Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91C003B8CD6511EFBB4EFAB1762E951A.roa
File: 91C003B8CD6511EFBB4EFAB1762E951A.roa (raw, json)
Hash identifier: Enkv0rs9Wu9xHf1Nuy9kO4Ar/ncUJlrYasyLiGqkcZo=
Subject key identifier: 2E:C7:CC:12:E2:8A:42:78:D7:90:5A:0A:6C:48:74:D6:50:53:4C:E4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF3F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91C003B8CD6511EFBB4EFAB1762E951A.roa
Signing time: Wed 08 Jan 2025 02:09:19 +0000
ROA not before: Wed 08 Jan 2025 02:09:15 +0000
ROA not after: Sat 13 Dec 2025 02:09:15 +0000
asID: 984
IP address blocks: 156.247.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65343 (0xff3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 02:09:15 2025 GMT
Not After : Dec 13 02:09:15 2025 GMT
Subject: CN=677dde4f-5af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:66:98:2b:be:40:11:85:96:25:9a:b9:d0:a7:
92:37:79:47:11:0e:d1:f3:47:61:01:a2:9d:ec:a5:
45:0d:1d:80:d1:0d:fa:68:14:94:11:6b:1e:7b:87:
5b:1d:7b:0e:c8:bc:6a:2a:d4:24:72:8f:9a:74:69:
75:94:da:e2:33:69:b2:37:e1:60:aa:d0:36:68:40:
f8:ef:77:e3:01:6a:a7:03:f0:43:9a:a7:c9:03:b9:
82:7f:93:a6:c3:1a:ca:2e:0c:ad:0d:eb:57:d6:91:
33:0c:18:bf:8a:1c:99:69:25:2e:b1:37:a3:e5:12:
19:5a:89:9e:4b:9f:23:c5:85:c5:96:4f:e1:7f:47:
ab:2c:85:02:cf:72:c3:a9:29:d4:38:4c:c2:9e:54:
a7:db:f2:73:29:73:ec:c3:8b:70:48:24:30:e2:f2:
cc:4e:a9:a0:80:c7:2f:63:68:b1:da:04:16:7d:b4:
36:57:3d:16:01:dd:d0:b8:b9:ed:81:6e:17:5d:65:
3b:5b:f7:a8:58:c2:ba:1c:d1:13:19:a9:92:7c:cb:
e4:58:71:7a:09:6d:07:5a:57:76:5b:1b:bd:cb:0b:
b2:93:e7:c3:89:de:91:69:33:43:c4:74:d6:7c:57:
3e:ca:ac:c8:f8:4e:89:4e:3a:86:29:f6:42:5e:09:
4f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C7:CC:12:E2:8A:42:78:D7:90:5A:0A:6C:48:74:D6:50:53:4C:E4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/91C003B8CD6511EFBB4EFAB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.105.0/24
Signature Algorithm: sha256WithRSAEncryption
54:7a:cf:20:ca:e2:ea:5f:83:88:0a:9a:8b:d8:1e:e9:9a:91:
e1:11:73:22:71:d4:53:0f:6b:7f:43:50:b7:c7:00:ab:55:96:
b9:00:e8:3f:38:11:c2:68:b2:87:40:91:42:ff:39:ee:ea:62:
4f:18:14:fb:cf:c5:b6:5f:ef:e6:12:a0:17:e3:21:0c:84:66:
db:42:65:86:2d:20:37:fc:46:35:1f:e3:27:ec:3f:25:7a:7f:
35:82:0f:fc:3f:d4:49:52:bc:d2:03:f4:e9:6e:61:94:7a:92:
66:8e:6d:ee:54:d1:ef:fe:ba:b0:2d:ef:75:82:d7:65:bb:b8:
c7:49:ce:ed:30:96:6c:2e:e2:f6:79:60:2f:43:11:a3:37:16:
5f:cb:c9:3a:a8:58:e6:a2:29:cc:b4:6d:38:eb:f2:81:02:6a:
f4:eb:89:d3:ce:35:ab:11:b0:7f:e6:13:d8:e4:12:08:be:41:
40:52:18:fc:cf:0d:6d:d8:3a:61:03:14:ad:ca:0d:aa:c3:e0:
64:86:7d:2e:6d:7d:3d:a3:04:e1:01:df:d6:32:7a:d7:bc:7c:
8a:9a:e8:17:dd:fe:56:2e:48:86:55:a1:ef:9a:b5:56:7f:25:
9a:a8:fa:38:0b:65:7d:10:25:a7:72:c4:95:04:2f:cf:42:4d:
da:71:85:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP8/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDIwOTE1WhcNMjUxMjEzMDIwOTE1WjAYMRYw
FAYDVQQDEw02NzdkZGU0Zi01YWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3GaYK75AEYWWJZq50KeSN3lHEQ7R80dhAaKd7KVFDR2A0Q36aBSUEWse
e4dbHXsOyLxqKtQkco+adGl1lNriM2myN+FgqtA2aED473fjAWqnA/BDmqfJA7mC
f5OmwxrKLgytDetX1pEzDBi/ihyZaSUusTej5RIZWomeS58jxYXFlk/hf0erLIUC
z3LDqSnUOEzCnlSn2/JzKXPsw4twSCQw4vLMTqmggMcvY2ix2gQWfbQ2Vz0WAd3Q
uLntgW4XXWU7W/eoWMK6HNETGamSfMvkWHF6CW0HWld2Wxu9ywuyk+fDid6RaTND
xHTWfFc+yqzI+E6JTjqGKfZCXglPTQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC7H
zBLiikJ415BaCmxIdNZQU0zkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MUMwMDNCOENENjUxMUVGQkI0RUZBQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdpMA0GCSqGSIb3DQEBCwUA
A4IBAQBUes8gyuLqX4OICpqL2B7pmpHhEXMicdRTD2t/Q1C3xwCrVZa5AOg/OBHC
aLKHQJFC/znu6mJPGBT7z8W2X+/mEqAX4yEMhGbbQmWGLSA3/EY1H+Mn7D8len81
gg/8P9RJUrzSA/TpbmGUepJmjm3uVNHv/rqwLe91gtdlu7jHSc7tMJZsLuL2eWAv
QxGjNxZfy8k6qFjmoinMtG046/KBAmr064nTzjWrEbB/5hPY5BIIvkFAUhj8zw1t
2DphAxStyg2qw+Bkhn0ubX09owThAd/WMnrXvHyKmugX3f5WLkiGVaHvmrVWfyWa
qPo4C2V9ECWncsSVBC/PQk3acYWr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:49 2025 by rpki-client