Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99CAF006CBD811EFA105BC53762E951A.roa
File: 99CAF006CBD811EFA105BC53762E951A.roa (raw, json)
Hash identifier: 1NmN8Ayo8UFawYE+QivRopNhyaDgkkEOjnuT4fNYsUA=
Subject key identifier: 65:65:8E:FC:EC:FF:A4:11:48:8D:43:1F:C3:DE:82:97:58:D5:BD:BD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7E0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99CAF006CBD811EFA105BC53762E951A.roa
Signing time: Mon 06 Jan 2025 02:47:43 +0000
ROA not before: Mon 06 Jan 2025 02:47:39 +0000
ROA not after: Thu 06 Feb 2025 02:47:39 +0000
asID: 213636
IP address blocks: 156.229.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 04 Feb 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63456 (0xf7e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 02:47:39 2025 GMT
Not After : Feb 6 02:47:39 2025 GMT
Subject: CN=677b444e-96ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b6:c8:b1:5f:63:9b:d4:0e:46:b1:fc:7d:b8:
f9:72:10:27:bc:47:f0:a1:b0:ee:12:47:79:1d:c2:
3a:f6:af:45:09:94:0e:38:4b:1a:b5:92:17:15:77:
73:50:29:2b:9a:18:d2:e6:66:8e:15:73:f9:1e:60:
4b:5d:46:4a:65:78:d3:02:06:06:71:58:4e:de:cd:
8d:9b:cb:e3:ea:35:5d:5a:98:40:c1:e4:af:13:43:
aa:28:bf:45:e4:a9:58:91:6f:10:0b:f9:40:f4:c9:
49:92:f9:08:c5:b2:15:8f:26:7c:73:83:a5:07:c7:
09:02:e4:8b:2e:7d:29:3a:c9:c5:ba:3f:c6:1e:e2:
35:96:f1:eb:79:71:2f:24:de:a2:dd:98:25:c5:8d:
c0:05:60:6d:68:4a:97:89:6a:6b:20:c3:d1:45:73:
d0:46:30:6c:dd:f2:fa:db:5c:9a:46:ec:f3:5c:52:
29:85:77:aa:25:12:99:0a:13:05:92:5d:2f:0a:96:
c2:e6:e3:02:03:a3:31:0e:57:b6:a8:ff:85:23:6c:
ac:e1:18:82:37:0a:68:5c:77:c7:5b:0c:81:58:72:
ad:11:01:fe:52:f4:56:d1:23:c1:7e:a4:47:74:eb:
db:ee:e7:72:b2:67:59:62:7b:49:83:d4:ba:cf:af:
d9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:65:8E:FC:EC:FF:A4:11:48:8D:43:1F:C3:DE:82:97:58:D5:BD:BD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99CAF006CBD811EFA105BC53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.236.0/24
Signature Algorithm: sha256WithRSAEncryption
39:17:03:9f:35:64:87:32:1a:be:d2:81:6f:ae:d9:f5:ae:4a:
98:00:2b:bd:fa:cb:c6:9a:5c:e0:87:b5:89:dc:72:f5:4c:86:
37:5c:0b:13:9d:4b:69:3d:52:7d:b3:79:65:13:8d:59:ff:57:
91:0e:cd:67:88:8c:16:e1:6d:fc:01:ff:13:a1:d4:8d:4c:d4:
99:70:a3:6b:f0:04:77:68:ca:02:94:66:37:eb:88:2b:fe:3a:
91:74:54:ee:93:35:38:df:fc:83:54:4e:f0:90:fa:0b:76:d7:
a3:a9:7d:a7:27:41:38:13:05:b3:3b:ca:04:bd:bd:b6:e6:5e:
eb:41:30:1b:74:d8:2a:34:e0:9b:51:2a:86:95:66:0b:d4:80:
08:f2:0c:e4:64:96:4f:f7:f2:a7:92:ce:6f:f0:75:f7:12:1a:
1e:8f:57:4d:3d:29:11:b9:34:af:29:89:3c:01:5d:28:d0:f2:
d6:88:0f:90:32:3e:2c:0b:7e:dd:64:88:a6:84:e3:41:c2:f3:
78:07:fe:14:a1:cf:83:ab:e4:54:c1:1c:82:d3:cc:df:4d:11:
56:0b:94:bb:38:99:b5:f1:e6:c8:b6:67:d2:59:59:6b:86:d0:
95:d2:62:9d:18:42:48:1e:3f:80:61:d9:3f:b3:7f:d7:9a:32:
56:3a:ed:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPfgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDI0NzM5WhcNMjUwMjA2MDI0NzM5WjAYMRYw
FAYDVQQDEw02NzdiNDQ0ZS05NmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7LbIsV9jm9QORrH8fbj5chAnvEfwobDuEkd5HcI69q9FCZQOOEsatZIX
FXdzUCkrmhjS5maOFXP5HmBLXUZKZXjTAgYGcVhO3s2Nm8vj6jVdWphAweSvE0Oq
KL9F5KlYkW8QC/lA9MlJkvkIxbIVjyZ8c4OlB8cJAuSLLn0pOsnFuj/GHuI1lvHr
eXEvJN6i3ZglxY3ABWBtaEqXiWprIMPRRXPQRjBs3fL621yaRuzzXFIphXeqJRKZ
ChMFkl0vCpbC5uMCA6MxDle2qP+FI2ys4RiCNwpoXHfHWwyBWHKtEQH+UvRW0SPB
fqRHdOvb7udysmdZYntJg9S6z6/Z9QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGVl
jvzs/6QRSI1DH8PegpdY1b29MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OUNBRjAwNkNCRDgxMUVGQTEwNUJDNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXsMA0GCSqGSIb3DQEBCwUA
A4IBAQA5FwOfNWSHMhq+0oFvrtn1rkqYACu9+svGmlzgh7WJ3HL1TIY3XAsTnUtp
PVJ9s3llE41Z/1eRDs1niIwW4W38Af8TodSNTNSZcKNr8AR3aMoClGY364gr/jqR
dFTukzU43/yDVE7wkPoLdtejqX2nJ0E4EwWzO8oEvb225l7rQTAbdNgqNOCbUSqG
lWYL1IAI8gzkZJZP9/Knks5v8HX3Ehoej1dNPSkRuTSvKYk8AV0o0PLWiA+QMj4s
C37dZIimhONBwvN4B/4Uoc+Dq+RUwRyC08zfTRFWC5S7OJm18ebItmfSWVlrhtCV
0mKdGEJIHj+AYdk/s3/XmjJWOu1Q
-----END CERTIFICATE-----
Generated at Sun Feb 2 15:50:57 2025 by rpki-client