Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/96B64F44CDC911EFB161DAB5762E951A.roa
File: 96B64F44CDC911EFB161DAB5762E951A.roa (raw, json)
Hash identifier: orFdmph5wayORxV73ZyY9MHA7mpAFdiDDQn3mHeQ/2A=
Subject key identifier: 16:D9:78:03:C4:49:F3:EA:66:C3:F6:11:5F:B3:E8:1B:0D:42:0C:A5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101C0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/96B64F44CDC911EFB161DAB5762E951A.roa
Signing time: Wed 08 Jan 2025 14:05:17 +0000
ROA not before: Wed 08 Jan 2025 14:05:14 +0000
ROA not after: Tue 16 Dec 2025 14:05:14 +0000
asID: 984
IP address blocks: 156.249.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65984 (0x101c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:05:14 2025 GMT
Not After : Dec 16 14:05:14 2025 GMT
Subject: CN=677e861d-57f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a5:63:d3:14:5f:e5:fd:dd:35:af:19:12:d6:
38:30:c3:26:2d:66:24:88:63:69:50:f1:40:60:ce:
fa:72:6c:94:62:90:90:2d:7f:53:ee:db:2b:a6:df:
b7:56:ee:45:bd:37:18:24:98:32:b1:81:9e:c2:78:
38:7a:79:d8:ca:a7:77:16:97:0e:fb:47:11:f6:4a:
07:97:33:9a:26:b4:be:2b:da:bc:b0:e0:48:8d:e9:
d3:cc:63:8f:a3:77:27:f9:9b:78:ec:7e:79:fc:a7:
a2:fb:fb:28:f5:2a:a7:7e:46:51:ed:b9:9a:49:26:
bb:a3:67:d4:ad:4a:ed:f7:67:46:25:c7:c6:9e:a6:
65:94:a0:fc:fd:ec:68:1e:d9:d8:88:33:dc:79:1a:
55:cb:dc:68:4d:7b:e5:94:b2:06:7b:52:0e:51:6a:
3f:2e:8d:13:19:f3:e7:93:bf:96:24:13:c2:d9:34:
7d:6d:0b:e7:c2:1e:16:23:43:f9:b0:62:4b:73:8f:
ce:a0:54:88:22:80:41:45:b0:86:37:7f:67:0f:65:
22:29:6f:49:d0:41:31:12:c0:84:38:d8:57:52:85:
9b:cb:82:63:69:29:fe:33:ae:27:4c:c8:6f:b5:13:
e7:7d:66:50:a0:04:7e:58:46:1c:38:60:79:4d:7d:
65:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D9:78:03:C4:49:F3:EA:66:C3:F6:11:5F:B3:E8:1B:0D:42:0C:A5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/96B64F44CDC911EFB161DAB5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.60.0/24
Signature Algorithm: sha256WithRSAEncryption
14:d4:9e:23:50:fe:44:37:06:3d:c6:e2:21:11:c8:bb:df:11:
86:ab:68:c5:8f:aa:fc:23:fe:25:a5:00:06:78:aa:cf:64:67:
63:bd:78:39:fa:3f:a9:72:2f:6e:a7:5e:c9:99:a6:cf:18:14:
9c:70:e4:c3:e8:fe:6a:c9:e3:0e:1d:a7:0a:3b:45:8f:6a:74:
1b:cb:69:f6:0f:f8:1b:04:52:c1:02:69:a6:68:f1:a3:c8:29:
24:4e:f7:68:f1:ba:9a:a0:f0:de:6c:95:c6:ae:fb:12:e8:6c:
89:ff:5c:57:7e:fd:ad:16:83:ac:a3:5e:ae:10:09:be:bf:02:
37:00:7c:47:b7:a6:f8:48:8c:0b:ab:2c:a7:b1:a2:c0:6a:46:
95:f3:39:5e:af:35:96:02:df:1f:30:6d:c9:2a:cb:15:37:16:
cc:0d:0c:94:07:f9:25:8b:2d:6d:d9:63:6b:3e:1e:54:f2:1d:
35:06:48:0c:6d:2d:47:21:95:bf:c6:ed:bd:41:b7:2e:78:91:
15:ab:d4:ce:e3:93:f0:3b:e9:98:10:dc:d8:6f:d1:01:b3:2a:
a0:2e:b8:1c:e4:9c:eb:ed:3a:ce:99:58:ab:3f:4a:92:ff:2c:
56:90:5c:aa:ef:91:20:7f:b6:9d:86:a5:48:c1:59:7d:19:ad:
c4:13:c8:2d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQHAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQwNTE0WhcNMjUxMjE2MTQwNTE0WjAYMRYw
FAYDVQQDEw02NzdlODYxZC01N2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwKVj0xRf5f3dNa8ZEtY4MMMmLWYkiGNpUPFAYM76cmyUYpCQLX9T7tsr
pt+3Vu5FvTcYJJgysYGewng4ennYyqd3FpcO+0cR9koHlzOaJrS+K9q8sOBIjenT
zGOPo3cn+Zt47H55/Kei+/so9SqnfkZR7bmaSSa7o2fUrUrt92dGJcfGnqZllKD8
/exoHtnYiDPceRpVy9xoTXvllLIGe1IOUWo/Lo0TGfPnk7+WJBPC2TR9bQvnwh4W
I0P5sGJLc4/OoFSIIoBBRbCGN39nD2UiKW9J0EExEsCEONhXUoWby4JjaSn+M64n
TMhvtRPnfWZQoAR+WEYcOGB5TX1lCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBbZ
eAPESfPqZsP2EV+z6BsNQgylMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NkI2NEY0NENEQzkxMUVGQjE2MURBQjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPk8MA0GCSqGSIb3DQEBCwUA
A4IBAQAU1J4jUP5ENwY9xuIhEci73xGGq2jFj6r8I/4lpQAGeKrPZGdjvXg5+j+p
ci9up17JmabPGBSccOTD6P5qyeMOHacKO0WPanQby2n2D/gbBFLBAmmmaPGjyCkk
Tvdo8bqaoPDebJXGrvsS6GyJ/1xXfv2tFoOso16uEAm+vwI3AHxHt6b4SIwLqyyn
saLAakaV8zlerzWWAt8fMG3JKssVNxbMDQyUB/kliy1t2WNrPh5U8h01BkgMbS1H
IZW/xu29QbcueJEVq9TO45PwO+mYENzYb9EBsyqgLrgc5Jzr7TrOmVirP0qS/yxW
kFyq75Egf7adhqVIwVl9Ga3EE8gt
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:59 2025 by rpki-client