Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A63AF96C98911EFBFA230B6762E951A.roa
File: 8A63AF96C98911EFBFA230B6762E951A.roa (raw, json)
Hash identifier: pSzzCboouCAo41ACSoJJfWH1s2pzE7ghmQUkASSchtc=
Subject key identifier: B4:53:34:86:E1:06:9B:C6:BA:BA:34:76:20:4D:90:B1:14:02:60:87
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F59F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A63AF96C98911EFBFA230B6762E951A.roa
Signing time: Fri 03 Jan 2025 04:16:44 +0000
ROA not before: Fri 03 Jan 2025 04:16:41 +0000
ROA not after: Sat 13 Dec 2025 04:16:41 +0000
asID: 984
IP address blocks: 156.233.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62879 (0xf59f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:16:41 2025 GMT
Not After : Dec 13 04:16:41 2025 GMT
Subject: CN=677764ac-a5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:8f:c7:2f:7f:53:51:ce:5e:d0:88:82:18:36:
6f:46:cb:b3:66:d7:c7:e1:e5:15:04:55:5a:2d:83:
a1:2f:b5:db:67:d2:9d:3b:8f:57:5c:51:11:9c:db:
e7:5c:77:5a:e2:cc:c0:41:cf:1a:6a:6a:c4:8f:67:
51:86:dc:01:22:e2:26:af:be:d6:6e:b3:45:86:c2:
cd:c7:df:a8:97:a3:36:0f:17:e8:af:1e:56:37:08:
df:ac:9f:66:cc:e3:eb:fd:0e:ce:d0:d0:cc:ff:23:
5f:92:42:12:f0:3b:66:fe:04:41:8e:fa:a3:99:82:
72:af:b4:23:82:68:e8:51:01:80:2f:e6:d8:63:96:
42:e9:7d:d7:c1:bd:a9:3b:d4:5e:00:e2:63:dc:ab:
7c:03:de:7c:b3:14:35:83:13:89:24:b9:dd:5b:56:
3f:64:ef:db:c1:3f:2f:f2:e0:b6:1d:0d:4d:df:ad:
f7:31:e4:82:b3:c7:34:71:8b:cd:85:af:74:d6:7c:
54:aa:ea:87:15:77:98:0d:43:a1:ce:da:18:0b:17:
04:e8:aa:3f:b0:e7:4a:66:d4:33:a9:14:93:f9:76:
7d:31:8b:70:0f:17:55:6d:23:1f:dc:38:96:4a:93:
2d:16:b6:f2:b0:1d:93:d2:c0:e2:e0:ad:d0:8e:d4:
3b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:53:34:86:E1:06:9B:C6:BA:BA:34:76:20:4D:90:B1:14:02:60:87
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A63AF96C98911EFBFA230B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.34.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:fb:7a:5a:a7:d3:1b:a3:18:1f:c1:9e:2a:68:61:e8:c1:6f:
ce:12:26:d7:2b:b1:3c:85:f0:5c:bb:76:e0:46:10:80:7a:8c:
40:d3:d5:46:c5:30:72:91:45:cb:95:f4:03:a8:89:85:21:7f:
40:26:64:2a:58:11:c9:77:fa:40:2b:86:cc:b0:2a:8d:48:b0:
9d:a0:41:d7:8c:5f:03:fb:dc:f1:db:0b:c6:5e:4b:d3:88:44:
08:6f:dc:19:57:6c:ce:e3:bc:7c:f3:85:36:9d:fa:4d:d9:d9:
ab:3c:93:e7:7d:5d:8f:99:10:64:46:fb:be:f3:9a:52:12:0a:
3c:3e:82:63:06:df:d6:87:f9:ad:4a:10:da:0a:fb:92:64:97:
20:20:49:ad:0e:34:6c:f5:11:d1:74:07:a7:a8:3e:66:aa:c9:
73:2f:ad:d3:31:c0:8a:fb:b0:f9:c3:d7:f1:e9:3a:b2:64:f9:
37:f9:4d:45:51:0f:92:2a:59:50:49:83:e2:a4:85:83:10:2b:
87:51:78:a3:8c:85:b6:59:80:d2:29:fa:5c:87:37:33:4d:aa:
db:0f:7a:84:d9:1b:fe:2c:3a:3a:e7:06:1f:ae:d5:b1:6a:c4:
c4:24:a9:02:88:77:41:cd:51:fb:b0:b4:b9:0b:e1:65:62:28:
36:ca:e5:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQxNjQxWhcNMjUxMjEzMDQxNjQxWjAYMRYw
FAYDVQQDEw02Nzc3NjRhYy1hNWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8o/HL39TUc5e0IiCGDZvRsuzZtfH4eUVBFVaLYOhL7XbZ9KdO49XXFER
nNvnXHda4szAQc8aamrEj2dRhtwBIuImr77WbrNFhsLNx9+ol6M2Dxforx5WNwjf
rJ9mzOPr/Q7O0NDM/yNfkkIS8Dtm/gRBjvqjmYJyr7QjgmjoUQGAL+bYY5ZC6X3X
wb2pO9ReAOJj3Kt8A958sxQ1gxOJJLndW1Y/ZO/bwT8v8uC2HQ1N3633MeSCs8c0
cYvNha901nxUquqHFXeYDUOhztoYCxcE6Ko/sOdKZtQzqRST+XZ9MYtwDxdVbSMf
3DiWSpMtFrbysB2T0sDi4K3QjtQ7AQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLRT
NIbhBpvGuro0diBNkLEUAmCHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QTYzQUY5NkM5ODkxMUVGQkZBMjMwQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkiMA0GCSqGSIb3DQEBCwUA
A4IBAQBv+3pap9MboxgfwZ4qaGHowW/OEibXK7E8hfBcu3bgRhCAeoxA09VGxTBy
kUXLlfQDqImFIX9AJmQqWBHJd/pAK4bMsCqNSLCdoEHXjF8D+9zx2wvGXkvTiEQI
b9wZV2zO47x884U2nfpN2dmrPJPnfV2PmRBkRvu+85pSEgo8PoJjBt/Wh/mtShDa
CvuSZJcgIEmtDjRs9RHRdAenqD5mqslzL63TMcCK+7D5w9fx6TqyZPk3+U1FUQ+S
KllQSYPipIWDECuHUXijjIW2WYDSKfpchzczTarbD3qE2Rv+LDo65wYfrtWxasTE
JKkCiHdBzVH7sLS5C+FlYig2yuXm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:50 2025 by rpki-client