Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99E221EECC9C11EFA005FAAA762E951A.roa
File: 99E221EECC9C11EFA005FAAA762E951A.roa (raw, json)
Hash identifier: OzAPS0ez04AlyB/UP2oDphmXqZxkoZPWVuwRxisJtwQ=
Subject key identifier: 35:10:8D:07:D7:17:13:6D:80:97:37:58:AA:F1:8D:4D:BD:44:60:42
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F96C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99E221EECC9C11EFA005FAAA762E951A.roa
Signing time: Tue 07 Jan 2025 02:10:44 +0000
ROA not before: Tue 07 Jan 2025 02:10:40 +0000
ROA not after: Mon 13 Dec 2027 02:10:40 +0000
asID: 17561
IP address blocks: 156.227.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63852 (0xf96c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:10:40 2025 GMT
Not After : Dec 13 02:10:40 2027 GMT
Subject: CN=677c8d24-5a3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a6:24:fa:a5:3d:dc:3c:90:6b:26:72:f6:b9:
38:d5:6b:0a:eb:ac:7d:6d:b0:4e:9a:41:cf:c3:16:
a7:5e:e0:03:ec:91:e2:b6:5d:d2:28:17:04:89:1d:
60:0e:93:be:8a:77:e1:bc:26:d0:4a:02:a9:78:04:
3b:c5:28:98:df:98:a3:c9:39:6e:e5:44:20:65:5c:
38:26:4e:e5:36:3e:dd:9a:e8:e5:ee:7d:ad:9c:fb:
6e:88:9e:59:35:36:10:9d:31:ff:83:f3:1b:f0:33:
2d:68:6f:c2:da:f0:f0:a7:16:f8:38:3a:f6:11:93:
17:ea:67:15:b0:f7:aa:3e:52:93:16:47:a6:c7:fb:
21:ba:85:23:e7:8c:38:2a:1c:e2:79:d5:9d:fe:4f:
57:ba:0a:8e:0e:ce:b7:95:fc:27:cc:ff:da:2a:3e:
a4:c5:7f:f4:23:47:f1:a2:07:72:b1:09:c8:5a:7f:
c0:c2:cf:4a:09:74:83:78:f0:4e:ef:13:63:63:fc:
6b:3a:b7:d3:7d:ba:ce:49:0c:bf:a0:b3:d1:92:eb:
cf:17:76:1d:65:d4:fd:a4:05:7d:d7:e7:50:d6:90:
85:2e:d6:c0:2d:6a:91:b9:87:1b:09:d8:48:cc:ab:
f1:e0:e0:6e:a4:14:fd:4b:d4:f6:d7:59:07:9f:21:
e9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:10:8D:07:D7:17:13:6D:80:97:37:58:AA:F1:8D:4D:BD:44:60:42
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99E221EECC9C11EFA005FAAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.108.0/24
Signature Algorithm: sha256WithRSAEncryption
25:86:7d:86:3e:d4:13:3c:0e:38:67:7d:59:a7:2f:7b:35:13:
65:0a:c2:ba:08:0b:cf:0e:af:c0:5c:05:9b:33:9e:aa:0e:47:
2a:6e:d7:01:3c:44:c1:26:b7:d4:c3:60:76:06:b9:45:c2:05:
9d:13:66:a3:37:78:98:45:c9:dd:0a:22:dd:85:b3:54:49:99:
5c:9b:aa:f9:65:f4:8b:5e:17:95:f5:cf:53:f7:64:be:a2:b5:
64:80:5b:11:fb:43:2d:0d:90:70:42:c6:fa:0f:2d:6f:82:62:
f1:81:de:15:b6:5c:c8:bf:df:6e:68:ed:c5:9a:ba:42:66:4b:
b6:4e:64:61:3d:ef:80:ed:b3:56:38:23:87:55:39:be:70:7a:
07:43:60:1a:c2:da:31:85:27:6a:68:da:e6:74:b8:7c:c8:d3:
0b:b6:75:06:29:90:db:a3:a2:09:ff:cc:28:21:e4:b4:4e:3f:
32:a5:03:75:1c:04:05:5d:be:b3:70:8d:bc:c2:a5:95:3c:0c:
53:91:c7:c1:df:0d:15:d1:30:74:f0:b6:ca:eb:94:6a:92:a0:
72:dd:2c:bf:c2:ca:06:85:d3:a7:16:29:f3:75:9e:1c:1a:ee:
4b:70:c6:6c:5b:ca:39:c7:af:9a:1a:fb:51:d3:27:cd:d5:c4:
5f:63:aa:8a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPlsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDIxMDQwWhcNMjcxMjEzMDIxMDQwWjAYMRYw
FAYDVQQDEw02NzdjOGQyNC01YTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsKYk+qU93DyQayZy9rk41WsK66x9bbBOmkHPwxanXuAD7JHitl3SKBcE
iR1gDpO+infhvCbQSgKpeAQ7xSiY35ijyTlu5UQgZVw4Jk7lNj7dmujl7n2tnPtu
iJ5ZNTYQnTH/g/Mb8DMtaG/C2vDwpxb4ODr2EZMX6mcVsPeqPlKTFkemx/shuoUj
54w4KhziedWd/k9XugqODs63lfwnzP/aKj6kxX/0I0fxogdysQnIWn/Aws9KCXSD
ePBO7xNjY/xrOrfTfbrOSQy/oLPRkuvPF3YdZdT9pAV91+dQ1pCFLtbALWqRuYcb
CdhIzKvx4OBupBT9S9T211kHnyHpHQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDUQ
jQfXFxNtgJc3WKrxjU29RGBCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OUUyMjFFRUNDOUMxMUVGQTAwNUZBQUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONsMA0GCSqGSIb3DQEBCwUA
A4IBAQAlhn2GPtQTPA44Z31Zpy97NRNlCsK6CAvPDq/AXAWbM56qDkcqbtcBPETB
JrfUw2B2BrlFwgWdE2ajN3iYRcndCiLdhbNUSZlcm6r5ZfSLXheV9c9T92S+orVk
gFsR+0MtDZBwQsb6Dy1vgmLxgd4VtlzIv99uaO3FmrpCZku2TmRhPe+A7bNWOCOH
VTm+cHoHQ2AawtoxhSdqaNrmdLh8yNMLtnUGKZDbo6IJ/8woIeS0Tj8ypQN1HAQF
Xb6zcI28wqWVPAxTkcfB3w0V0TB08LbK65RqkqBy3Sy/wsoGhdOnFinzdZ4cGu5L
cMZsW8o5x6+aGvtR0yfN1cRfY6qK
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:11 2025 by rpki-client