Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97905388C34711EFADDE2B65762E951A.roa
File: 97905388C34711EFADDE2B65762E951A.roa (raw, json)
Hash identifier: +cOv6mnhPggWFuvUp1ddfln1v4+uum47JdN/hGn3zJk=
Subject key identifier: FE:C3:24:F6:A9:A5:3C:80:6A:C8:14:52:14:3F:91:CC:0D:16:C5:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC17
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97905388C34711EFADDE2B65762E951A.roa
Signing time: Thu 26 Dec 2024 05:09:32 +0000
ROA not before: Thu 26 Dec 2024 05:09:29 +0000
ROA not after: Wed 10 Dec 2025 05:09:29 +0000
asID: 984
IP address blocks: 156.245.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60439 (0xec17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:09:29 2024 GMT
Not After : Dec 10 05:09:29 2025 GMT
Subject: CN=676ce50c-763e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c3:d6:07:bd:bf:2d:29:2f:89:f9:32:b6:ea:
12:6f:ee:d9:df:bf:e7:8b:4b:a0:16:5b:bc:08:cf:
83:90:9d:01:00:c1:5b:c7:ea:c7:b1:34:2e:d7:72:
62:b5:44:d6:67:66:88:ee:7b:e7:f8:8b:b8:98:98:
ba:87:7a:ed:da:b4:b7:2e:f9:8a:84:60:33:f4:a8:
a8:ec:b6:3c:e3:6a:53:80:f9:45:78:aa:b3:6b:8e:
34:56:76:ac:cf:0a:1f:ec:02:7c:d6:65:f5:69:3e:
75:32:5b:32:66:c8:40:92:6b:93:c9:95:8b:87:f4:
29:94:f7:f3:d2:6d:12:90:b1:be:be:c6:f9:b7:5f:
15:74:78:d1:05:20:f3:14:cf:72:89:51:e2:9e:08:
59:04:1c:e1:68:06:a9:67:21:dd:5d:4d:e7:e2:4d:
a1:18:f3:ba:3e:45:27:f3:60:16:0e:3f:18:69:8a:
de:ab:fa:7e:9e:db:09:9a:7c:a5:1d:6a:39:f0:8a:
9b:0b:6f:94:aa:31:96:6c:84:b7:aa:26:ba:9c:09:
6a:bd:24:44:97:04:67:30:52:43:5a:2b:7d:4b:b8:
96:e4:f1:4f:fd:41:28:3a:48:8c:f3:2e:2e:c9:96:
50:25:a5:bf:98:e8:7c:63:7b:df:93:92:1c:9e:2e:
c0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C3:24:F6:A9:A5:3C:80:6A:C8:14:52:14:3F:91:CC:0D:16:C5:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97905388C34711EFADDE2B65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.183.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:ba:b4:09:82:b4:b3:3a:34:19:9d:87:70:8e:87:b4:c4:03:
9a:72:6d:27:41:a3:e9:5a:ef:01:7b:b2:d7:a5:77:0a:42:dd:
2e:a1:0d:56:95:fe:06:1d:12:3c:e7:ef:64:95:a0:b2:6a:17:
00:b6:58:dc:98:73:36:70:24:c7:d2:c3:e7:e6:1f:1c:6c:81:
43:44:99:8a:e5:47:9b:94:4c:e4:77:29:f9:5e:e5:38:a6:ac:
2a:09:db:09:b4:84:ea:20:6f:73:88:0c:9c:90:70:e3:6b:cc:
88:ab:52:72:6f:44:a0:e3:d0:8d:12:3b:61:04:91:ca:39:ed:
59:83:95:2e:a6:28:cb:de:96:af:c6:a0:de:36:5a:94:6d:05:
7d:ce:02:50:5f:58:c8:e4:ef:5e:05:ae:98:fb:83:b7:cd:a9:
45:c6:c0:a0:5f:b7:9d:78:03:8f:c5:e0:28:7b:4a:65:d1:7a:
b4:2f:25:bf:e7:81:52:ec:3b:b2:83:06:87:0d:52:0f:7a:e1:
87:9a:a3:4f:72:e2:ca:f0:73:fa:56:6b:b8:d6:8c:7e:f6:e2:
c5:2e:6a:5d:d7:d8:c2:b3:eb:40:52:02:ef:b6:65:b3:d6:b2:
0b:a3:50:99:8b:75:62:35:1e:bf:ed:3b:1b:65:48:b8:20:9b:
13:c7:d6:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOwXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUwOTI5WhcNMjUxMjEwMDUwOTI5WjAYMRYw
FAYDVQQDEw02NzZjZTUwYy03NjNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxcPWB72/LSkvifkytuoSb+7Z37/ni0ugFlu8CM+DkJ0BAMFbx+rHsTQu
13JitUTWZ2aI7nvn+Iu4mJi6h3rt2rS3LvmKhGAz9Kio7LY842pTgPlFeKqza440
Vnaszwof7AJ81mX1aT51MlsyZshAkmuTyZWLh/QplPfz0m0SkLG+vsb5t18VdHjR
BSDzFM9yiVHinghZBBzhaAapZyHdXU3n4k2hGPO6PkUn82AWDj8YaYreq/p+ntsJ
mnylHWo58IqbC2+UqjGWbIS3qia6nAlqvSRElwRnMFJDWit9S7iW5PFP/UEoOkiM
8y4uyZZQJaW/mOh8Y3vfk5Icni7AjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP7D
JPappTyAasgUUhQ/kcwNFsVkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NzkwNTM4OEMzNDcxMUVGQURERTJCNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPW3MA0GCSqGSIb3DQEBCwUA
A4IBAQCsurQJgrSzOjQZnYdwjoe0xAOacm0nQaPpWu8Be7LXpXcKQt0uoQ1Wlf4G
HRI85+9klaCyahcAtljcmHM2cCTH0sPn5h8cbIFDRJmK5UeblEzkdyn5XuU4pqwq
CdsJtITqIG9ziAyckHDja8yIq1Jyb0Sg49CNEjthBJHKOe1Zg5UupijL3pavxqDe
NlqUbQV9zgJQX1jI5O9eBa6Y+4O3zalFxsCgX7edeAOPxeAoe0pl0Xq0LyW/54FS
7DuygwaHDVIPeuGHmqNPcuLK8HP6Vmu41ox+9uLFLmpd19jCs+tAUgLvtmWz1rIL
o1CZi3ViNR6/7TsbZUi4IJsTx9ag
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:00 2025 by rpki-client