Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93A26822CDCB11EFA72C5F42762E951A.roa
File: 93A26822CDCB11EFA72C5F42762E951A.roa (raw, json)
Hash identifier: 5FE3KrIIJPsNlsu9gn2ih21JcrE6WmqnnMPaQx+V534=
Subject key identifier: B5:D5:9C:14:5D:E1:03:26:C3:E6:F3:5E:E6:55:CA:D5:31:E3:73:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101E0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93A26822CDCB11EFA72C5F42762E951A.roa
Signing time: Wed 08 Jan 2025 14:19:31 +0000
ROA not before: Wed 08 Jan 2025 14:19:27 +0000
ROA not after: Tue 16 Dec 2025 14:19:27 +0000
asID: 984
IP address blocks: 156.249.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66016 (0x101e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:19:27 2025 GMT
Not After : Dec 16 14:19:27 2025 GMT
Subject: CN=677e8973-ae1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0a:81:97:f1:03:72:2e:9b:ac:40:84:50:99:
c2:40:88:5f:2a:92:6b:31:06:60:a7:d5:07:1b:37:
22:52:42:da:4e:f1:19:4c:1d:ca:9e:8f:40:dc:42:
52:1d:7e:b0:c1:be:b0:b7:e5:1c:67:44:36:4b:f3:
ba:4f:c8:a0:fc:d5:7f:df:45:79:e1:64:06:fd:44:
aa:6b:cb:32:8e:28:b2:4f:58:64:24:5d:3f:ae:b6:
04:1e:f9:0f:bb:9f:18:18:4e:a6:62:0f:71:01:d8:
9c:70:f3:7e:d6:9d:42:4a:83:11:50:e1:ed:3f:fe:
3a:ec:14:da:41:58:ed:88:bc:db:6b:d5:ae:7a:32:
89:3d:4c:c9:ec:a0:62:36:d6:b2:fb:08:e1:f1:48:
62:43:11:c5:40:08:07:bc:36:fd:14:2b:17:f3:78:
ad:6f:0b:2f:96:99:12:0b:27:b3:c3:96:5e:48:84:
e9:e3:f3:dd:11:5d:d6:96:71:36:ae:52:26:a1:d4:
b8:fb:0b:00:94:ac:14:d8:01:55:93:17:55:41:90:
56:dc:63:17:1a:15:60:67:56:e9:b9:a6:43:d8:a6:
fb:02:13:99:c7:5d:a5:80:8d:04:97:18:44:36:27:
b8:78:a8:88:40:b4:68:d0:a1:30:76:24:85:07:b9:
d1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D5:9C:14:5D:E1:03:26:C3:E6:F3:5E:E6:55:CA:D5:31:E3:73:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93A26822CDCB11EFA72C5F42762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.72.0/24
Signature Algorithm: sha256WithRSAEncryption
62:9d:56:c0:58:cc:b5:45:52:b5:1b:b7:5f:2f:93:72:9f:8a:
36:4b:a5:8d:c1:61:87:8e:fc:1e:d6:42:df:e4:ad:62:96:77:
06:28:4d:50:1d:95:e4:a4:32:06:3e:99:04:b8:3e:e7:fe:4b:
30:d6:00:e4:b4:7c:d6:8e:75:f3:d8:f3:9b:b0:d3:1e:64:18:
9a:13:4f:17:ce:21:84:e2:56:0c:53:62:e0:6b:b6:83:6a:56:
0d:5d:13:bb:b9:27:31:d3:61:82:bd:75:10:74:6b:46:fc:4f:
83:83:fb:4a:ae:b9:c6:54:06:4d:d8:24:b2:f4:18:d4:cf:46:
27:d4:aa:0b:87:78:b0:83:30:aa:69:bc:f2:9c:69:d0:f1:d8:
3e:4d:76:94:38:ef:f8:c9:99:77:9b:b9:2c:0c:0e:b3:d3:05:
4f:ca:4f:d4:15:28:99:c7:9f:48:bc:fa:40:07:7c:ed:1f:be:
54:ef:f2:e1:fa:5a:ac:0b:53:1c:a0:a0:4f:1d:97:cb:26:a0:
29:a7:93:9e:15:1d:c5:15:fd:89:aa:64:7e:be:f3:74:ea:54:
b1:c5:8b:f0:f0:56:58:a7:3e:84:72:b1:19:78:9f:68:11:d5:
48:0a:45:92:99:cf:57:fe:05:8d:f5:6c:ab:9b:71:b9:54:68:
34:6b:28:01
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQHgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQxOTI3WhcNMjUxMjE2MTQxOTI3WjAYMRYw
FAYDVQQDEw02NzdlODk3My1hZTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAygqBl/EDci6brECEUJnCQIhfKpJrMQZgp9UHGzciUkLaTvEZTB3Kno9A
3EJSHX6wwb6wt+UcZ0Q2S/O6T8ig/NV/30V54WQG/USqa8syjiiyT1hkJF0/rrYE
HvkPu58YGE6mYg9xAdiccPN+1p1CSoMRUOHtP/467BTaQVjtiLzba9WuejKJPUzJ
7KBiNtay+wjh8UhiQxHFQAgHvDb9FCsX83itbwsvlpkSCyezw5ZeSITp4/PdEV3W
lnE2rlImodS4+wsAlKwU2AFVkxdVQZBW3GMXGhVgZ1bpuaZD2Kb7AhOZx12lgI0E
lxhENie4eKiIQLRo0KEwdiSFB7nR2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLXV
nBRd4QMmw+bzXuZVytUx43PAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85M0EyNjgyMkNEQ0IxMUVGQTcyQzVGNDI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlIMA0GCSqGSIb3DQEBCwUA
A4IBAQBinVbAWMy1RVK1G7dfL5Nyn4o2S6WNwWGHjvwe1kLf5K1ilncGKE1QHZXk
pDIGPpkEuD7n/ksw1gDktHzWjnXz2PObsNMeZBiaE08XziGE4lYMU2Lga7aDalYN
XRO7uScx02GCvXUQdGtG/E+Dg/tKrrnGVAZN2CSy9BjUz0Yn1KoLh3iwgzCqabzy
nGnQ8dg+TXaUOO/4yZl3m7ksDA6z0wVPyk/UFSiZx59IvPpAB3ztH75U7/Lh+lqs
C1McoKBPHZfLJqApp5OeFR3FFf2JqmR+vvN06lSxxYvw8FZYpz6EcrEZeJ9oEdVI
CkWSmc9X/gWN9Wyrm3G5VGg0aygB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:17 2025 by rpki-client