Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BC463F6C34A11EF95596E78762E951A.roa
File: 9BC463F6C34A11EF95596E78762E951A.roa (raw, json)
Hash identifier: VN3Hl2aoqv/T16SB6bk6PbBiIq9ZmfsOEkAk15ZCYRI=
Subject key identifier: C6:E7:89:48:57:9B:89:18:25:DB:B8:F4:FE:B6:87:27:2D:0D:F0:D6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC39
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BC463F6C34A11EF95596E78762E951A.roa
Signing time: Thu 26 Dec 2024 05:31:08 +0000
ROA not before: Thu 26 Dec 2024 05:31:04 +0000
ROA not after: Wed 10 Dec 2025 05:31:04 +0000
asID: 984
IP address blocks: 156.245.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60473 (0xec39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:31:04 2024 GMT
Not After : Dec 10 05:31:04 2025 GMT
Subject: CN=676cea1c-8794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:99:2b:a2:02:c1:e7:18:63:ab:34:0b:24:89:
d2:d8:87:b8:49:79:63:f6:00:e7:6c:03:0a:6c:e0:
9d:7b:b0:02:fd:48:b5:01:33:0d:82:c0:a1:6c:a7:
4d:3f:81:fd:e3:ce:9e:ff:69:60:0a:84:d1:8d:1b:
07:bd:42:5e:53:d5:fd:a3:f2:38:68:0a:92:12:2e:
a0:df:8e:7f:7a:cb:58:7a:b3:d4:59:b4:a3:84:8b:
a3:f8:c6:b7:d6:40:9f:df:41:fa:5c:2a:e8:81:0d:
ef:41:38:02:23:28:bb:ce:e7:ae:82:fb:f5:83:e9:
d6:c6:10:10:74:e5:21:a4:cd:53:4c:e4:32:89:fa:
90:de:1e:5c:6c:fb:ba:7d:53:eb:99:e4:69:a8:6b:
0c:18:79:d7:35:6c:ae:48:88:35:12:05:5a:6d:1a:
c3:71:42:eb:9f:52:bd:be:07:c1:f5:5e:c5:29:c8:
7c:3c:fd:ad:6f:13:75:cb:a5:62:8b:43:bd:37:6e:
42:10:43:92:0c:46:d4:6d:00:d6:9a:12:69:9d:39:
f2:b6:ce:ab:91:28:79:b4:b1:9c:84:f0:38:0c:7f:
4f:b2:3a:6c:89:b7:da:0f:f7:66:a1:87:e7:e3:c6:
33:e1:4d:3a:d4:54:a3:30:35:c1:90:8f:bf:8d:da:
17:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E7:89:48:57:9B:89:18:25:DB:B8:F4:FE:B6:87:27:2D:0D:F0:D6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9BC463F6C34A11EF95596E78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.219.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ae:e6:4c:a9:8a:25:f3:cd:7f:87:20:91:fc:a3:2e:4e:9b:
70:f1:0a:c3:ff:71:7a:fb:3b:64:17:68:8a:3f:24:5f:d4:17:
2e:c0:2c:fc:8f:68:72:77:00:40:ca:6e:85:6b:45:ed:da:32:
16:f0:18:7a:1a:95:e0:73:aa:60:f6:ff:dd:01:8b:09:d5:a7:
80:45:20:ac:bc:8a:4e:d7:e7:c4:bd:30:b0:56:8c:ac:ec:d2:
5c:10:d7:f2:05:5e:74:c4:67:0f:d4:5f:79:98:25:7e:87:93:
fc:75:a5:68:d4:1e:19:c1:9f:78:2f:b6:f8:20:87:de:4d:63:
40:65:bf:dc:aa:fe:0a:f3:28:0c:8e:5e:12:14:fd:67:74:fe:
cd:7f:af:1f:bf:3d:6e:36:03:44:7c:13:74:1c:ef:62:ac:a6:
2b:32:da:9c:18:d7:11:d8:b7:39:5c:e4:96:3a:78:43:c2:0a:
07:ea:eb:e4:99:37:a1:33:dd:28:e3:f6:3d:56:35:df:ca:8c:
d7:6e:d4:07:8e:7b:c8:8c:75:52:97:55:21:2f:b0:0b:87:59:
22:93:e3:4a:4f:69:f4:85:f6:c0:41:94:6c:8c:73:95:7c:d1:
bb:bc:b5:78:49:94:1e:2d:74:c7:ab:09:8c:41:97:51:53:d1:
2b:65:88:4b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOw5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUzMTA0WhcNMjUxMjEwMDUzMTA0WjAYMRYw
FAYDVQQDEw02NzZjZWExYy04Nzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwZkrogLB5xhjqzQLJInS2Ie4SXlj9gDnbAMKbOCde7AC/Ui1ATMNgsCh
bKdNP4H9486e/2lgCoTRjRsHvUJeU9X9o/I4aAqSEi6g345/estYerPUWbSjhIuj
+Ma31kCf30H6XCrogQ3vQTgCIyi7zueugvv1g+nWxhAQdOUhpM1TTOQyifqQ3h5c
bPu6fVPrmeRpqGsMGHnXNWyuSIg1EgVabRrDcULrn1K9vgfB9V7FKch8PP2tbxN1
y6Vii0O9N25CEEOSDEbUbQDWmhJpnTnyts6rkSh5tLGchPA4DH9PsjpsibfaD/dm
oYfn48Yz4U061FSjMDXBkI+/jdoXpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMbn
iUhXm4kYJdu49P62hyctDfDWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QkM0NjNGNkMzNEExMUVGOTU1OTZFNzg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPXbMA0GCSqGSIb3DQEBCwUA
A4IBAQATruZMqYol881/hyCR/KMuTptw8QrD/3F6+ztkF2iKPyRf1BcuwCz8j2hy
dwBAym6Fa0Xt2jIW8Bh6GpXgc6pg9v/dAYsJ1aeARSCsvIpO1+fEvTCwVoys7NJc
ENfyBV50xGcP1F95mCV+h5P8daVo1B4ZwZ94L7b4IIfeTWNAZb/cqv4K8ygMjl4S
FP1ndP7Nf68fvz1uNgNEfBN0HO9irKYrMtqcGNcR2Lc5XOSWOnhDwgoH6uvkmTeh
M90o4/Y9VjXfyozXbtQHjnvIjHVSl1UhL7ALh1kik+NKT2n0hfbAQZRsjHOVfNG7
vLV4SZQeLXTHqwmMQZdRU9ErZYhL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:56 2025 by rpki-client