Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9AD5A08ACCCE11EF9AA85C71762E951A.roa
File: 9AD5A08ACCCE11EF9AA85C71762E951A.roa (raw, json)
Hash identifier: Q92k2wLFLp+Bshxe4kBqfrSBhhCx/GwAcOuP25F8Uao=
Subject key identifier: 9F:B8:A1:06:D9:C9:9F:FC:5A:66:93:C5:D2:32:6A:53:EE:42:68:00
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAA0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9AD5A08ACCCE11EF9AA85C71762E951A.roa
Signing time: Tue 07 Jan 2025 08:08:41 +0000
ROA not before: Tue 07 Jan 2025 08:08:37 +0000
ROA not after: Sat 13 Dec 2025 08:08:37 +0000
asID: 984
IP address blocks: 156.233.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64160 (0xfaa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:08:37 2025 GMT
Not After : Dec 13 08:08:37 2025 GMT
Subject: CN=677ce108-ca7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2b:b6:06:d5:b7:77:9d:e5:ec:cf:fc:13:57:
05:9d:f7:d3:86:a5:1d:78:d9:4b:07:ec:c6:1c:49:
67:5d:87:48:ea:31:03:ee:bb:ca:20:ea:e9:73:1b:
2f:5d:20:02:6d:3e:ed:1f:2c:f7:23:a8:2c:ea:5c:
73:0d:71:6a:c0:c7:f3:7d:6e:53:9e:9b:91:64:18:
6c:49:83:5e:f4:d8:ca:82:7c:a1:d3:87:f2:31:27:
87:4f:07:90:c1:83:88:2c:e4:07:e0:1a:74:14:c2:
32:2a:b0:34:ab:15:92:27:d3:cf:1a:79:6f:81:9d:
e4:f5:d2:0c:8c:ae:6d:18:ff:03:a5:27:32:96:94:
6e:4d:0c:b5:65:e4:d5:1d:6a:56:83:b7:c2:f1:4a:
21:a3:86:b6:f0:cd:c3:e8:5e:24:76:71:4a:a8:d6:
d1:ba:f7:13:f5:76:20:fe:bd:09:5b:9f:90:53:c8:
a4:30:8a:1f:41:47:5d:2d:bf:6c:2a:d5:a2:3f:76:
13:9a:6e:4a:80:38:49:b3:d5:2a:70:0a:e8:b8:98:
87:6c:b7:81:25:c0:84:f1:54:db:b8:d6:45:ab:d7:
d5:19:7c:9e:59:7b:69:89:bf:9d:9c:71:fc:fe:81:
35:ea:84:dd:75:9f:f3:e0:38:93:af:fd:5d:47:76:
60:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B8:A1:06:D9:C9:9F:FC:5A:66:93:C5:D2:32:6A:53:EE:42:68:00
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9AD5A08ACCCE11EF9AA85C71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.139.0/24
Signature Algorithm: sha256WithRSAEncryption
10:85:68:e0:e1:bc:7d:f8:32:d7:21:fe:e7:88:1c:86:9f:97:
97:4c:ab:07:79:52:09:7a:22:24:c3:a0:f0:f5:3e:49:c3:15:
28:7e:c7:03:46:59:35:9d:8c:91:20:3a:a6:0c:ff:7e:e3:37:
a6:c2:82:b7:cc:49:b0:d0:13:41:3c:30:6c:35:0f:2b:98:0a:
b0:bc:d7:47:35:a5:a0:6f:a4:a3:27:36:20:75:32:06:76:68:
30:3a:90:7e:a8:f2:7b:9b:90:66:03:3b:58:48:ca:21:5a:94:
1d:f6:98:ad:32:e8:9f:7c:45:01:d7:8c:e1:fe:b4:80:fe:20:
e5:70:c2:eb:66:14:56:21:87:a3:e0:44:37:fa:1f:eb:51:11:
35:43:6b:cd:7d:06:f0:4b:36:c1:88:1d:81:60:de:b2:5f:ba:
d3:81:9f:7d:05:5d:c6:57:ba:26:1f:66:f0:d7:a3:4d:29:9e:
a1:28:ea:b2:1c:0b:56:ea:0c:00:e8:49:11:23:5b:db:a9:4c:
02:cf:7b:e9:95:94:48:1d:c9:8c:d1:4b:83:74:98:8e:45:4d:
65:4b:26:3c:fb:7c:6d:26:c8:85:69:f2:6b:4d:97:7e:bd:90:
09:3a:0e:2b:1e:f9:19:6f:f7:3a:00:c8:f7:a4:13:76:44:26:
dd:a6:bc:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPqgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgwODM3WhcNMjUxMjEzMDgwODM3WjAYMRYw
FAYDVQQDEw02NzdjZTEwOC1jYTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAziu2BtW3d53l7M/8E1cFnffThqUdeNlLB+zGHElnXYdI6jED7rvKIOrp
cxsvXSACbT7tHyz3I6gs6lxzDXFqwMfzfW5TnpuRZBhsSYNe9NjKgnyh04fyMSeH
TweQwYOILOQH4Bp0FMIyKrA0qxWSJ9PPGnlvgZ3k9dIMjK5tGP8DpScylpRuTQy1
ZeTVHWpWg7fC8Uoho4a28M3D6F4kdnFKqNbRuvcT9XYg/r0JW5+QU8ikMIofQUdd
Lb9sKtWiP3YTmm5KgDhJs9UqcArouJiHbLeBJcCE8VTbuNZFq9fVGXyeWXtpib+d
nHH8/oE16oTddZ/z4DiTr/1dR3ZguQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ+4
oQbZyZ/8WmaTxdIyalPuQmgAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QUQ1QTA4QUNDQ0UxMUVGOUFBODVDNzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmLMA0GCSqGSIb3DQEBCwUA
A4IBAQAQhWjg4bx9+DLXIf7niByGn5eXTKsHeVIJeiIkw6Dw9T5JwxUofscDRlk1
nYyRIDqmDP9+4zemwoK3zEmw0BNBPDBsNQ8rmAqwvNdHNaWgb6SjJzYgdTIGdmgw
OpB+qPJ7m5BmAztYSMohWpQd9pitMuiffEUB14zh/rSA/iDlcMLrZhRWIYej4EQ3
+h/rURE1Q2vNfQbwSzbBiB2BYN6yX7rTgZ99BV3GV7omH2bw16NNKZ6hKOqyHAtW
6gwA6EkRI1vbqUwCz3vplZRIHcmM0UuDdJiORU1lSyY8+3xtJsiFafJrTZd+vZAJ
Og4rHvkZb/c6AMj3pBN2RCbdpryr
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:32 2025 by rpki-client