Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B587B44C97E11EFA6495C6D762E951A.roa
File: 8B587B44C97E11EFA6495C6D762E951A.roa (raw, json)
Hash identifier: ZEr3OEQecjevkA5w0e/t3Dc/yvIDBDg8tp/AFeC/2qc=
Subject key identifier: 80:D2:24:A6:30:D5:9E:2B:6A:C2:AE:98:84:85:34:41:4F:A1:67:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F537
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B587B44C97E11EFA6495C6D762E951A.roa
Signing time: Fri 03 Jan 2025 02:58:01 +0000
ROA not before: Fri 03 Jan 2025 02:57:58 +0000
ROA not after: Sat 13 Dec 2025 02:57:58 +0000
asID: 984
IP address blocks: 156.229.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62775 (0xf537)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 02:57:58 2025 GMT
Not After : Dec 13 02:57:58 2025 GMT
Subject: CN=67775239-5036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:67:bb:17:a9:0b:59:24:60:8e:7c:f7:9b:cc:
3d:7e:85:e0:86:31:b7:4d:81:d9:b0:9c:eb:2c:53:
6b:cf:0f:50:d8:bd:97:a2:10:78:39:dd:66:2f:52:
9f:09:e9:7b:c6:97:98:ae:26:44:7f:0c:3a:b1:b5:
d3:24:ef:a1:72:73:d0:82:42:02:ff:b3:6a:5b:5b:
f5:56:56:4e:70:af:81:7e:d2:e6:30:1e:30:19:36:
92:9e:54:22:a0:f8:f7:69:eb:86:03:3b:1c:c8:c0:
29:bc:ec:88:02:8f:86:1a:cf:72:f1:c7:52:ed:44:
c0:ec:7b:21:3a:36:1c:9f:f6:94:5c:6d:a8:41:5c:
d6:4a:5f:3c:f3:33:ba:0a:4e:bd:e0:59:b1:42:a8:
24:7c:9c:6f:f9:61:86:a8:34:2a:84:ba:09:4f:51:
1e:f6:10:0a:d8:03:0e:83:90:66:ec:b7:5e:f8:4e:
32:d9:44:83:35:d3:43:b9:9d:9b:67:df:ef:f1:64:
82:d4:8b:55:54:21:be:82:0a:42:0d:c4:10:ad:70:
26:98:8d:26:9e:18:bf:f0:01:7d:04:63:4d:45:ba:
89:9e:34:c1:8b:36:de:19:a1:e2:80:c0:d3:52:4e:
16:75:ee:aa:ce:71:b2:3e:07:a8:3b:d4:bf:9e:2d:
ba:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D2:24:A6:30:D5:9E:2B:6A:C2:AE:98:84:85:34:41:4F:A1:67:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B587B44C97E11EFA6495C6D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.225.0/24
Signature Algorithm: sha256WithRSAEncryption
70:24:5c:24:36:6d:d8:bd:5c:95:0b:5e:5c:06:a9:66:6a:cb:
e5:81:3a:b3:bc:18:bf:86:9b:01:d6:6f:82:a3:b1:f0:5f:fa:
0f:b4:c3:45:22:51:83:67:60:a0:3d:77:1f:3f:fd:be:e2:82:
f4:df:36:59:71:5d:54:fe:8a:f7:07:07:62:e4:35:6d:1e:49:
f9:a7:3c:0a:16:6c:c5:3e:46:33:ab:63:bc:70:17:4a:25:cd:
8e:32:2e:d4:72:c8:92:b4:5d:b1:02:f5:a1:63:c9:22:00:e5:
d3:78:63:f0:00:e8:09:c4:b1:c5:b5:41:3e:a9:06:f7:93:32:
21:b0:e5:e9:75:99:76:c4:2c:5f:2f:32:b9:e9:c7:42:cf:67:
5e:ba:73:01:9c:c6:3d:32:d9:21:5d:ee:ec:70:7c:98:87:67:
7a:ff:2b:c6:32:bb:da:e2:81:2d:89:99:d6:fc:3f:70:ed:04:
98:c9:f8:fe:ef:21:1b:1a:c0:57:33:00:f6:20:c6:1a:c7:ec:
65:44:32:27:a7:9c:95:a5:d3:a0:6f:19:ee:fd:43:8d:3d:8d:
73:e8:c1:59:7a:57:ed:cb:39:9d:f2:8f:ac:94:c0:c8:6e:24:
ed:a4:e7:e4:bd:52:f6:68:6e:04:23:05:63:55:1f:b3:22:81:
ec:45:8c:e3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPU3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDI1NzU4WhcNMjUxMjEzMDI1NzU4WjAYMRYw
FAYDVQQDEw02Nzc3NTIzOS01MDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2We7F6kLWSRgjnz3m8w9foXghjG3TYHZsJzrLFNrzw9Q2L2XohB4Od1m
L1KfCel7xpeYriZEfww6sbXTJO+hcnPQgkIC/7NqW1v1VlZOcK+BftLmMB4wGTaS
nlQioPj3aeuGAzscyMApvOyIAo+GGs9y8cdS7UTA7HshOjYcn/aUXG2oQVzWSl88
8zO6Ck694FmxQqgkfJxv+WGGqDQqhLoJT1Ee9hAK2AMOg5Bm7Lde+E4y2USDNdND
uZ2bZ9/v8WSC1ItVVCG+ggpCDcQQrXAmmI0mnhi/8AF9BGNNRbqJnjTBizbeGaHi
gMDTUk4Wde6qznGyPgeoO9S/ni26pQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIDS
JKYw1Z4rasKumISFNEFPoWevMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QjU4N0I0NEM5N0UxMUVGQTY0OTVDNkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXhMA0GCSqGSIb3DQEBCwUA
A4IBAQBwJFwkNm3YvVyVC15cBqlmasvlgTqzvBi/hpsB1m+Co7HwX/oPtMNFIlGD
Z2CgPXcfP/2+4oL03zZZcV1U/or3Bwdi5DVtHkn5pzwKFmzFPkYzq2O8cBdKJc2O
Mi7UcsiStF2xAvWhY8kiAOXTeGPwAOgJxLHFtUE+qQb3kzIhsOXpdZl2xCxfLzK5
6cdCz2deunMBnMY9MtkhXe7scHyYh2d6/yvGMrva4oEtiZnW/D9w7QSYyfj+7yEb
GsBXMwD2IMYax+xlRDInp5yVpdOgbxnu/UONPY1z6MFZelftyzmd8o+slMDIbiTt
pOfkvVL2aG4EIwVjVR+zIoHsRYzj
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:29 2025 by rpki-client