Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97DA2696CEF711EFABB77DB7762E951A.roa
File: 97DA2696CEF711EFABB77DB7762E951A.roa (raw, json)
Hash identifier: VHOHBizJ91H3oEN0Ry7C18VweInsWmapSBaUHR6NqEg=
Subject key identifier: CD:BF:30:68:9E:60:CB:61:2A:1B:F4:44:D6:7C:B0:E2:99:DF:71:23
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010499
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97DA2696CEF711EFABB77DB7762E951A.roa
Signing time: Fri 10 Jan 2025 02:07:07 +0000
ROA not before: Fri 10 Jan 2025 02:07:03 +0000
ROA not after: Thu 13 Feb 2025 02:07:03 +0000
asID: 395793
IP address blocks: 156.236.14.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66713 (0x10499)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 02:07:03 2025 GMT
Not After : Feb 13 02:07:03 2025 GMT
Subject: CN=678080cb-b967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:82:f6:46:91:0c:8e:df:00:31:8d:49:4f:59:
de:b1:ef:f6:a2:e0:24:41:63:75:03:2a:99:2f:f2:
4c:6e:78:c5:c7:17:29:dd:21:d3:48:90:e7:bb:4d:
8e:c6:1e:49:de:6d:ce:b1:02:17:e7:b9:15:3e:dc:
ad:60:25:0b:bb:ff:f4:2f:62:fe:24:8b:c2:bc:cf:
2d:b2:a6:b2:76:10:8d:e5:c5:81:f8:38:9e:97:61:
4d:46:5e:72:5b:77:13:38:b2:f0:02:3a:52:38:b3:
dd:90:e4:b9:b5:1a:f0:38:f6:d9:c7:51:b5:01:c4:
74:e5:b3:11:1a:ba:fd:5d:91:3b:94:e0:3a:4b:cc:
1b:da:7c:3f:32:26:6a:68:5c:58:33:84:0f:69:80:
a4:bb:d3:16:d5:9b:5d:a6:c5:b4:72:7e:26:31:f5:
3e:bc:ed:b3:f6:99:32:38:51:30:ba:40:1f:df:e4:
20:6e:81:f1:fb:a5:d2:e6:50:be:1a:5d:a3:01:9a:
8e:83:08:1f:f5:a9:5a:68:20:ca:ef:b8:79:e0:28:
38:ab:3e:1a:6a:51:e9:f4:66:44:94:a9:ea:56:b5:
f7:e7:e8:3c:5f:a5:1f:f8:b2:52:88:a2:b2:d0:60:
34:70:02:10:ff:01:8c:b0:6f:a8:37:62:8c:1a:a5:
d4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:BF:30:68:9E:60:CB:61:2A:1B:F4:44:D6:7C:B0:E2:99:DF:71:23
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97DA2696CEF711EFABB77DB7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.14.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:39:b8:df:72:ef:d7:7c:32:fd:58:dd:92:73:e9:9e:47:ae:
56:83:f2:7d:63:c9:ce:a2:f8:f8:ba:e4:de:ce:ea:17:62:13:
be:51:5e:40:62:f8:d8:0f:de:8e:bd:6f:a5:96:49:c3:00:73:
44:f9:0f:00:c7:12:32:68:2b:1b:84:b2:44:b7:5c:f3:3d:f9:
fd:50:6d:58:62:e8:be:62:6a:f7:ff:84:ed:1d:13:5a:cf:a4:
0a:f5:2c:6d:45:29:cd:68:4a:27:f3:39:41:31:6d:12:44:c6:
5e:da:23:53:4a:65:b7:73:2e:09:77:12:e3:d0:24:e4:76:5a:
44:b3:e1:ed:98:df:38:87:c8:92:3e:61:a0:38:53:18:33:bd:
61:56:4d:ed:70:e1:48:94:d2:29:16:37:2b:86:4e:cb:be:f5:
70:85:16:8a:b1:52:70:fe:ba:34:a6:fd:75:57:d4:e6:e4:87:
d1:ac:4b:ae:19:53:95:b1:91:71:d2:f6:7f:5b:b3:bd:de:38:
b2:1e:62:0c:ec:2e:25:f6:12:34:87:24:7e:e1:33:36:12:44:
77:65:97:3d:63:67:7d:98:c1:29:db:e6:62:33:21:ea:aa:ac:
e7:63:64:cd:df:c5:53:dc:34:fd:90:d8:af:01:83:4a:a9:41:
df:6a:a5:25
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQSZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMDIwNzAzWhcNMjUwMjEzMDIwNzAzWjAYMRYw
FAYDVQQDEw02NzgwODBjYi1iOTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA14L2RpEMjt8AMY1JT1nese/2ouAkQWN1AyqZL/JMbnjFxxcp3SHTSJDn
u02Oxh5J3m3OsQIX57kVPtytYCULu//0L2L+JIvCvM8tsqaydhCN5cWB+Diel2FN
Rl5yW3cTOLLwAjpSOLPdkOS5tRrwOPbZx1G1AcR05bMRGrr9XZE7lOA6S8wb2nw/
MiZqaFxYM4QPaYCku9MW1ZtdpsW0cn4mMfU+vO2z9pkyOFEwukAf3+QgboHx+6XS
5lC+Gl2jAZqOgwgf9alaaCDK77h54Cg4qz4aalHp9GZElKnqVrX35+g8X6Uf+LJS
iKKy0GA0cAIQ/wGMsG+oN2KMGqXUMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM2/
MGieYMthKhv0RNZ8sOKZ33EjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85N0RBMjY5NkNFRjcxMUVGQUJCNzdEQjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOwOMA0GCSqGSIb3DQEBCwUA
A4IBAQBfObjfcu/XfDL9WN2Sc+meR65Wg/J9Y8nOovj4uuTezuoXYhO+UV5AYvjY
D96OvW+llknDAHNE+Q8AxxIyaCsbhLJEt1zzPfn9UG1YYui+Ymr3/4TtHRNaz6QK
9SxtRSnNaEon8zlBMW0SRMZe2iNTSmW3cy4JdxLj0CTkdlpEs+HtmN84h8iSPmGg
OFMYM71hVk3tcOFIlNIpFjcrhk7LvvVwhRaKsVJw/ro0pv11V9Tm5IfRrEuuGVOV
sZFx0vZ/W7O93jiyHmIM7C4l9hI0hyR+4TM2EkR3ZZc9Y2d9mMEp2+ZiMyHqqqzn
Y2TN38VT3DT9kNivAYNKqUHfaqUl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:12 2025 by rpki-client