Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8AF2A99EC99311EF8F282976762E951A.roa
File: 8AF2A99EC99311EF8F282976762E951A.roa (raw, json)
Hash identifier: PE979syXmNwpEht3YjYlwJ6snT2rAvIjbXwrmMIJSaE=
Subject key identifier: 05:0E:F4:B2:5F:C5:00:03:1A:AA:85:3A:DD:8C:81:DB:C8:EF:66:E6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8AF2A99EC99311EF8F282976762E951A.roa
Signing time: Fri 03 Jan 2025 05:28:20 +0000
ROA not before: Fri 03 Jan 2025 05:28:16 +0000
ROA not after: Mon 13 Dec 2027 05:28:16 +0000
asID: 17561
IP address blocks: 156.233.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62971 (0xf5fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:28:16 2025 GMT
Not After : Dec 13 05:28:16 2027 GMT
Subject: CN=67777574-4d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:91:1d:a0:7e:f2:b2:7a:a4:b7:3b:07:eb:f2:
32:99:86:0f:4f:2e:2d:a9:21:3d:15:41:76:c4:eb:
4e:cd:0f:ed:ce:fe:a0:c6:06:51:83:b5:88:58:9d:
75:7e:b0:d4:66:0a:12:de:4c:44:b9:50:72:b9:6c:
b8:cd:a8:df:59:d7:87:db:fd:20:e7:1f:c3:ee:6b:
da:23:05:97:2c:53:50:a7:f4:b4:18:55:d0:96:07:
24:91:12:da:18:8b:71:a6:6b:f5:6c:c2:b1:65:1f:
a3:d6:46:f0:18:8f:9a:35:40:7c:c0:1f:27:2b:4f:
ba:3a:19:bf:0b:e9:53:77:44:bf:ab:dc:c9:18:c2:
93:d8:26:bc:f3:56:fe:46:37:26:51:a6:fa:e8:a4:
67:d6:0b:93:55:92:85:09:cf:5d:16:03:31:c5:b5:
05:fa:6a:b9:8f:5c:dd:3d:86:d7:65:ac:94:4d:4f:
ea:b4:b9:d9:ca:e2:cb:5b:8d:32:2a:79:ed:8c:56:
71:aa:20:7e:bf:ec:31:f0:a6:d7:7a:51:37:d3:6b:
67:72:2f:c2:67:8c:c7:b0:f0:d6:4d:77:6f:64:e2:
05:50:c7:75:b9:56:c6:8e:5f:7f:7f:50:6c:f7:b4:
4c:8e:91:ab:92:3b:c7:fc:cd:23:66:e6:ae:86:a3:
55:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0E:F4:B2:5F:C5:00:03:1A:AA:85:3A:DD:8C:81:DB:C8:EF:66:E6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8AF2A99EC99311EF8F282976762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.130.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:97:53:d5:a1:83:73:3b:4d:11:fd:bf:d1:a9:6d:4c:03:c6:
2d:ae:39:4c:e9:50:68:bc:22:a5:59:42:bd:0d:be:34:ac:75:
33:bd:2f:9a:9f:82:9f:93:0c:79:38:7e:8e:c3:22:a9:ea:87:
44:5d:39:2a:14:1d:c9:19:fa:0c:a2:ea:08:12:03:11:15:38:
c1:fd:bd:66:ae:a1:d8:2f:1f:5f:e3:9d:27:7b:d7:bf:4d:d7:
44:c6:51:e4:3d:5d:f6:2d:7a:6a:38:1f:75:3b:52:76:50:84:
95:e4:c1:a2:90:95:b4:25:3f:27:a2:83:65:5e:ab:34:86:c1:
53:30:14:03:ca:07:c3:82:f0:d7:bc:bc:a6:a2:fc:cf:ca:18:
bf:2f:5e:42:35:94:96:2a:88:30:38:26:38:76:cd:9e:91:48:
9b:fa:17:29:f7:79:9e:59:81:24:08:e2:58:27:e0:46:fd:eb:
91:6c:5d:36:f0:c3:cc:c3:14:34:86:90:07:23:bd:a6:f5:24:
f2:02:2b:7e:c7:bc:02:2e:ab:37:29:86:d3:bf:1e:0e:1a:c6:
63:49:41:70:23:a5:08:8e:18:60:f3:d5:2e:9a:d3:e8:5a:56:
7e:c3:b1:98:47:e5:2b:f4:be:43:ce:3a:62:eb:d4:f5:ba:6c:
b6:89:2e:65
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPX7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUyODE2WhcNMjcxMjEzMDUyODE2WjAYMRYw
FAYDVQQDEw02Nzc3NzU3NC00ZDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0pEdoH7ysnqktzsH6/IymYYPTy4tqSE9FUF2xOtOzQ/tzv6gxgZRg7WI
WJ11frDUZgoS3kxEuVByuWy4zajfWdeH2/0g5x/D7mvaIwWXLFNQp/S0GFXQlgck
kRLaGItxpmv1bMKxZR+j1kbwGI+aNUB8wB8nK0+6Ohm/C+lTd0S/q9zJGMKT2Ca8
81b+RjcmUab66KRn1guTVZKFCc9dFgMxxbUF+mq5j1zdPYbXZayUTU/qtLnZyuLL
W40yKnntjFZxqiB+v+wx8KbXelE302tnci/CZ4zHsPDWTXdvZOIFUMd1uVbGjl9/
f1Bs97RMjpGrkjvH/M0jZuauhqNVuQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAUO
9LJfxQADGqqFOt2MgdvI72bmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QUYyQTk5RUM5OTMxMUVGOEYyODI5NzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmCMA0GCSqGSIb3DQEBCwUA
A4IBAQCMl1PVoYNzO00R/b/RqW1MA8YtrjlM6VBovCKlWUK9Db40rHUzvS+an4Kf
kwx5OH6OwyKp6odEXTkqFB3JGfoMouoIEgMRFTjB/b1mrqHYLx9f450ne9e/TddE
xlHkPV32LXpqOB91O1J2UISV5MGikJW0JT8nooNlXqs0hsFTMBQDygfDgvDXvLym
ovzPyhi/L15CNZSWKogwOCY4ds2ekUib+hcp93meWYEkCOJYJ+BG/euRbF028MPM
wxQ0hpAHI72m9STyAit+x7wCLqs3KYbTvx4OGsZjSUFwI6UIjhhg89UumtPoWlZ+
w7GYR+Ur9L5Dzjpi69T1umy2iS5l
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:45 2025 by rpki-client