Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9A0CE24ECDA011EFB3BCC0B1762E951A.roa
File: 9A0CE24ECDA011EFB3BCC0B1762E951A.roa (raw, json)
Hash identifier: 6NCiwAaMXMYgNh9siFhIX8vAKIjQQzxdRxJ4hCZFaVc=
Subject key identifier: 98:16:2C:6A:CB:CB:E7:88:B6:10:0F:79:74:CB:B7:9F:6A:B2:A7:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100D4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9A0CE24ECDA011EFB3BCC0B1762E951A.roa
Signing time: Wed 08 Jan 2025 09:11:54 +0000
ROA not before: Wed 08 Jan 2025 09:11:50 +0000
ROA not after: Sat 13 Dec 2025 09:11:50 +0000
asID: 984
IP address blocks: 156.253.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65748 (0x100d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:11:50 2025 GMT
Not After : Dec 13 09:11:50 2025 GMT
Subject: CN=677e4159-8b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:40:71:c4:4b:2d:21:f0:08:be:72:1f:86:88:
09:94:36:41:9d:1e:f2:8f:1f:7a:51:55:70:ed:b1:
81:42:15:6f:34:ae:bc:a9:e7:eb:2a:ca:17:eb:a2:
36:9e:a9:a1:ab:26:24:0b:af:a9:f0:6b:07:f9:b8:
0b:25:f4:9a:83:41:76:18:9c:51:76:0e:fd:6e:66:
ef:38:86:6c:f0:fb:9b:82:7f:7a:2d:52:f8:59:82:
2c:1b:2b:63:06:a5:3f:3f:05:fd:9b:0e:f9:f5:c8:
90:c8:ab:5f:51:7d:07:ed:db:30:69:4a:5d:58:d6:
68:c6:76:b2:51:0b:d3:db:c3:8b:2d:2f:ab:d1:26:
07:44:1c:58:ca:8f:e6:1d:a0:01:24:ac:87:b7:85:
50:f3:2d:c0:5c:b7:b9:92:2b:82:53:89:b7:d5:79:
01:19:9d:a8:8f:63:c1:36:c5:38:7a:47:80:f4:f9:
4b:b5:d2:e5:db:31:57:86:48:e1:1c:d5:c0:c3:83:
42:8a:5b:95:c5:5e:a7:d4:2d:51:57:02:6b:d0:5e:
d0:66:f3:d7:d7:db:ac:44:a1:1d:08:e6:ae:b9:7c:
b7:7d:f1:17:69:e2:dc:83:b7:f2:db:c9:d9:32:c4:
24:7c:88:a0:b3:e2:3b:07:6b:30:43:d5:ff:0a:ae:
d1:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:16:2C:6A:CB:CB:E7:88:B6:10:0F:79:74:CB:B7:9F:6A:B2:A7:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9A0CE24ECDA011EFB3BCC0B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.38.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:83:de:59:e1:d2:f2:a3:ee:58:bb:4c:c9:71:c9:42:d3:ed:
2d:10:f9:47:30:a1:54:5f:89:8f:bc:a3:0d:b2:3a:c3:f9:90:
fc:90:96:14:1b:81:fb:01:6a:a2:20:69:e0:2d:2b:f1:07:14:
9d:f9:47:4f:9b:c4:99:d9:a6:6a:91:61:7b:a0:6a:dd:f7:19:
bd:31:81:03:40:01:19:2f:2b:df:03:03:d1:96:1f:35:79:d3:
d9:70:90:8d:31:cc:21:19:66:bc:ee:45:77:19:47:fe:49:ce:
c8:88:2c:99:d1:33:ac:12:da:75:61:6b:3b:b5:d0:02:7c:01:
da:90:a2:8e:bb:81:03:fc:63:7a:71:20:a4:21:d5:d6:53:f8:
e5:4f:78:db:3c:f2:36:2e:c8:1d:9e:e0:12:21:85:67:77:24:
f1:1f:d5:c8:86:52:06:ab:66:b5:85:47:10:5a:3b:19:92:f9:
ca:6c:94:e5:42:1e:c2:75:fd:29:b5:01:6a:23:d0:b3:f8:07:
40:9b:fb:4b:f3:08:84:27:52:5f:c9:8b:24:59:5a:55:9f:e2:
0d:c5:8a:62:62:7a:e9:0c:98:55:ea:69:9d:83:e9:d4:08:7f:
eb:27:ea:48:43:30:f6:4d:20:fe:cd:60:ce:6e:c2:eb:81:32:
e2:b3:fd:3f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQDUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkxMTUwWhcNMjUxMjEzMDkxMTUwWjAYMRYw
FAYDVQQDEw02NzdlNDE1OS04YjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsEBxxEstIfAIvnIfhogJlDZBnR7yjx96UVVw7bGBQhVvNK68qefrKsoX
66I2nqmhqyYkC6+p8GsH+bgLJfSag0F2GJxRdg79bmbvOIZs8Pubgn96LVL4WYIs
GytjBqU/PwX9mw759ciQyKtfUX0H7dswaUpdWNZoxnayUQvT28OLLS+r0SYHRBxY
yo/mHaABJKyHt4VQ8y3AXLe5kiuCU4m31XkBGZ2oj2PBNsU4ekeA9PlLtdLl2zFX
hkjhHNXAw4NCiluVxV6n1C1RVwJr0F7QZvPX19usRKEdCOauuXy3ffEXaeLcg7fy
28nZMsQkfIigs+I7B2swQ9X/Cq7RVQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJgW
LGrLy+eIthAPeXTLt59qsqfeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QTBDRTI0RUNEQTAxMUVGQjNCQ0MwQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP0mMA0GCSqGSIb3DQEBCwUA
A4IBAQA+g95Z4dLyo+5Yu0zJcclC0+0tEPlHMKFUX4mPvKMNsjrD+ZD8kJYUG4H7
AWqiIGngLSvxBxSd+UdPm8SZ2aZqkWF7oGrd9xm9MYEDQAEZLyvfAwPRlh81edPZ
cJCNMcwhGWa87kV3GUf+Sc7IiCyZ0TOsEtp1YWs7tdACfAHakKKOu4ED/GN6cSCk
IdXWU/jlT3jbPPI2LsgdnuASIYVndyTxH9XIhlIGq2a1hUcQWjsZkvnKbJTlQh7C
df0ptQFqI9Cz+AdAm/tL8wiEJ1JfyYskWVpVn+INxYpiYnrpDJhV6mmdg+nUCH/r
J+pIQzD2TSD+zWDObsLrgTLis/0/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:27 2025 by rpki-client