Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/998C6064CCE311EFA2E55876762E951A.roa
File: 998C6064CCE311EFA2E55876762E951A.roa (raw, json)
Hash identifier: 5BDpHgW443sArvvfTa4RkEFZ26xV1pl9Q8BuruoelfQ=
Subject key identifier: 47:4F:47:78:A9:45:7F:9C:9A:F2:84:B1:20:6E:69:1B:EF:6F:B4:96
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBB9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/998C6064CCE311EFA2E55876762E951A.roa
Signing time: Tue 07 Jan 2025 10:38:58 +0000
ROA not before: Tue 07 Jan 2025 10:38:53 +0000
ROA not after: Mon 13 Dec 2027 10:38:53 +0000
asID: 17561
IP address blocks: 156.233.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64441 (0xfbb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:38:53 2025 GMT
Not After : Dec 13 10:38:53 2027 GMT
Subject: CN=677d0442-7909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:78:28:f0:de:3d:e2:3c:0b:1e:20:38:c5:63:
38:d4:99:dc:a6:c8:1f:51:76:1e:04:08:ab:bb:2e:
eb:80:b4:39:64:22:e2:c8:d8:63:92:d9:86:a6:ac:
f2:f6:64:c1:aa:0f:7f:f9:21:c8:a8:6f:73:df:46:
2b:ed:85:16:84:74:c0:11:e9:03:7a:7e:69:d6:e8:
ca:f1:1e:61:e3:d2:53:21:ce:8e:65:a0:8c:b1:44:
41:8e:1b:5d:54:32:02:c8:cf:dd:dc:44:62:ef:2e:
ca:68:e3:a1:a4:93:46:d2:2f:cf:5b:07:3e:49:31:
09:2b:ad:3b:a2:61:c8:b1:e1:36:db:66:77:25:ce:
c0:1b:c5:38:6e:fe:b2:fe:00:05:4c:d2:bc:06:fd:
d6:62:9a:32:d7:ab:f8:11:07:4e:33:d5:00:96:2d:
55:6b:88:41:11:11:a0:c1:e6:d8:77:22:7a:a4:62:
b2:c2:fd:30:ea:c6:d6:d1:47:37:b8:63:b3:9e:51:
0d:00:71:1f:d0:e5:3b:74:1a:10:37:71:b7:f8:22:
ab:d7:4f:85:84:51:b4:ba:d5:47:64:37:57:cd:a9:
e4:95:93:52:f1:53:e3:88:b7:0d:8a:be:c8:e3:47:
c8:6f:19:35:70:bb:df:97:f7:51:00:4e:29:65:ff:
ce:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4F:47:78:A9:45:7F:9C:9A:F2:84:B1:20:6E:69:1B:EF:6F:B4:96
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/998C6064CCE311EFA2E55876762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.241.0/24
Signature Algorithm: sha256WithRSAEncryption
53:7d:a3:4b:fd:e3:50:7d:84:2e:24:3c:09:aa:5c:7d:49:99:
77:b5:96:a8:31:64:b7:8d:f1:ad:0a:ca:0f:cf:5f:e3:8d:73:
76:91:5f:7f:93:a9:c3:20:9c:d9:ef:4a:bb:0a:ef:c3:fd:ef:
a5:a8:94:37:cf:9a:60:e1:e8:da:c5:29:ea:48:2b:e3:c7:b9:
8f:9c:57:85:2c:45:71:ea:3f:71:5c:30:61:8d:cd:b4:7b:5d:
34:32:b7:2d:20:5a:dd:e2:cf:82:10:31:b6:84:4c:44:bf:a5:
0a:35:e7:b3:19:e1:77:9e:2d:50:69:04:49:ad:02:2f:8b:79:
ed:a4:90:04:85:b4:14:85:08:49:e9:7c:56:94:b7:f9:0f:7e:
03:a8:c7:0f:01:bc:ff:b9:bd:39:e5:00:ab:71:92:16:8c:05:
59:c0:48:66:e0:d5:c5:02:c7:e7:fe:c6:ec:d1:37:32:b2:be:
32:c1:0b:ee:a1:ba:86:3f:b0:74:70:6f:31:ae:4f:88:3a:04:
c0:0c:e6:16:bc:e0:e9:86:9a:19:19:d7:8f:d2:3a:05:16:e1:
18:86:68:93:0f:6a:5d:80:c8:8a:e6:37:09:fb:c8:38:f4:42:
9f:3f:55:38:db:a4:92:15:ca:13:af:84:75:48:08:7e:f2:d8:
62:ef:eb:d3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPu5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAzODUzWhcNMjcxMjEzMTAzODUzWjAYMRYw
FAYDVQQDEw02NzdkMDQ0Mi03OTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn3go8N494jwLHiA4xWM41JncpsgfUXYeBAiruy7rgLQ5ZCLiyNhjktmG
pqzy9mTBqg9/+SHIqG9z30Yr7YUWhHTAEekDen5p1ujK8R5h49JTIc6OZaCMsURB
jhtdVDICyM/d3ERi7y7KaOOhpJNG0i/PWwc+STEJK607omHIseE222Z3Jc7AG8U4
bv6y/gAFTNK8Bv3WYpoy16v4EQdOM9UAli1Va4hBERGgwebYdyJ6pGKywv0w6sbW
0Uc3uGOznlENAHEf0OU7dBoQN3G3+CKr10+FhFG0utVHZDdXzanklZNS8VPjiLcN
ir7I40fIbxk1cLvfl/dRAE4pZf/OswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEdP
R3ipRX+cmvKEsSBuaRvvb7SWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OThDNjA2NENDRTMxMUVGQTJFNTU4NzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnxMA0GCSqGSIb3DQEBCwUA
A4IBAQBTfaNL/eNQfYQuJDwJqlx9SZl3tZaoMWS3jfGtCsoPz1/jjXN2kV9/k6nD
IJzZ70q7Cu/D/e+lqJQ3z5pg4ejaxSnqSCvjx7mPnFeFLEVx6j9xXDBhjc20e100
MrctIFrd4s+CEDG2hExEv6UKNeezGeF3ni1QaQRJrQIvi3ntpJAEhbQUhQhJ6XxW
lLf5D34DqMcPAbz/ub055QCrcZIWjAVZwEhm4NXFAsfn/sbs0Tcysr4ywQvuobqG
P7B0cG8xrk+IOgTADOYWvODphpoZGdeP0joFFuEYhmiTD2pdgMiK5jcJ+8g49EKf
P1U426SSFcoTr4R1SAh+8thi7+vT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:35 2025 by rpki-client