Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80DA9204CCA511EFB458FB6E762E951A.roa
File: 80DA9204CCA511EFB458FB6E762E951A.roa (raw, json)
Hash identifier: ZzzedxVovYPFpfycPCIvcL60T+fSlfAw959hflw6ze8=
Subject key identifier: 82:5D:AF:4B:97:18:E2:AB:72:F2:22:92:2D:8A:51:99:E7:2C:E2:39
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80DA9204CCA511EFB458FB6E762E951A.roa
Signing time: Tue 07 Jan 2025 03:14:28 +0000
ROA not before: Tue 07 Jan 2025 03:14:24 +0000
ROA not after: Sat 13 Dec 2025 03:14:24 +0000
asID: 984
IP address blocks: 156.229.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63930 (0xf9ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 03:14:24 2025 GMT
Not After : Dec 13 03:14:24 2025 GMT
Subject: CN=677c9c13-bf81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:37:32:dc:16:e9:0f:1c:a4:69:fb:03:c5:ed:
53:b6:05:9e:00:bd:27:28:1d:13:3c:f5:18:06:89:
9d:ab:86:24:21:ed:42:a7:14:da:d1:09:d5:7d:5e:
7d:c2:2b:50:40:ff:1e:71:99:c3:bc:b1:0f:bc:4f:
fb:3c:5e:c7:21:aa:43:0f:7f:bc:85:bc:2e:86:0e:
29:d3:5b:29:64:8b:a2:5f:b3:4f:c7:f7:09:77:c4:
5c:88:3b:74:55:1b:a4:c4:c9:7b:a2:4e:25:69:ed:
bb:55:0f:65:7f:3d:bb:81:61:e8:d3:f1:79:c0:2a:
7c:a8:3d:d6:a0:04:29:32:a2:4b:39:28:4c:f1:57:
47:61:23:f7:f4:9d:9c:c2:fe:b9:be:eb:94:8d:ac:
85:cd:68:ea:c0:48:2d:1b:cc:fd:7e:20:25:e0:8c:
43:40:84:cc:85:c7:6a:8c:6a:89:aa:3d:70:46:a4:
c5:09:8c:e3:2b:43:a5:3f:53:58:e3:97:e8:fe:25:
41:ee:ab:26:6b:73:76:93:bc:eb:67:51:ce:cf:40:
26:6a:65:28:13:a1:0e:36:6b:5a:6f:71:fd:71:ec:
9e:d2:fc:81:db:5d:34:0b:06:e8:86:ae:e0:46:5e:
17:f7:9c:a3:6f:87:38:91:d5:fa:60:14:8b:ad:c0:
4a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:5D:AF:4B:97:18:E2:AB:72:F2:22:92:2D:8A:51:99:E7:2C:E2:39
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80DA9204CCA511EFB458FB6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.240.0/24
Signature Algorithm: sha256WithRSAEncryption
af:bf:a7:c8:c3:21:f7:c8:31:34:5c:22:a0:a2:a9:b6:eb:3f:
8c:7c:04:df:d9:28:4a:de:fd:73:72:c8:6f:25:79:1f:1d:8f:
7c:6e:de:86:ad:ef:90:fe:67:c5:14:8d:c4:4a:4a:8a:6c:8a:
37:d8:c1:7c:d8:6d:99:4d:4c:29:84:6f:64:76:79:8b:7e:a6:
4c:3c:ad:39:1c:25:51:a5:46:20:7d:83:b6:33:cf:db:51:50:
75:57:f1:9f:25:ab:f0:90:31:cf:52:f8:14:8e:de:76:18:ca:
82:fd:21:ae:f4:2b:45:2a:52:f1:ce:20:dd:02:af:97:69:ba:
31:c8:11:70:4b:e9:a8:42:26:21:13:8e:11:99:e0:27:c1:d0:
3a:9a:7c:c2:cb:3b:f4:2b:42:ec:45:23:e2:78:f7:66:b5:2b:
f5:28:79:90:d5:a5:21:c0:2e:4d:2d:2e:8e:bf:6e:72:dc:d9:
58:cd:fb:69:f0:92:b7:4b:a1:f8:24:33:d8:2c:13:04:53:a1:
05:d9:34:72:75:5c:d3:24:38:a5:e3:f7:f4:1f:10:a4:14:b7:
57:26:b6:a7:87:d8:d7:e2:a6:e4:ad:47:b4:1b:80:cf:f7:16:
23:be:1d:73:2b:f2:67:10:59:fc:d8:ef:d9:0c:11:e8:da:5a:
64:1a:f5:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPm6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDMxNDI0WhcNMjUxMjEzMDMxNDI0WjAYMRYw
FAYDVQQDEw02NzdjOWMxMy1iZjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvTcy3BbpDxykafsDxe1TtgWeAL0nKB0TPPUYBomdq4YkIe1CpxTa0QnV
fV59witQQP8ecZnDvLEPvE/7PF7HIapDD3+8hbwuhg4p01spZIuiX7NPx/cJd8Rc
iDt0VRukxMl7ok4lae27VQ9lfz27gWHo0/F5wCp8qD3WoAQpMqJLOShM8VdHYSP3
9J2cwv65vuuUjayFzWjqwEgtG8z9fiAl4IxDQITMhcdqjGqJqj1wRqTFCYzjK0Ol
P1NY45fo/iVB7qsma3N2k7zrZ1HOz0AmamUoE6EONmtab3H9ceye0vyB2100Cwbo
hq7gRl4X95yjb4c4kdX6YBSLrcBK1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIJd
r0uXGOKrcvIiki2KUZnnLOI5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MERBOTIwNENDQTUxMUVGQjQ1OEZCNkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXwMA0GCSqGSIb3DQEBCwUA
A4IBAQCvv6fIwyH3yDE0XCKgoqm26z+MfATf2ShK3v1zcshvJXkfHY98bt6Gre+Q
/mfFFI3ESkqKbIo32MF82G2ZTUwphG9kdnmLfqZMPK05HCVRpUYgfYO2M8/bUVB1
V/GfJavwkDHPUvgUjt52GMqC/SGu9CtFKlLxziDdAq+XaboxyBFwS+moQiYhE44R
meAnwdA6mnzCyzv0K0LsRSPiePdmtSv1KHmQ1aUhwC5NLS6Ov25y3NlYzftp8JK3
S6H4JDPYLBMEU6EF2TRydVzTJDil4/f0HxCkFLdXJranh9jX4qbkrUe0G4DP9xYj
vh1zK/JnEFn82O/ZDBHo2lpkGvVQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:49 2025 by rpki-client