Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95F70AA8CD6011EF922C9F8E762E951A.roa
File: 95F70AA8CD6011EF922C9F8E762E951A.roa (raw, json)
Hash identifier: Jl4a29C4IKoGOynSOTJRbl7tM9PxYn+cYS5jfRQoegM=
Subject key identifier: A2:B8:F8:D7:DF:46:EA:94:A6:62:AF:48:2F:9C:34:AB:89:41:39:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF2F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95F70AA8CD6011EF922C9F8E762E951A.roa
Signing time: Wed 08 Jan 2025 01:33:39 +0000
ROA not before: Wed 08 Jan 2025 01:33:35 +0000
ROA not after: Sat 13 Dec 2025 01:33:35 +0000
asID: 984
IP address blocks: 156.247.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65327 (0xff2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 01:33:35 2025 GMT
Not After : Dec 13 01:33:35 2025 GMT
Subject: CN=677dd5f3-23d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:58:18:e7:99:7f:56:6b:91:68:8a:f2:77:0a:
0d:66:78:a1:8f:82:5e:8f:8a:8b:39:a4:83:13:40:
16:5d:19:dd:c0:42:35:d3:62:3b:01:97:dc:6e:d0:
60:3e:0d:0e:91:ab:e3:68:5f:85:25:a5:fd:a9:cd:
e1:b4:ea:e2:46:43:aa:2c:60:3c:83:76:9b:3c:a8:
28:07:8a:be:d5:e2:d4:29:a1:2b:b0:75:91:a0:0e:
cb:90:ca:be:d8:69:56:4f:6d:6f:70:43:1a:bd:b5:
0b:08:1b:57:7f:32:57:33:78:4e:6c:f5:78:3f:5e:
a1:a7:31:92:1d:be:a3:f0:2d:32:d4:82:83:8a:d3:
a2:00:5c:79:89:57:6d:ad:2b:e8:5b:80:3b:3d:e8:
03:f7:7b:88:b6:e8:00:c8:0b:f0:5d:e9:ec:51:8c:
a5:0b:19:77:41:8d:f3:3e:59:e1:2c:bb:95:08:75:
3d:7c:41:92:c1:08:9c:85:95:e6:c9:fd:ff:38:cb:
50:ea:69:d2:dc:25:ed:ba:6a:42:18:58:ff:32:a8:
d5:8e:78:d7:1e:fe:8a:b7:ba:a2:10:80:4a:f9:e7:
0d:06:01:95:78:49:48:6b:1f:e5:a5:4b:b5:e5:87:
e6:c1:83:ac:18:85:9c:88:78:05:cc:d1:9f:17:44:
68:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B8:F8:D7:DF:46:EA:94:A6:62:AF:48:2F:9C:34:AB:89:41:39:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/95F70AA8CD6011EF922C9F8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.96.0/24
Signature Algorithm: sha256WithRSAEncryption
17:af:40:e0:97:d2:2d:eb:7d:88:c0:3e:10:14:03:48:6a:a7:
f5:e6:6b:e3:70:56:8f:90:af:9d:df:17:82:eb:d0:05:66:31:
f5:50:d5:62:7d:36:9e:9a:63:c7:2a:8b:7a:9c:4f:eb:54:e7:
bc:a8:c3:e2:dd:5c:a5:d2:0d:6b:f5:36:4b:85:fb:85:3a:5c:
6f:30:35:fe:1e:08:07:42:57:65:dd:80:64:f6:f9:e0:77:db:
c3:80:b5:09:34:b2:93:aa:d0:64:34:95:ee:5b:58:70:54:04:
36:99:9d:30:f2:4c:ca:1a:03:c7:6b:c9:1a:8c:0b:fb:d1:84:
be:19:82:da:ec:cf:c9:a3:b6:21:a4:7e:bc:3d:88:ba:51:fa:
c3:8a:b0:37:87:c3:ba:ad:80:09:74:cc:1a:e9:63:46:33:4b:
80:7a:5e:fa:4b:8f:32:c7:f8:50:6c:ee:f6:e1:00:4c:75:1d:
3b:14:5b:65:b4:17:36:3a:4b:c0:b9:b4:44:e0:5e:9e:b2:da:
30:74:89:05:5a:c4:dd:40:86:8a:06:8d:73:d1:8e:d9:a6:3d:
24:4d:98:19:c8:0e:6f:fe:4f:3a:a9:44:2b:28:12:d2:1c:c5:
1d:17:42:87:95:45:f0:a5:f1:51:00:d9:e0:83:67:a3:29:c9:
cd:34:09:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP8vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDEzMzM1WhcNMjUxMjEzMDEzMzM1WjAYMRYw
FAYDVQQDEw02NzdkZDVmMy0yM2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0lgY55l/VmuRaIrydwoNZnihj4Jej4qLOaSDE0AWXRndwEI102I7AZfc
btBgPg0OkavjaF+FJaX9qc3htOriRkOqLGA8g3abPKgoB4q+1eLUKaErsHWRoA7L
kMq+2GlWT21vcEMavbULCBtXfzJXM3hObPV4P16hpzGSHb6j8C0y1IKDitOiAFx5
iVdtrSvoW4A7PegD93uItugAyAvwXensUYylCxl3QY3zPlnhLLuVCHU9fEGSwQic
hZXmyf3/OMtQ6mnS3CXtumpCGFj/MqjVjnjXHv6Kt7qiEIBK+ecNBgGVeElIax/l
pUu15YfmwYOsGIWciHgFzNGfF0RovwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKK4
+NffRuqUpmKvSC+cNKuJQTn5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NUY3MEFBOENENjAxMUVGOTIyQzlGOEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdgMA0GCSqGSIb3DQEBCwUA
A4IBAQAXr0Dgl9It632IwD4QFANIaqf15mvjcFaPkK+d3xeC69AFZjH1UNVifTae
mmPHKot6nE/rVOe8qMPi3Vyl0g1r9TZLhfuFOlxvMDX+HggHQldl3YBk9vngd9vD
gLUJNLKTqtBkNJXuW1hwVAQ2mZ0w8kzKGgPHa8kajAv70YS+GYLa7M/Jo7YhpH68
PYi6UfrDirA3h8O6rYAJdMwa6WNGM0uAel76S48yx/hQbO724QBMdR07FFtltBc2
OkvAubRE4F6estowdIkFWsTdQIaKBo1z0Y7Zpj0kTZgZyA5v/k86qUQrKBLSHMUd
F0KHlUXwpfFRANngg2ejKcnNNAlS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:15 2025 by rpki-client