Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99BA18F8CCC311EFB5210BAC762E951A.roa
File: 99BA18F8CCC311EFB5210BAC762E951A.roa (raw, json)
Hash identifier: YZR8284bLCaDQ/RWLVRvrqN9U8R2DJHiJVVr8xqkhBI=
Subject key identifier: 13:F8:A3:0B:79:5F:80:F1:78:94:4F:53:A0:C6:7B:E3:C8:56:00:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA42
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99BA18F8CCC311EFB5210BAC762E951A.roa
Signing time: Tue 07 Jan 2025 06:49:54 +0000
ROA not before: Tue 07 Jan 2025 06:49:51 +0000
ROA not after: Sat 13 Dec 2025 06:49:51 +0000
asID: 984
IP address blocks: 156.233.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64066 (0xfa42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 06:49:51 2025 GMT
Not After : Dec 13 06:49:51 2025 GMT
Subject: CN=677cce92-174a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f0:60:3c:ce:83:df:f4:e0:82:7c:48:93:76:
b4:73:af:e6:ed:de:56:12:7f:fb:6b:6a:1a:4e:f4:
20:aa:f9:30:01:93:8d:7e:5b:d9:82:08:e1:3e:30:
eb:b4:75:dd:6d:21:22:38:c8:d7:82:a4:0a:91:e9:
bc:9d:6c:a3:24:85:f3:95:1f:7d:7b:75:f2:3f:6e:
67:4d:f2:34:27:46:0b:c2:a4:a2:b0:0b:cf:06:5f:
72:af:60:9e:53:20:33:9f:04:93:16:b4:e9:f6:81:
f7:1b:ca:ef:76:af:69:fc:27:dc:d6:51:35:90:de:
d5:98:db:4f:f6:7a:3e:d1:b0:ba:1c:c8:da:3f:56:
6f:63:58:80:21:85:07:67:79:3a:9b:44:0a:dd:5f:
65:12:50:72:a2:0f:2e:8f:5b:71:fc:7b:bc:56:be:
1b:cd:86:73:2e:84:f4:31:f8:47:89:d3:db:54:2d:
f9:c6:ed:44:fa:24:cc:6c:4e:fe:85:2c:27:9c:91:
2e:11:85:fa:13:fe:5a:35:50:1a:f9:10:63:4d:a0:
0f:22:20:a0:96:10:c9:33:ee:56:71:ee:82:38:57:
e4:8e:19:d0:d8:94:6a:f1:74:b1:39:da:cd:d0:26:
38:a9:ca:64:50:66:36:e5:bf:da:4b:b2:24:dd:1d:
ca:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:F8:A3:0B:79:5F:80:F1:78:94:4F:53:A0:C6:7B:E3:C8:56:00:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99BA18F8CCC311EFB5210BAC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.52.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:b3:54:03:0d:7f:73:72:ab:0d:0e:2c:00:d2:97:fd:32:16:
35:99:49:cc:52:f0:24:a4:ba:bf:07:96:df:37:c2:98:b7:1e:
ce:2c:64:cb:f3:73:a6:f4:7c:f5:51:00:ea:66:4e:bd:e5:50:
b6:e8:9e:62:fb:77:12:47:64:e0:2a:fc:66:d5:fd:12:33:4a:
32:ab:de:2a:ce:76:af:bd:9e:7d:a9:b2:22:27:5e:47:f1:45:
0c:b9:ab:60:21:42:de:70:af:16:f4:e1:0f:96:a6:5a:a3:f3:
2e:91:aa:b8:4f:a8:89:8b:06:b4:ab:7e:0c:49:30:4c:5e:a7:
a6:20:77:b1:1d:2f:13:29:45:c3:99:ea:6e:37:56:fe:af:44:
d0:3a:be:c1:42:92:04:3f:a1:c1:38:20:21:0a:3b:16:fb:0e:
bd:73:72:20:0e:85:de:78:68:c2:90:4b:2f:09:fc:21:ce:17:
09:36:7b:c7:3d:9f:e2:b1:1b:b2:c8:43:43:c8:2c:f7:2f:56:
6f:67:d2:80:d2:da:b2:a8:9d:88:ad:9f:01:3b:fe:21:e9:cd:
77:6c:89:ee:58:73:a1:46:1a:4f:ed:08:d4:e0:4f:18:c9:dc:
c5:90:a9:0e:8a:eb:2e:c8:ab:af:b5:67:8c:f1:0d:d9:bc:4c:
1f:01:86:36
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPpCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDY0OTUxWhcNMjUxMjEzMDY0OTUxWjAYMRYw
FAYDVQQDEw02NzdjY2U5Mi0xNzRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1/BgPM6D3/TggnxIk3a0c6/m7d5WEn/7a2oaTvQgqvkwAZONflvZggjh
PjDrtHXdbSEiOMjXgqQKkem8nWyjJIXzlR99e3XyP25nTfI0J0YLwqSisAvPBl9y
r2CeUyAznwSTFrTp9oH3G8rvdq9p/Cfc1lE1kN7VmNtP9no+0bC6HMjaP1ZvY1iA
IYUHZ3k6m0QK3V9lElByog8uj1tx/Hu8Vr4bzYZzLoT0MfhHidPbVC35xu1E+iTM
bE7+hSwnnJEuEYX6E/5aNVAa+RBjTaAPIiCglhDJM+5Wce6COFfkjhnQ2JRq8XSx
OdrN0CY4qcpkUGY25b/aS7Ik3R3KSQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBP4
owt5X4DxeJRPU6DGe+PIVgA3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OUJBMThGOENDQzMxMUVGQjUyMTBCQUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk0MA0GCSqGSIb3DQEBCwUA
A4IBAQCNs1QDDX9zcqsNDiwA0pf9MhY1mUnMUvAkpLq/B5bfN8KYtx7OLGTL83Om
9Hz1UQDqZk695VC26J5i+3cSR2TgKvxm1f0SM0oyq94qznavvZ59qbIiJ15H8UUM
uatgIULecK8W9OEPlqZao/Mukaq4T6iJiwa0q34MSTBMXqemIHexHS8TKUXDmepu
N1b+r0TQOr7BQpIEP6HBOCAhCjsW+w69c3IgDoXeeGjCkEsvCfwhzhcJNnvHPZ/i
sRuyyENDyCz3L1ZvZ9KA0tqyqJ2IrZ8BO/4h6c13bInuWHOhRhpP7QjU4E8YydzF
kKkOiusuyKuvtWeM8Q3ZvEwfAYY2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:50 2025 by rpki-client