Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/83D3294CC96E11EF91EAE975762E951A.roa
File: 83D3294CC96E11EF91EAE975762E951A.roa (raw, json)
Hash identifier: ZxeTSzXAOEN1KhuGzDRSLRkHvRzKlb8CLB/akiIWJ3o=
Subject key identifier: B0:0E:63:B3:52:4B:EA:FD:BB:2B:84:0B:56:B0:E2:B3:8A:B4:D2:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F49C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/83D3294CC96E11EF91EAE975762E951A.roa
Signing time: Fri 03 Jan 2025 01:03:17 +0000
ROA not before: Fri 03 Jan 2025 01:03:13 +0000
ROA not after: Mon 13 Dec 2027 01:03:13 +0000
asID: 17561
IP address blocks: 156.227.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62620 (0xf49c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:03:13 2025 GMT
Not After : Dec 13 01:03:13 2027 GMT
Subject: CN=67773755-af41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ed:b4:ad:0c:b5:04:3e:90:3b:f8:c4:5d:26:
f1:82:de:23:3d:94:06:9b:99:85:d2:6a:b0:eb:b1:
4c:a9:ec:2f:be:fe:9b:9c:74:19:cd:7f:bd:f6:dd:
28:72:be:e2:c9:28:08:6a:b7:db:05:98:f8:63:8f:
15:89:35:0b:f4:c0:8a:1d:95:cf:0f:6a:62:67:e9:
0e:11:61:1b:81:07:b9:9f:50:92:ed:4c:b8:c2:15:
f1:f9:b2:35:68:cc:55:7d:bd:30:df:22:6d:4e:f1:
3a:9b:8a:04:75:4c:b3:ba:98:be:78:59:33:19:36:
e8:31:04:8a:06:39:07:97:7e:56:57:72:30:57:3c:
5b:20:f1:1e:18:48:ea:2d:d2:86:d8:56:b0:96:73:
17:07:f2:29:65:cb:1d:b6:8f:47:68:59:b6:6e:f6:
8a:5e:3e:77:6c:96:8a:a3:f3:ec:54:b3:ca:82:a8:
7a:39:6a:b2:25:1f:b7:1b:99:64:9d:63:79:b2:38:
82:f0:0a:6a:06:77:e7:c8:4e:04:83:8c:d3:16:5f:
99:59:c7:89:0d:7b:f6:7e:68:b7:d8:1e:d5:57:3a:
ab:4b:b6:5b:17:12:bc:71:da:c6:47:9a:57:5d:59:
b2:ea:e2:ee:77:73:66:ad:9d:f1:e8:66:3b:8a:ae:
4e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:0E:63:B3:52:4B:EA:FD:BB:2B:84:0B:56:B0:E2:B3:8A:B4:D2:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/83D3294CC96E11EF91EAE975762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.64.0/24
Signature Algorithm: sha256WithRSAEncryption
89:8c:7f:a2:86:33:37:96:89:e7:d1:0b:79:93:32:e0:14:73:
15:a4:9d:2a:1f:b3:41:ae:a1:0b:83:ad:ca:d5:09:a6:24:d7:
6e:81:ba:94:cf:4e:9b:cd:9b:df:0f:74:39:34:9a:9b:04:c9:
56:58:8e:2a:8d:a4:8c:92:7f:80:3b:b0:65:8c:81:45:6c:68:
df:a1:17:2a:90:a8:d8:f7:4f:1f:80:73:5e:14:37:b9:f7:c2:
30:a7:bd:de:c5:85:d7:d4:29:ef:e2:18:fa:39:ef:94:b8:47:
fd:c7:a9:90:7d:8d:07:04:f0:68:71:d2:02:a6:8e:8d:cb:27:
c6:b4:f0:de:ca:1f:ce:c8:d4:43:61:e5:45:64:f3:c9:2c:c3:
e4:6e:b7:47:0f:bc:eb:47:cd:c7:c6:c9:2c:3f:93:1e:ea:7a:
87:87:49:e0:04:07:b7:00:70:28:2f:96:9d:4a:d5:93:1d:88:
40:aa:dd:04:2c:88:69:56:f1:aa:c9:09:33:ec:c1:c7:db:ba:
10:be:78:32:d7:ae:8a:81:05:b1:f9:7d:95:7e:5b:d7:d5:75:
75:aa:3a:58:94:54:b0:46:40:6b:15:83:99:83:ce:13:c3:9f:
82:f5:de:74:ab:bc:fb:3e:66:c4:a4:12:7f:09:3b:c3:75:bb:
8d:7a:50:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPScMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEwMzEzWhcNMjcxMjEzMDEwMzEzWjAYMRYw
FAYDVQQDEw02Nzc3Mzc1NS1hZjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAne20rQy1BD6QO/jEXSbxgt4jPZQGm5mF0mqw67FMqewvvv6bnHQZzX+9
9t0ocr7iySgIarfbBZj4Y48ViTUL9MCKHZXPD2piZ+kOEWEbgQe5n1CS7Uy4whXx
+bI1aMxVfb0w3yJtTvE6m4oEdUyzupi+eFkzGTboMQSKBjkHl35WV3IwVzxbIPEe
GEjqLdKG2FawlnMXB/IpZcsdto9HaFm2bvaKXj53bJaKo/PsVLPKgqh6OWqyJR+3
G5lknWN5sjiC8ApqBnfnyE4Eg4zTFl+ZWceJDXv2fmi32B7VVzqrS7ZbFxK8cdrG
R5pXXVmy6uLud3NmrZ3x6GY7iq5OpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLAO
Y7NSS+r9uyuEC1aw4rOKtNIaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84M0QzMjk0Q0M5NkUxMUVGOTFFQUU5NzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONAMA0GCSqGSIb3DQEBCwUA
A4IBAQCJjH+ihjM3lonn0Qt5kzLgFHMVpJ0qH7NBrqELg63K1QmmJNdugbqUz06b
zZvfD3Q5NJqbBMlWWI4qjaSMkn+AO7BljIFFbGjfoRcqkKjY908fgHNeFDe598Iw
p73exYXX1Cnv4hj6Oe+UuEf9x6mQfY0HBPBocdICpo6NyyfGtPDeyh/OyNRDYeVF
ZPPJLMPkbrdHD7zrR83HxsksP5Me6nqHh0ngBAe3AHAoL5adStWTHYhAqt0ELIhp
VvGqyQkz7MHH27oQvngy166KgQWx+X2VflvX1XV1qjpYlFSwRkBrFYOZg84Tw5+C
9d50q7z7PmbEpBJ/CTvDdbuNelB9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:45 2025 by rpki-client