Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D889F4ACD4A11EF8ADDEE7D762E951A.roa
File: 9D889F4ACD4A11EF8ADDEE7D762E951A.roa (raw, json)
Hash identifier: AshP5nTP1Lg4O4IdG7OwOzBwS7Si1Mv4jpVzaut/v0Y=
Subject key identifier: EA:2E:91:69:45:BB:A1:7D:91:F7:FF:11:EE:F9:BA:65:8D:A4:55:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEBB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D889F4ACD4A11EF8ADDEE7D762E951A.roa
Signing time: Tue 07 Jan 2025 22:56:23 +0000
ROA not before: Tue 07 Jan 2025 22:56:19 +0000
ROA not after: Mon 13 Dec 2027 22:56:19 +0000
asID: 17561
IP address blocks: 156.246.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65211 (0xfebb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:56:19 2025 GMT
Not After : Dec 13 22:56:19 2027 GMT
Subject: CN=677db116-5503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c7:ce:76:0a:3c:45:c4:dd:f9:76:c6:0d:48:
ef:a4:4c:ed:a3:10:26:68:d4:e6:98:2c:ff:2e:fc:
b5:fa:f5:d3:8d:8c:28:b4:5d:23:7a:b5:3d:b2:43:
03:fd:02:e8:d1:db:98:dd:23:65:04:8d:91:62:e3:
e2:96:fe:97:ce:ea:c3:07:b2:72:0c:fe:3c:32:ca:
31:88:4a:e7:50:28:f9:df:b9:04:83:34:98:2f:41:
39:7d:6c:60:d2:cb:77:b9:f6:27:20:b5:3d:64:86:
51:f8:58:04:ce:01:7b:b3:34:12:a2:00:c3:34:9f:
69:59:41:7b:67:42:94:9f:70:29:da:49:28:b4:f9:
96:34:2f:bf:58:af:0e:36:1d:7a:09:61:ef:7d:10:
5d:91:bf:15:51:73:df:24:03:2b:6a:ec:10:b0:02:
05:30:f2:5d:f6:28:93:e4:34:6c:fd:4c:f2:02:97:
be:39:f5:fa:ec:95:9a:2d:f7:d5:f9:8b:95:a8:89:
d6:83:22:26:f4:37:57:d6:09:90:0b:c3:15:7d:20:
f4:6e:28:33:e2:d5:a5:26:a9:f7:eb:5d:b5:8f:e3:
97:77:e7:a2:d4:1d:cc:0f:5a:4d:58:cc:6f:0b:34:
15:79:db:3c:4a:52:72:66:ac:bd:10:b5:37:7b:60:
d9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:2E:91:69:45:BB:A1:7D:91:F7:FF:11:EE:F9:BA:65:8D:A4:55:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D889F4ACD4A11EF8ADDEE7D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.89.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ec:c6:e3:c8:b7:ac:a8:9a:6a:97:53:31:ac:78:c5:46:42:
4f:85:0c:13:0e:f2:43:d2:ef:a8:26:f2:11:aa:87:49:d0:98:
d7:fa:3f:79:59:ba:cb:21:bb:fc:5f:9e:10:fc:b5:eb:af:e0:
95:c2:2d:07:fd:73:8c:9a:83:65:69:8e:eb:48:56:d8:3d:ab:
11:e5:a5:23:2c:95:4c:ae:2b:76:aa:94:d3:21:0b:e3:1f:45:
0d:cf:29:99:90:db:27:52:5b:9d:31:ac:f2:bb:9a:e8:f2:4f:
a7:31:9d:ab:2c:cf:d9:c2:25:75:5c:db:93:3d:5e:78:ab:4f:
bd:d3:9d:22:6a:06:a7:d4:30:94:cf:46:1d:c8:37:9b:db:42:
5b:7c:41:db:35:1c:ef:f0:0e:d8:69:4b:b7:2f:8a:3e:58:ee:
ee:d4:12:25:6f:03:0a:3d:fc:3f:78:0e:1d:89:3e:95:09:3d:
a9:0d:5d:be:6b:70:0e:e3:cc:99:ab:39:b5:10:49:a9:da:db:
da:b0:67:fd:ca:38:d6:b2:75:dd:fb:f8:78:ae:9b:51:95:d3:
ac:a4:14:b2:73:88:63:87:a6:68:25:11:8a:43:32:1a:61:62:
9f:6f:c5:14:59:e8:13:e5:f8:37:74:2d:1a:df:e1:a6:47:f9:
58:ba:2e:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP67MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjI1NjE5WhcNMjcxMjEzMjI1NjE5WjAYMRYw
FAYDVQQDEw02NzdkYjExNi01NTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6cfOdgo8RcTd+XbGDUjvpEztoxAmaNTmmCz/Lvy1+vXTjYwotF0jerU9
skMD/QLo0duY3SNlBI2RYuPilv6XzurDB7JyDP48MsoxiErnUCj537kEgzSYL0E5
fWxg0st3ufYnILU9ZIZR+FgEzgF7szQSogDDNJ9pWUF7Z0KUn3Ap2kkotPmWNC+/
WK8ONh16CWHvfRBdkb8VUXPfJAMrauwQsAIFMPJd9iiT5DRs/UzyApe+OfX67JWa
LffV+YuVqInWgyIm9DdX1gmQC8MVfSD0bigz4tWlJqn36121j+OXd+ei1B3MD1pN
WMxvCzQVeds8SlJyZqy9ELU3e2DZ8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOou
kWlFu6F9kff/Ee75umWNpFUOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RDg4OUY0QUNENEExMUVGOEFEREVFN0Q3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPZZMA0GCSqGSIb3DQEBCwUA
A4IBAQBW7MbjyLesqJpql1MxrHjFRkJPhQwTDvJD0u+oJvIRqodJ0JjX+j95WbrL
Ibv8X54Q/LXrr+CVwi0H/XOMmoNlaY7rSFbYPasR5aUjLJVMrit2qpTTIQvjH0UN
zymZkNsnUludMazyu5ro8k+nMZ2rLM/ZwiV1XNuTPV54q0+9050iagan1DCUz0Yd
yDeb20JbfEHbNRzv8A7YaUu3L4o+WO7u1BIlbwMKPfw/eA4diT6VCT2pDV2+a3AO
48yZqzm1EEmp2tvasGf9yjjWsnXd+/h4rptRldOspBSyc4hjh6ZoJRGKQzIaYWKf
b8UUWegT5fg3dC0a3+GmR/lYui6S
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:05 2025 by rpki-client