Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86DD901CCC9F11EFBE61D940762E951A.roa
File: 86DD901CCC9F11EFBE61D940762E951A.roa (raw, json)
Hash identifier: A2cw5YH2ZiwBBBJAyH7mxHupJdk5AhiWf08mT7PrpXQ=
Subject key identifier: 4E:75:25:34:5F:7E:15:57:BE:B8:40:08:B2:85:F4:54:64:3C:D9:EA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F986
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86DD901CCC9F11EFBE61D940762E951A.roa
Signing time: Tue 07 Jan 2025 02:31:41 +0000
ROA not before: Tue 07 Jan 2025 02:31:37 +0000
ROA not after: Mon 13 Dec 2027 02:31:37 +0000
asID: 17561
IP address blocks: 156.227.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63878 (0xf986)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:31:37 2025 GMT
Not After : Dec 13 02:31:37 2027 GMT
Subject: CN=677c920d-b2f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:aa:da:50:0a:f8:c2:17:78:ff:d0:30:91:07:
b3:91:dc:b1:69:57:a5:77:d9:ad:f5:aa:ca:69:60:
af:92:3e:cd:cd:34:7f:33:76:54:e2:22:88:27:aa:
27:23:45:f1:b0:c1:52:3c:66:7b:32:b5:f4:5d:2a:
b2:1b:88:70:68:27:cd:33:7f:04:c8:2a:fb:a2:93:
81:01:07:4e:92:e0:c8:63:4f:05:6e:b1:42:8f:89:
b2:ab:04:a7:e8:18:9f:ca:a2:8c:50:e6:c1:d4:e7:
64:67:f0:86:85:fe:b9:21:de:3a:a8:58:7b:49:48:
11:ad:1e:f0:93:51:45:68:25:64:2b:25:a2:24:a9:
b7:b3:c4:2b:db:be:b5:53:53:93:cd:37:5e:99:55:
c8:e8:55:ec:a6:18:4f:54:8a:4d:72:62:e7:58:7d:
40:16:5d:6e:d5:c8:49:f1:fc:12:14:59:f9:00:9a:
b9:2f:fc:46:8b:8d:bf:32:7f:44:10:22:b5:14:77:
51:f4:09:5d:d8:ce:ad:8c:da:23:75:4c:93:c3:12:
9e:32:fe:ea:b0:71:2d:84:70:dc:ab:55:cc:db:42:
65:66:1b:d7:b1:90:69:6d:e8:01:ce:93:b2:10:89:
a0:01:ae:d3:23:7d:4d:86:97:21:8b:d4:93:67:5c:
a1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:75:25:34:5F:7E:15:57:BE:B8:40:08:B2:85:F4:54:64:3C:D9:EA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86DD901CCC9F11EFBE61D940762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.121.0/24
Signature Algorithm: sha256WithRSAEncryption
53:fe:5a:b0:b2:ef:04:7c:83:8d:b6:2b:c8:c1:40:50:46:2e:
0c:67:11:c0:68:9e:62:f3:97:61:12:f1:a4:1b:0c:59:ba:2a:
99:1b:e6:6c:b6:d9:e9:b6:88:f5:c8:26:71:0f:c8:2a:4c:fd:
58:f1:bf:87:c5:b4:9e:80:20:c0:0c:55:2b:01:8c:4b:82:fd:
04:42:ea:d9:1f:65:9c:2f:5f:f8:14:ba:79:25:b7:96:58:b7:
ca:5b:d1:15:69:00:a5:a0:d0:e9:57:c3:00:c5:c0:81:22:59:
55:b6:62:f0:db:33:cf:fe:00:ea:f0:29:37:c6:54:f0:96:0a:
ad:ac:0c:f4:b6:4f:c3:03:7a:07:e1:f6:25:1e:57:94:1b:48:
da:12:08:91:86:1d:06:cd:8c:5d:28:27:ad:15:05:96:7b:fe:
52:9b:55:7f:2c:c5:57:b2:8e:79:2a:a3:ee:c4:2d:9a:49:1a:
b1:f9:31:8a:26:11:00:7a:f3:ba:2c:a3:17:89:97:94:6e:87:
34:75:92:bd:35:6a:51:40:7f:1f:3c:59:14:49:07:ab:a9:28:
98:ec:9a:a5:88:77:bf:39:7c:13:32:88:7c:d9:c7:f5:87:70:
61:ae:f5:05:ee:82:18:09:ac:81:1d:8a:1c:0d:41:5c:c7:28:
05:1e:63:70
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPmGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDIzMTM3WhcNMjcxMjEzMDIzMTM3WjAYMRYw
FAYDVQQDEw02NzdjOTIwZC1iMmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1qraUAr4whd4/9AwkQezkdyxaVeld9mt9arKaWCvkj7NzTR/M3ZU4iKI
J6onI0XxsMFSPGZ7MrX0XSqyG4hwaCfNM38EyCr7opOBAQdOkuDIY08FbrFCj4my
qwSn6BifyqKMUObB1OdkZ/CGhf65Id46qFh7SUgRrR7wk1FFaCVkKyWiJKm3s8Qr
2761U1OTzTdemVXI6FXsphhPVIpNcmLnWH1AFl1u1chJ8fwSFFn5AJq5L/xGi42/
Mn9EECK1FHdR9Ald2M6tjNojdUyTwxKeMv7qsHEthHDcq1XM20JlZhvXsZBpbegB
zpOyEImgAa7TI31Nhpchi9STZ1yhGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE51
JTRffhVXvrhACLKF9FRkPNnqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NkREOTAxQ0NDOUYxMUVGQkU2MUQ5NDA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnON5MA0GCSqGSIb3DQEBCwUA
A4IBAQBT/lqwsu8EfIONtivIwUBQRi4MZxHAaJ5i85dhEvGkGwxZuiqZG+Zsttnp
toj1yCZxD8gqTP1Y8b+HxbSegCDADFUrAYxLgv0EQurZH2WcL1/4FLp5JbeWWLfK
W9EVaQCloNDpV8MAxcCBIllVtmLw2zPP/gDq8Ck3xlTwlgqtrAz0tk/DA3oH4fYl
HleUG0jaEgiRhh0GzYxdKCetFQWWe/5Sm1V/LMVXso55KqPuxC2aSRqx+TGKJhEA
evO6LKMXiZeUboc0dZK9NWpRQH8fPFkUSQerqSiY7JqliHe/OXwTMoh82cf1h3Bh
rvUF7oIYCayBHYocDUFcxygFHmNw
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:16 2025 by rpki-client