Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/90684180D31211EF8EACC3BE762E951A.roa
File: 90684180D31211EF8EACC3BE762E951A.roa (raw, json)
Hash identifier: 3ltASxVnnWU+frN0Sjdk76RvrhfK19kJ7Ouf0gWDs50=
Subject key identifier: 64:9C:CC:F6:3D:71:4E:3C:E6:18:3D:5F:4E:CF:41:09:A2:15:DF:C7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010855
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/90684180D31211EF8EACC3BE762E951A.roa
Signing time: Wed 15 Jan 2025 07:30:16 +0000
ROA not before: Wed 15 Jan 2025 07:30:12 +0000
ROA not after: Sat 03 Jan 2026 07:30:12 +0000
asID: 984
IP address blocks: 156.254.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67669 (0x10855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:30:12 2025 GMT
Not After : Jan 3 07:30:12 2026 GMT
Subject: CN=67876408-4524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0e:11:17:b9:c4:b6:59:a2:4c:21:dc:d2:95:
04:ba:e4:89:c7:ef:ea:ad:00:a8:1d:b0:09:93:4d:
08:ed:4e:47:5a:c2:d8:52:9c:47:db:2b:ad:18:4d:
f7:81:8a:3d:b8:e5:dc:aa:82:df:d1:a1:b9:16:45:
97:c4:3b:3a:1d:dc:1d:ba:76:02:ba:c6:a5:58:33:
77:ec:78:19:eb:ff:f2:68:15:44:67:cb:0d:70:a0:
c1:14:bd:91:12:bc:a9:27:2c:7a:7a:d0:e8:df:a4:
63:55:bc:65:3d:9e:f2:a7:9b:18:2d:a3:f3:b1:0a:
4d:58:6e:e0:c9:26:b7:88:92:f0:2f:83:69:f4:db:
c1:2e:18:fd:d6:ee:5c:ee:89:b3:23:57:6a:90:db:
6d:61:96:92:16:e4:63:ca:5f:89:00:65:89:d7:a6:
b2:79:68:39:14:9b:f8:42:7d:66:61:e6:1d:78:a4:
c1:6c:e0:93:f1:88:ec:5b:03:2c:b4:e1:3f:5c:02:
06:9c:b8:ad:32:89:d8:42:f4:a1:71:5d:fd:d1:b4:
f9:f2:07:44:c5:26:45:7a:fa:d4:60:31:fc:d6:21:
e0:63:0e:74:d2:17:4d:7f:9f:92:f8:11:df:2a:91:
04:87:5f:03:43:81:17:ec:96:53:48:be:9e:1f:d2:
ba:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9C:CC:F6:3D:71:4E:3C:E6:18:3D:5F:4E:CF:41:09:A2:15:DF:C7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/90684180D31211EF8EACC3BE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.64.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:f8:1a:ed:6a:fa:69:f4:e7:37:d5:cc:32:eb:f6:f7:37:81:
da:35:0d:43:9c:06:bd:b7:cb:16:e2:7b:69:1b:ac:d5:af:07:
7b:5d:91:72:58:6a:98:3a:f3:0f:56:d1:5f:0d:61:42:1e:40:
d9:01:6a:93:a0:43:0d:d2:ff:a1:6c:30:03:57:e5:91:96:6a:
4d:23:6e:06:11:24:61:bc:c0:99:c7:04:fe:be:85:de:39:a5:
34:14:73:31:0e:f6:e4:18:85:9d:ad:47:e1:43:49:18:ed:f2:
58:69:16:ce:d2:a2:2d:7c:48:80:48:1e:6c:25:ee:f2:e6:60:
51:8f:39:95:bb:76:58:ff:cd:b8:b4:0b:b8:b6:63:f3:9a:69:
af:5d:01:22:08:5c:16:73:c0:07:15:72:1a:df:d2:0e:29:f3:
7b:6a:2d:7f:49:a7:a8:f6:6e:cf:a4:a1:cb:52:6a:70:52:fd:
92:c4:c0:06:83:83:a1:2b:b0:de:c5:6a:ec:49:a6:4e:9c:ea:
04:cc:34:dc:77:d2:88:e0:b7:1e:a6:c2:ab:73:4f:5a:b3:b7:
99:89:0a:4c:54:84:61:fe:d1:e5:43:b8:94:28:67:2c:e3:1f:
e9:55:fc:26:0b:03:bc:92:45:78:4a:94:c0:c6:2c:14:63:95:
a0:3e:7b:d7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDczMDEyWhcNMjYwMTAzMDczMDEyWjAYMRYw
FAYDVQQDEw02Nzg3NjQwOC00NTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmg4RF7nEtlmiTCHc0pUEuuSJx+/qrQCoHbAJk00I7U5HWsLYUpxH2yut
GE33gYo9uOXcqoLf0aG5FkWXxDs6HdwdunYCusalWDN37HgZ6//yaBVEZ8sNcKDB
FL2RErypJyx6etDo36RjVbxlPZ7yp5sYLaPzsQpNWG7gySa3iJLwL4Np9NvBLhj9
1u5c7omzI1dqkNttYZaSFuRjyl+JAGWJ16ayeWg5FJv4Qn1mYeYdeKTBbOCT8Yjs
WwMstOE/XAIGnLitMonYQvShcV390bT58gdExSZFevrUYDH81iHgYw500hdNf5+S
+BHfKpEEh18DQ4EX7JZTSL6eH9K6CQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGSc
zPY9cU485hg9X07PQQmiFd/HMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MDY4NDE4MEQzMTIxMUVGOEVBQ0MzQkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5AMA0GCSqGSIb3DQEBCwUA
A4IBAQCb+Brtavpp9Oc31cwy6/b3N4HaNQ1DnAa9t8sW4ntpG6zVrwd7XZFyWGqY
OvMPVtFfDWFCHkDZAWqToEMN0v+hbDADV+WRlmpNI24GESRhvMCZxwT+voXeOaU0
FHMxDvbkGIWdrUfhQ0kY7fJYaRbO0qItfEiASB5sJe7y5mBRjzmVu3ZY/824tAu4
tmPzmmmvXQEiCFwWc8AHFXIa39IOKfN7ai1/Saeo9m7PpKHLUmpwUv2SxMAGg4Oh
K7DexWrsSaZOnOoEzDTcd9KI4LcepsKrc09as7eZiQpMVIRh/tHlQ7iUKGcs4x/p
VfwmCwO8kkV4SpTAxiwUY5WgPnvX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:20 2025 by rpki-client