Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D625D68C33011EFB593D14D762E951A.roa
File: 9D625D68C33011EFB593D14D762E951A.roa (raw, json)
Hash identifier: SR6Ia8fakt+0PLSJDbbmsRtSIPe7cbx4jBFp09ZvHsE=
Subject key identifier: B5:94:BA:94:C7:18:0D:AA:C6:ED:8C:32:C9:32:50:38:6E:00:EA:C8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB09
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D625D68C33011EFB593D14D762E951A.roa
Signing time: Thu 26 Dec 2024 02:25:04 +0000
ROA not before: Thu 26 Dec 2024 02:25:00 +0000
ROA not after: Wed 10 Dec 2025 02:25:00 +0000
asID: 984
IP address blocks: 156.243.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60169 (0xeb09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:25:00 2024 GMT
Not After : Dec 10 02:25:00 2025 GMT
Subject: CN=676cbe80-8d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:65:ed:0d:ee:8d:f2:cd:33:bd:0a:a3:4b:c5:
b5:c9:5e:4c:a1:f8:df:a2:26:e7:16:84:1d:5c:34:
df:7c:aa:74:7c:74:9b:d9:15:5f:08:1b:dc:3d:c8:
7b:93:b3:6d:83:8c:40:7d:03:80:07:45:e5:ac:1c:
7c:b4:83:f4:a5:85:22:37:33:0f:16:42:74:5d:e3:
62:b7:e1:1d:1e:14:46:da:fd:fb:fa:68:68:b0:44:
3c:7f:9e:aa:e8:f8:6b:38:b7:5b:1b:ca:fc:3d:89:
e1:1d:2d:8d:f4:00:17:a0:67:ec:ab:ea:f9:96:f8:
47:03:b6:44:4e:f4:87:97:c2:8a:3b:cc:dc:47:42:
cf:18:ef:c6:23:f5:6d:d6:e0:57:a1:57:9b:c5:5c:
cc:82:c7:9c:2f:c4:2a:5d:28:eb:9b:63:79:42:fe:
f3:d8:92:8c:fd:3e:d8:58:c1:4f:21:b1:ec:a0:59:
d5:a2:01:0a:25:7c:91:45:1a:bf:a4:e1:dd:92:a4:
03:d0:32:69:c1:28:7d:f9:0a:29:7e:13:39:dc:1f:
b3:e8:74:c0:c7:b8:8d:44:29:a8:b9:d0:4a:60:13:
1f:ae:44:f3:c1:46:4f:d7:87:e1:b6:e6:f6:93:d2:
b1:ea:36:dc:a1:22:2a:43:4a:b9:98:6e:58:e2:0d:
42:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:94:BA:94:C7:18:0D:AA:C6:ED:8C:32:C9:32:50:38:6E:00:EA:C8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D625D68C33011EFB593D14D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.242.0/24
Signature Algorithm: sha256WithRSAEncryption
86:4d:49:52:76:80:8d:16:1b:2f:9c:ac:7a:1d:46:1c:89:af:
44:ee:57:c7:1d:12:2c:f9:ea:49:6a:52:9b:70:4d:0c:5a:13:
f9:e4:f0:26:ca:b5:4f:70:ab:58:d3:6a:d5:20:b0:5e:a5:fe:
1f:28:23:8b:4f:42:7a:c7:e1:38:5a:31:7b:aa:ca:5d:68:4c:
bf:34:bf:e5:ee:2e:5c:b9:32:78:26:05:91:1c:2a:59:0c:56:
49:0b:46:2c:ef:c7:a0:16:d7:a6:9b:02:f2:9f:a6:cf:ec:19:
b2:a2:85:48:cf:84:3f:84:39:5c:f1:dc:b7:83:10:d3:67:b8:
74:a4:a9:cb:25:e8:52:19:6a:24:58:da:16:74:f8:1c:f7:83:
a5:6a:40:ec:f9:9e:02:e4:eb:1e:f5:16:e5:b1:d6:ee:d1:99:
84:96:7e:62:31:38:72:2f:2a:32:5e:3f:8f:29:e1:9d:51:74:
93:0b:38:53:15:3b:2f:d3:9c:69:f6:74:52:fe:ec:ca:35:bc:
3f:a0:73:64:6c:1e:07:b5:32:76:86:e0:6d:98:1c:da:de:30:
a5:9b:ae:98:29:fd:92:3e:fc:6f:52:b9:09:98:98:e3:44:a7:
df:02:79:62:55:31:ed:93:83:8c:cc:c9:d7:8a:6e:24:f0:67:
fc:6a:0a:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOsJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIyNTAwWhcNMjUxMjEwMDIyNTAwWjAYMRYw
FAYDVQQDEw02NzZjYmU4MC04ZDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA22XtDe6N8s0zvQqjS8W1yV5MofjfoibnFoQdXDTffKp0fHSb2RVfCBvc
Pch7k7Ntg4xAfQOAB0XlrBx8tIP0pYUiNzMPFkJ0XeNit+EdHhRG2v37+mhosEQ8
f56q6PhrOLdbG8r8PYnhHS2N9AAXoGfsq+r5lvhHA7ZETvSHl8KKO8zcR0LPGO/G
I/Vt1uBXoVebxVzMgsecL8QqXSjrm2N5Qv7z2JKM/T7YWMFPIbHsoFnVogEKJXyR
RRq/pOHdkqQD0DJpwSh9+QopfhM53B+z6HTAx7iNRCmoudBKYBMfrkTzwUZP14fh
tub2k9Kx6jbcoSIqQ0q5mG5Y4g1CpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLWU
upTHGA2qxu2MMskyUDhuAOrIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RDYyNUQ2OEMzMzAxMUVGQjU5M0QxNEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPyMA0GCSqGSIb3DQEBCwUA
A4IBAQCGTUlSdoCNFhsvnKx6HUYcia9E7lfHHRIs+epJalKbcE0MWhP55PAmyrVP
cKtY02rVILBepf4fKCOLT0J6x+E4WjF7qspdaEy/NL/l7i5cuTJ4JgWRHCpZDFZJ
C0Ys78egFtemmwLyn6bP7BmyooVIz4Q/hDlc8dy3gxDTZ7h0pKnLJehSGWokWNoW
dPgc94OlakDs+Z4C5Ose9Rblsdbu0ZmEln5iMThyLyoyXj+PKeGdUXSTCzhTFTsv
05xp9nRS/uzKNbw/oHNkbB4HtTJ2huBtmBza3jClm66YKf2SPvxvUrkJmJjjRKff
AnliVTHtk4OMzMnXim4k8Gf8ago0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:48 2025 by rpki-client