Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F03FE9EC95A11EF82AF2377762E951A.roa
File: 9F03FE9EC95A11EF82AF2377762E951A.roa (raw, json)
Hash identifier: tLdgNpXn3ihR19oo30exqEDdGp8sOo+7vMx9YorzKRo=
Subject key identifier: 0F:DE:BD:15:98:9C:23:D6:8F:DF:E3:FD:F4:9E:B6:B8:AA:4F:D7:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F422
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F03FE9EC95A11EF82AF2377762E951A.roa
Signing time: Thu 02 Jan 2025 22:40:52 +0000
ROA not before: Thu 02 Jan 2025 22:40:49 +0000
ROA not after: Sat 13 Dec 2025 22:40:49 +0000
asID: 984
IP address blocks: 156.226.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62498 (0xf422)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:40:49 2025 GMT
Not After : Dec 13 22:40:49 2025 GMT
Subject: CN=677715f4-7752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a6:3d:b8:b6:33:f7:bd:3b:a4:0a:b5:a0:f3:
94:67:69:0d:8b:99:c7:2f:c5:74:f6:b0:9e:ff:a8:
64:46:bb:0e:62:fc:9c:31:3e:5d:f6:65:57:23:06:
1a:51:64:e1:0e:c0:ac:98:25:43:7b:36:cd:80:cb:
95:12:7e:ba:5d:09:dd:15:ed:ad:dd:9b:71:40:ec:
dc:8f:3e:93:20:ec:91:39:b8:bc:67:c3:0e:01:dc:
7c:af:a8:51:b0:53:ce:2c:5c:d5:01:50:8a:e1:c4:
de:d9:82:aa:da:1a:0e:a1:be:1e:47:4d:6a:53:87:
64:5a:2e:25:6d:00:8f:96:fb:49:78:8a:99:29:6c:
b6:e9:57:bb:c9:62:a9:69:28:4f:e2:5c:84:aa:d7:
7f:fc:90:4e:59:1f:b8:d8:1f:c6:2f:16:19:c2:bb:
29:9d:14:09:d6:3f:9a:ea:37:16:a4:7d:0d:e5:6c:
fe:d4:46:49:9c:44:bd:fc:b6:7d:50:3b:9d:06:8c:
81:60:db:77:61:21:a3:e0:3f:2b:12:ba:77:52:49:
85:31:eb:d4:11:85:1d:00:8a:2c:ad:95:ec:0a:89:
76:30:19:45:bd:6a:fe:49:e4:66:8f:79:67:58:93:
69:2d:43:35:67:f4:ca:de:44:05:73:62:b7:11:e3:
51:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:DE:BD:15:98:9C:23:D6:8F:DF:E3:FD:F4:9E:B6:B8:AA:4F:D7:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F03FE9EC95A11EF82AF2377762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.194.0/24
Signature Algorithm: sha256WithRSAEncryption
26:f3:7a:d1:10:06:07:13:9b:f5:9b:d2:05:70:74:1c:7e:bd:
d9:f9:d3:e6:df:5a:98:16:95:b8:fb:45:2e:0d:1a:0c:c6:6e:
36:4e:5e:9d:b9:da:e3:a4:da:06:69:15:e3:eb:75:45:d4:ba:
74:69:5e:9f:08:f5:85:ec:1e:b2:e2:83:95:77:05:8c:2f:ca:
a5:74:a2:65:de:c2:39:ec:74:1f:34:dd:bc:4b:24:94:a5:22:
c3:eb:c6:f9:58:7e:f0:a1:25:61:3b:08:7e:6e:ca:b1:05:8c:
77:d9:d0:f2:e3:b5:93:03:39:eb:34:9b:63:90:a5:bc:cb:77:
6e:b7:74:bd:dd:b8:bc:17:03:23:0f:be:06:06:bb:bb:7e:8b:
2e:ca:71:32:98:12:21:28:58:6a:68:f5:f8:7b:8d:e9:b5:54:
44:17:63:d4:6d:07:ee:4e:3f:16:4e:ad:46:01:23:11:45:45:
fb:97:57:be:db:99:2a:a3:b1:1a:38:82:77:48:e1:10:f8:18:
30:b2:8e:2f:e5:c1:08:34:ee:f4:62:10:66:16:15:15:78:cc:
01:33:68:f3:20:e4:40:60:7d:39:c0:b5:56:63:cf:0a:1b:6a:
b3:3d:a2:5c:e1:80:67:91:c8:eb:ed:45:fd:43:f7:49:90:c3:
83:38:6e:d2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPQiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjI0MDQ5WhcNMjUxMjEzMjI0MDQ5WjAYMRYw
FAYDVQQDEw02Nzc3MTVmNC03NzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4KY9uLYz9707pAq1oPOUZ2kNi5nHL8V09rCe/6hkRrsOYvycMT5d9mVX
IwYaUWThDsCsmCVDezbNgMuVEn66XQndFe2t3ZtxQOzcjz6TIOyRObi8Z8MOAdx8
r6hRsFPOLFzVAVCK4cTe2YKq2hoOob4eR01qU4dkWi4lbQCPlvtJeIqZKWy26Ve7
yWKpaShP4lyEqtd//JBOWR+42B/GLxYZwrspnRQJ1j+a6jcWpH0N5Wz+1EZJnES9
/LZ9UDudBoyBYNt3YSGj4D8rErp3UkmFMevUEYUdAIosrZXsCol2MBlFvWr+SeRm
j3lnWJNpLUM1Z/TK3kQFc2K3EeNROwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA/e
vRWYnCPWj9/j/fSetriqT9dFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RjAzRkU5RUM5NUExMUVGODJBRjIzNzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLCMA0GCSqGSIb3DQEBCwUA
A4IBAQAm83rREAYHE5v1m9IFcHQcfr3Z+dPm31qYFpW4+0UuDRoMxm42Tl6dudrj
pNoGaRXj63VF1Lp0aV6fCPWF7B6y4oOVdwWML8qldKJl3sI57HQfNN28SySUpSLD
68b5WH7woSVhOwh+bsqxBYx32dDy47WTAznrNJtjkKW8y3dut3S93bi8FwMjD74G
Bru7fosuynEymBIhKFhqaPX4e43ptVREF2PUbQfuTj8WTq1GASMRRUX7l1e+25kq
o7EaOIJ3SOEQ+Bgwso4v5cEINO70YhBmFhUVeMwBM2jzIORAYH05wLVWY88KG2qz
PaJc4YBnkcjr7UX9Q/dJkMODOG7S
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:15 2025 by rpki-client