Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98AAA856CE3511EF8AAFBE6B762E951A.roa
File: 98AAA856CE3511EF8AAFBE6B762E951A.roa (raw, json)
Hash identifier: 4/J7cjkLSaimT4pPqNdj59d92ScfBTm4ShbOwl8CyyE=
Subject key identifier: EA:2F:73:03:94:43:B3:6F:4B:9E:D6:F9:17:DC:BA:B1:C5:65:C8:88
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01021D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98AAA856CE3511EF8AAFBE6B762E951A.roa
Signing time: Thu 09 Jan 2025 02:58:26 +0000
ROA not before: Thu 09 Jan 2025 02:58:22 +0000
ROA not after: Fri 09 Jan 2026 02:58:22 +0000
asID: 17561
IP address blocks: 156.247.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66077 (0x1021d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 02:58:22 2025 GMT
Not After : Jan 9 02:58:22 2026 GMT
Subject: CN=677f3b52-46c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bc:67:21:a6:7c:ea:9f:3e:c0:4a:64:fa:57:
68:2b:ce:81:e7:88:4c:75:a5:4c:97:a7:30:11:64:
d4:2a:59:10:c6:7d:f9:8d:d4:d8:eb:d1:3a:52:e2:
14:0a:52:2a:99:ce:28:6a:ca:b5:bc:39:f3:31:3e:
8a:24:f8:46:a4:6a:7f:f9:32:83:7f:2b:db:5d:ea:
5f:8d:f3:e6:73:61:2c:8c:25:fa:03:d3:18:72:2a:
64:75:30:d0:c3:43:c2:0d:e8:e0:03:e6:88:3a:27:
f1:77:6b:4d:81:30:2e:71:5b:a3:d1:b8:5c:cd:16:
62:af:a7:4f:75:e4:96:08:35:25:b6:a9:20:65:6d:
fe:04:60:77:d3:bd:e6:66:99:2f:44:06:1c:bb:4b:
5a:5f:d1:54:a5:f2:e7:e6:7f:a4:58:84:fd:26:9b:
5e:60:a4:3d:35:f3:c9:30:76:08:84:c3:5b:2c:1b:
4f:3d:de:35:07:fc:41:63:77:ce:07:18:7f:54:7d:
54:84:c7:1a:d8:91:29:c0:ac:7b:09:7f:82:5e:e6:
9f:a2:d2:c9:31:8c:19:8c:7a:88:1c:ef:8e:68:bc:
de:01:35:1e:35:ca:13:6b:6b:5c:53:eb:d8:1e:df:
dc:73:a3:e4:f9:c5:67:44:9f:b3:bc:76:c3:c9:4a:
a9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:2F:73:03:94:43:B3:6F:4B:9E:D6:F9:17:DC:BA:B1:C5:65:C8:88
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98AAA856CE3511EF8AAFBE6B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.34.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:53:af:38:a0:dd:b8:19:f9:6f:0d:01:a5:83:04:b4:ea:08:
0b:75:35:2f:67:50:12:5c:82:25:be:25:27:94:ac:f3:85:b0:
7b:3c:75:2e:53:b4:80:12:db:bc:23:91:d2:59:43:2f:41:4c:
01:d3:9d:11:1d:49:09:45:1c:8c:25:e7:49:01:63:b4:6a:33:
0f:2a:c4:da:6c:b1:02:78:71:be:a8:ee:9b:74:23:32:3c:c7:
7c:0b:e2:ba:8d:e1:d8:c8:9c:65:8f:9e:09:1a:dc:5d:37:bd:
8d:9b:66:c7:f2:b4:ec:73:5e:de:67:24:25:8c:7a:d7:b5:e6:
e4:4f:2f:75:5e:9f:29:ee:27:5c:5a:39:3a:8e:d8:8e:69:72:
52:a7:26:fc:3e:54:f7:95:b0:32:61:32:3e:ee:6d:36:ea:ca:
60:e5:1a:ab:2a:d4:ec:a7:ea:d0:c5:eb:05:87:bb:49:ad:af:
57:dc:64:73:f2:cd:9b:83:ff:e7:a6:4b:8e:1e:b0:f6:74:23:
fd:b9:60:96:73:90:0c:02:b7:41:e8:e3:34:d9:c2:c2:20:a7:
19:66:b5:c8:96:79:02:fd:b6:eb:3e:e6:2a:fc:64:a8:17:4e:
ae:4b:f1:03:cc:18:06:5b:55:ce:84:f2:86:4a:63:8b:93:ca:
ce:94:a7:69
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQIdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDI1ODIyWhcNMjYwMTA5MDI1ODIyWjAYMRYw
FAYDVQQDEw02NzdmM2I1Mi00NmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzbxnIaZ86p8+wEpk+ldoK86B54hMdaVMl6cwEWTUKlkQxn35jdTY69E6
UuIUClIqmc4oasq1vDnzMT6KJPhGpGp/+TKDfyvbXepfjfPmc2EsjCX6A9MYcipk
dTDQw0PCDejgA+aIOifxd2tNgTAucVuj0bhczRZir6dPdeSWCDUltqkgZW3+BGB3
073mZpkvRAYcu0taX9FUpfLn5n+kWIT9JpteYKQ9NfPJMHYIhMNbLBtPPd41B/xB
Y3fOBxh/VH1UhMca2JEpwKx7CX+CXuafotLJMYwZjHqIHO+OaLzeATUeNcoTa2tc
U+vYHt/cc6Pk+cVnRJ+zvHbDyUqpewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOov
cwOUQ7NvS57W+RfcurHFZciIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OEFBQTg1NkNFMzUxMUVGOEFBRkJFNkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPciMA0GCSqGSIb3DQEBCwUA
A4IBAQAbU684oN24GflvDQGlgwS06ggLdTUvZ1ASXIIlviUnlKzzhbB7PHUuU7SA
Etu8I5HSWUMvQUwB050RHUkJRRyMJedJAWO0ajMPKsTabLECeHG+qO6bdCMyPMd8
C+K6jeHYyJxlj54JGtxdN72Nm2bH8rTsc17eZyQljHrXtebkTy91Xp8p7idcWjk6
jtiOaXJSpyb8PlT3lbAyYTI+7m026spg5RqrKtTsp+rQxesFh7tJra9X3GRz8s2b
g//npkuOHrD2dCP9uWCWc5AMArdB6OM02cLCIKcZZrXIlnkC/bbrPuYq/GSoF06u
S/EDzBgGW1XOhPKGSmOLk8rOlKdp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:40 2025 by rpki-client