Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95EDB3A2CCFE11EFA04A619F762E951A.roa
File: 95EDB3A2CCFE11EFA04A619F762E951A.roa (raw, json)
Hash identifier: aRmZQuhR958VkAbNrNWvBWpuRDlxYcc2ioClLoU5YlA=
Subject key identifier: 7C:25:F8:99:81:86:1D:26:7A:01:15:B2:FF:02:C1:3E:AB:A7:AD:2C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC5D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95EDB3A2CCFE11EFA04A619F762E951A.roa
Signing time: Tue 07 Jan 2025 13:52:08 +0000
ROA not before: Tue 07 Jan 2025 13:52:04 +0000
ROA not after: Sat 13 Dec 2025 13:52:04 +0000
asID: 984
IP address blocks: 156.238.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64605 (0xfc5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 13:52:04 2025 GMT
Not After : Dec 13 13:52:04 2025 GMT
Subject: CN=677d3188-fe20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1a:da:7e:51:05:85:06:8d:26:74:9e:72:de:
9f:08:a6:dc:da:e7:a7:43:ea:de:48:b9:92:fd:ca:
1b:96:b7:48:11:90:0c:54:2d:8f:41:33:6c:0b:77:
8d:4b:6a:0b:bd:43:1e:01:cc:6a:3a:13:26:f3:7d:
5a:b7:82:fe:ac:34:e0:ec:69:49:79:b6:48:4f:1c:
f0:01:40:bd:6a:c4:de:19:e1:70:bd:bd:7c:09:4e:
11:f3:5c:57:08:2f:c8:af:d8:03:23:90:8f:4d:0d:
2e:2b:d4:42:db:17:e8:a7:47:1a:3b:c6:2a:9d:dd:
a2:dd:db:df:5a:09:fe:15:05:51:47:c9:13:ac:8a:
da:b4:af:f2:0b:97:10:1d:e6:95:2a:18:60:41:8e:
07:b5:dc:c1:69:ce:3e:d6:21:a5:b3:9d:ec:6d:8f:
8d:94:ba:7c:9b:fc:74:19:b7:21:2e:d5:f2:7d:be:
1c:46:86:fb:77:12:25:87:b5:4e:08:56:a7:a2:a9:
99:21:52:6d:bd:99:9b:fb:8a:3b:0d:dd:a9:14:2d:
44:3c:77:8d:c8:fe:43:1f:14:aa:f0:fa:db:a0:7e:
43:62:28:fc:15:c7:b4:c0:39:e2:db:21:d0:cf:22:
da:9d:c4:35:a4:37:ad:7e:d8:8c:7e:5a:ef:f1:05:
ac:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:25:F8:99:81:86:1D:26:7A:01:15:B2:FF:02:C1:3E:AB:A7:AD:2C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95EDB3A2CCFE11EFA04A619F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.103.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:88:f4:13:2f:de:39:b6:e0:2b:78:f6:9e:e2:46:e5:13:3b:
d0:88:56:6d:0d:be:96:04:2e:85:da:db:a8:43:b6:fe:25:e9:
9c:9e:6d:61:40:90:ae:4d:72:2d:ab:00:d5:9a:92:4b:0d:c0:
30:63:5e:12:d0:2d:57:3e:8c:4b:b1:43:61:5c:f5:79:88:00:
9a:eb:e9:69:46:3f:41:b1:af:2f:92:6a:8e:c3:bf:bd:62:f5:
07:13:a3:e9:42:e1:2b:d6:61:88:9f:f8:4c:34:71:93:08:8e:
b0:6d:41:28:59:3f:7f:f5:46:48:a9:45:52:81:77:38:97:54:
ff:73:ea:d1:cb:f1:60:46:7f:bb:d6:9b:8c:c8:3f:a5:89:a9:
49:82:3f:f8:a9:cc:f4:aa:f3:d4:d1:53:f1:90:18:99:6a:6c:
84:48:17:d7:b2:45:ae:df:19:36:10:7e:b1:d8:a5:72:56:0c:
e0:ae:f9:44:d3:0d:ab:ce:0e:b8:bc:fb:15:01:c2:48:d4:3d:
a4:bc:31:f8:dc:ef:43:a5:09:98:8e:d0:a0:2d:41:87:20:f8:
05:38:05:32:16:bf:f4:18:3f:f2:c8:e9:27:0d:9c:13:a0:61:
dd:90:d4:44:a5:20:cf:9a:b4:00:aa:b2:39:8a:c5:1c:a4:3d:
33:3a:92:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPxdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTM1MjA0WhcNMjUxMjEzMTM1MjA0WjAYMRYw
FAYDVQQDEw02NzdkMzE4OC1mZTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxBraflEFhQaNJnSect6fCKbc2uenQ+reSLmS/coblrdIEZAMVC2PQTNs
C3eNS2oLvUMeAcxqOhMm831at4L+rDTg7GlJebZITxzwAUC9asTeGeFwvb18CU4R
81xXCC/Ir9gDI5CPTQ0uK9RC2xfop0caO8Yqnd2i3dvfWgn+FQVRR8kTrIratK/y
C5cQHeaVKhhgQY4HtdzBac4+1iGls53sbY+NlLp8m/x0GbchLtXyfb4cRob7dxIl
h7VOCFanoqmZIVJtvZmb+4o7Dd2pFC1EPHeNyP5DHxSq8PrboH5DYij8Fce0wDni
2yHQzyLancQ1pDetftiMflrv8QWsRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHwl
+JmBhh0megEVsv8CwT6rp60sMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NUVEQjNBMkNDRkUxMUVGQTA0QTYxOUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5nMA0GCSqGSIb3DQEBCwUA
A4IBAQCxiPQTL945tuArePae4kblEzvQiFZtDb6WBC6F2tuoQ7b+Jemcnm1hQJCu
TXItqwDVmpJLDcAwY14S0C1XPoxLsUNhXPV5iACa6+lpRj9Bsa8vkmqOw7+9YvUH
E6PpQuEr1mGIn/hMNHGTCI6wbUEoWT9/9UZIqUVSgXc4l1T/c+rRy/FgRn+71puM
yD+lialJgj/4qcz0qvPU0VPxkBiZamyESBfXskWu3xk2EH6x2KVyVgzgrvlE0w2r
zg64vPsVAcJI1D2kvDH43O9DpQmYjtCgLUGHIPgFOAUyFr/0GD/yyOknDZwToGHd
kNREpSDPmrQAqrI5isUcpD0zOpLa
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:39 2025 by rpki-client