Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99937B3CAE1C11EFA038C679762E951A.roa
File: 99937B3CAE1C11EFA038C679762E951A.roa (raw, json)
Hash identifier: ZJe6SdbcoOjG3S8pW+gs6toHrR3xvPsDkhrIcAC9epg=
Subject key identifier: CA:C1:3F:85:DD:0C:92:3B:76:CA:8D:F5:92:26:02:08:77:34:C5:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC7E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99937B3CAE1C11EFA038C679762E951A.roa
Signing time: Fri 29 Nov 2024 06:38:53 +0000
ROA not before: Fri 29 Nov 2024 06:38:49 +0000
ROA not after: Thu 05 Jun 2025 06:38:49 +0000
asID: 137406
IP address blocks: 156.225.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56446 (0xdc7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 29 06:38:49 2024 GMT
Not After : Jun 5 06:38:49 2025 GMT
Subject: CN=6749617d-629c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:5b:78:d5:bb:59:97:8b:de:a0:19:19:a0:
95:2c:fd:80:32:a7:0f:7e:79:54:f6:6a:18:bf:df:
44:94:c6:9a:12:fc:c5:8c:ae:3f:4e:72:bd:2f:49:
0d:30:05:fb:bb:f9:57:21:ac:b2:8b:8b:c9:1c:ee:
bd:48:42:02:37:fc:53:07:a5:ed:81:96:77:85:1a:
b5:7b:17:91:46:ae:b3:14:c5:9a:65:02:bc:60:a2:
64:8b:e6:4a:10:05:76:63:a3:63:d9:f4:7d:ea:06:
8a:d2:bc:4f:70:c7:9a:a7:22:78:fc:10:2e:69:11:
e2:08:3e:a9:ee:6e:c1:bb:eb:7c:57:46:b0:d8:61:
2c:a8:ef:94:dd:e0:5e:49:0b:24:f8:47:94:08:f1:
58:1a:58:20:f4:17:e8:4e:1f:29:02:0b:b4:3b:e9:
6d:6c:01:71:41:16:f3:95:d1:51:64:30:18:04:58:
63:93:18:3b:29:d4:ac:4a:b3:23:4b:48:f3:80:4d:
89:bc:33:0a:60:6e:4e:03:27:b5:92:53:cb:6a:f6:
d0:cd:ba:35:91:5f:fa:6e:1c:5d:04:13:40:98:85:
dd:e9:17:4b:b4:63:ad:53:48:4a:d5:6b:c6:f5:00:
c8:4d:96:94:b8:9b:aa:0a:26:ea:d8:d5:05:ed:c7:
dc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C1:3F:85:DD:0C:92:3B:76:CA:8D:F5:92:26:02:08:77:34:C5:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99937B3CAE1C11EFA038C679762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.4.0/24
Signature Algorithm: sha256WithRSAEncryption
34:1d:13:6e:ca:22:28:a7:c1:8d:57:96:f1:d3:48:b3:7e:b4:
03:3c:ed:2f:61:78:fc:cf:d2:bd:e6:e8:68:4f:87:6f:72:6e:
85:a2:2b:c8:7c:92:2a:c0:c7:44:a7:aa:70:2f:5f:d1:6f:2e:
61:e3:aa:28:8f:3f:2f:da:6e:02:cb:39:e5:33:9f:a6:8d:dd:
f1:73:04:cf:92:43:31:60:66:23:8b:9d:a3:33:30:07:66:07:
73:0d:88:de:56:99:20:1f:ec:74:27:cd:24:6b:95:3e:8a:3e:
cd:9f:d6:d4:d7:27:42:27:c7:8a:45:87:19:4b:8a:bb:95:7f:
34:31:98:4a:91:67:c8:74:b1:f3:d8:ae:a6:c3:bb:e5:2f:65:
cd:26:ee:c7:4b:b4:77:01:35:72:fb:d4:4d:71:08:a8:ff:45:
40:c7:14:3e:96:78:8f:77:70:43:4e:cf:f0:d4:e6:90:a6:e1:
41:de:6d:fb:58:53:17:85:08:de:19:29:34:8a:13:1e:08:93:
8f:7c:a6:a3:93:fd:fb:a1:50:87:93:07:7b:98:78:bd:dc:c6:
9f:b6:ad:65:2a:16:a7:2e:7e:03:41:2c:b2:19:53:fe:8f:f4:
ac:35:d8:4f:f4:bc:c1:c7:6f:3f:17:79:62:79:d8:f4:d2:66:
bd:87:a7:d0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANx+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI5MDYzODQ5WhcNMjUwNjA1MDYzODQ5WjAYMRYw
FAYDVQQDEw02NzQ5NjE3ZC02MjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAud1beNW7WZeL3qAZGaCVLP2AMqcPfnlU9moYv99ElMaaEvzFjK4/TnK9
L0kNMAX7u/lXIayyi4vJHO69SEICN/xTB6XtgZZ3hRq1exeRRq6zFMWaZQK8YKJk
i+ZKEAV2Y6Nj2fR96gaK0rxPcMeapyJ4/BAuaRHiCD6p7m7Bu+t8V0aw2GEsqO+U
3eBeSQsk+EeUCPFYGlgg9BfoTh8pAgu0O+ltbAFxQRbzldFRZDAYBFhjkxg7KdSs
SrMjS0jzgE2JvDMKYG5OAye1klPLavbQzbo1kV/6bhxdBBNAmIXd6RdLtGOtU0hK
1WvG9QDITZaUuJuqCibq2NUF7cfcOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMrB
P4XdDJI7dsqN9ZImAgh3NMWhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OTkzN0IzQ0FFMUMxMUVGQTAzOEM2Nzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEEMA0GCSqGSIb3DQEBCwUA
A4IBAQA0HRNuyiIop8GNV5bx00izfrQDPO0vYXj8z9K95uhoT4dvcm6FoivIfJIq
wMdEp6pwL1/Rby5h46oojz8v2m4CyznlM5+mjd3xcwTPkkMxYGYji52jMzAHZgdz
DYjeVpkgH+x0J80ka5U+ij7Nn9bU1ydCJ8eKRYcZS4q7lX80MZhKkWfIdLHz2K6m
w7vlL2XNJu7HS7R3ATVy+9RNcQio/0VAxxQ+lniPd3BDTs/w1OaQpuFB3m37WFMX
hQjeGSk0ihMeCJOPfKajk/37oVCHkwd7mHi93Maftq1lKhanLn4DQSyyGVP+j/Ss
NdhP9LzBx28/F3liedj00ma9h6fQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:14 2025 by rpki-client