:85:52:
66:bd:f3:73:87:fa:94:48:ff:15:0e:34:05:c5:f0:4a:32:de:
f4:c7:b7:fa:a1:ff:50:37:56:f0:aa:a8:67:b1:91:ab:d8:3a:
6f:0d:e5:a4:f7:cb:31:ef:58:ec:0b:18:a4:7d:b6:94:9c:0d:
a0:99:0a:df:ab:5e:a5:e6:33:90:0d:e1:c2:4a:a3:96:41:52:
8e:89:23:27:20:e1:9c:0f:ad:bb:50:76:8f:2c:8f:81:e1:2c:
6a:cd:b2:dc:87:30:82:6f:f4:60:7f:d7:97:ce:d6:fd:46:02:
65:d8:da:69:7b:cd:37:13:6e:24:51:d0:1f:e8:e2:1d:83:87:
b4:b8:b5:9c:84:db:42:70:54:4e:42:d2:54:3b:e4:39:87:35:
6c:96:e9:57:74:d4:aa:f2:ce:01:e8:b5:6d:6c:21:66:3d:e0:
3b:a5:17:e9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPlUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDE0NzQ1WhcNMjUxMjEzMDE0NzQ1WjAYMRYw
FAYDVQQDEw02NzdjODdjNC04MTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuF+5veh8D/mhlfssTochmhap8zAiNBtgOFVAZp3AWjzOCMvLzCJ3YUOT
/yMiAo6WdG4rgAK/MSEQCeBC7olEm2STio2wbQnE3ofaCLRAJn1Uf75Rgz+fzHLN
M5/mTtGprLy7R4Ojtw5AS6aI4aQElp0uCCFjE3jWyBbCxYP3b+sVxSSog4Xyayuu
j/XPv7FlXlnezsgm1JvQQhO5WlxGZ3frxpTDzRrpWi6gsqhV6bDzU6fEPeUdGtBh
ntGhoYHkDJYH0Ld0aW4gJGo46gWQIpSZJEo1kVCIAlxOsNqYVYt9MngOG4GKhTs1
e6zRrioSDSb5wMpcE/6u8ZGag8rAwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB8K
lZu2Omv3Fn32XNm+lXpVkFTFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NUY0NUQxNENDOTkxMUVGODM4NEY3OTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONgMA0GCSqGSIb3DQEBCwUA
A4IBAQBtcnK2/fJ+pgyna7vgI/i0/o75RU9gRlywHOmtt3HqvAG8tFbbdhnUabsr
HZaO+IR3zAYLUZecgf9uDiBjfgEiSk9pRYdBEqklPoym6hrvqWpoxfJrksr4hVJm
vfNzh/qUSP8VDjQFxfBKMt70x7f6of9QN1bwqqhnsZGr2DpvDeWk98sx71jsCxik
fbaUnA2gmQrfq16l5jOQDeHCSqOWQVKOiSMnIOGcD627UHaPLI+B4SxqzbLchzCC
b/Rgf9eXztb9RgJl2Nppe803E24kUdAf6OIdg4e0uLWchNtCcFROQtJUO+Q5hzVs
lulXdNSq8s4B6LVtbCFmPeA7pRfp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:01 2025 by rpki-client