Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F10C992C96B11EF9F54BA62762E951A.roa
File: 9F10C992C96B11EF9F54BA62762E951A.roa (raw, json)
Hash identifier: Kb4FPn5Q+Q/e7OYEyYH/cEVo9HlBOyfcE44YO0d1SXM=
Subject key identifier: FC:80:5D:21:1B:2E:B8:1A:F4:41:5C:F0:19:8D:61:7F:8C:1D:4E:AE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F480
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F10C992C96B11EF9F54BA62762E951A.roa
Signing time: Fri 03 Jan 2025 00:42:34 +0000
ROA not before: Fri 03 Jan 2025 00:00:30 +0000
ROA not after: Mon 13 Dec 2027 00:00:30 +0000
asID: 17561
IP address blocks: 156.226.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62592 (0xf480)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 00:00:30 2025 GMT
Not After : Dec 13 00:00:30 2027 GMT
Subject: CN=6777327a-83a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9d:d8:cb:ca:45:43:2f:fe:f9:fc:7b:96:70:
9c:15:0d:bc:7b:75:12:56:1c:11:d2:12:dc:0e:4e:
c6:c6:7d:25:56:dd:30:0b:b2:c2:dd:4c:0e:7a:55:
54:12:80:10:93:a8:c6:2a:91:4e:ea:61:32:91:fc:
59:db:11:3d:3a:c9:63:cb:1e:7a:ed:7f:4b:31:45:
15:4d:28:de:26:0f:3d:f9:7e:7e:dd:4c:4f:38:4a:
cd:1a:94:31:53:b1:6d:9a:65:37:8c:54:22:4f:b2:
0a:f6:c3:b5:ad:a4:bb:5b:48:95:04:e7:b4:72:31:
bc:2e:96:5c:70:ea:4c:a3:d7:bc:04:9b:43:b0:a4:
1d:bf:e9:28:24:37:58:82:62:7f:00:1c:a1:d6:d1:
1d:db:f0:c0:f6:6f:c4:bb:b9:c2:a8:da:a6:9e:bd:
de:a0:7a:92:34:8a:8e:a0:4f:e1:ac:1a:51:77:fc:
44:43:2c:54:d4:4d:0d:5e:26:c5:eb:f6:5b:82:e5:
2f:02:4e:93:44:48:08:f2:2b:2b:10:8a:4e:d7:fe:
f3:8c:9a:0d:fb:30:18:e3:03:06:83:4e:e7:d2:c7:
22:60:f2:52:11:b2:30:b6:29:9c:54:60:a8:5e:a5:
05:be:0a:0e:71:2d:8d:3a:ce:3e:4a:a3:cc:d5:03:
21:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:80:5D:21:1B:2E:B8:1A:F4:41:5C:F0:19:8D:61:7F:8C:1D:4E:AE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F10C992C96B11EF9F54BA62762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.244.0/24
Signature Algorithm: sha256WithRSAEncryption
60:0b:97:f7:d4:78:ab:60:5d:ca:88:65:f8:3b:a3:00:67:2e:
12:30:54:33:e1:be:d2:36:d8:1c:3f:cb:b7:b6:c0:4b:ff:d3:
2a:5b:5f:22:60:b0:69:a1:a4:cf:ba:63:d9:32:d7:c1:ab:76:
9c:dc:45:ee:49:02:dd:58:2e:92:7e:12:56:d0:c3:16:c2:f1:
29:91:1d:b9:49:6b:7d:5a:b4:8b:c0:be:06:6c:f4:8d:e4:8a:
52:4f:e7:05:7f:85:1a:5a:51:23:e3:c0:b6:56:6c:aa:a3:8e:
fa:9a:20:f5:70:bf:45:e7:de:89:0d:ab:b7:65:f7:48:32:7f:
34:c3:b0:a9:cc:39:d4:e1:23:34:be:23:fe:91:5e:21:3e:38:
04:b6:a9:73:6f:63:19:d9:54:46:c9:2c:da:c9:b7:39:d9:4b:
d7:fd:42:51:48:be:e1:3c:b3:ef:27:65:83:d8:fd:b8:e4:e6:
f3:59:a2:35:9b:52:a9:f7:8e:80:83:f0:35:4f:ce:37:1b:b9:
9f:e3:bf:ee:10:0a:cb:02:db:bc:a9:46:90:32:ba:4f:9c:f0:
69:3a:ec:a3:c5:5f:09:1e:5c:5a:a6:9d:eb:17:bc:e3:57:ff:
08:eb:ef:f5:99:1f:6a:9f:c0:89:f1:5f:67:8c:6a:00:17:07:
a6:03:79:9b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPSAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDAwMDMwWhcNMjcxMjEzMDAwMDMwWjAYMRYw
FAYDVQQDEw02Nzc3MzI3YS04M2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Z3Yy8pFQy/++fx7lnCcFQ28e3USVhwR0hLcDk7Gxn0lVt0wC7LC3UwO
elVUEoAQk6jGKpFO6mEykfxZ2xE9Osljyx567X9LMUUVTSjeJg89+X5+3UxPOErN
GpQxU7FtmmU3jFQiT7IK9sO1raS7W0iVBOe0cjG8LpZccOpMo9e8BJtDsKQdv+ko
JDdYgmJ/AByh1tEd2/DA9m/Eu7nCqNqmnr3eoHqSNIqOoE/hrBpRd/xEQyxU1E0N
XibF6/ZbguUvAk6TREgI8isrEIpO1/7zjJoN+zAY4wMGg07n0sciYPJSEbIwtimc
VGCoXqUFvgoOcS2NOs4+SqPM1QMhIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPyA
XSEbLrga9EFc8BmNYX+MHU6uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RjEwQzk5MkM5NkIxMUVGOUY1NEJBNjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOL0MA0GCSqGSIb3DQEBCwUA
A4IBAQBgC5f31HirYF3KiGX4O6MAZy4SMFQz4b7SNtgcP8u3tsBL/9MqW18iYLBp
oaTPumPZMtfBq3ac3EXuSQLdWC6SfhJW0MMWwvEpkR25SWt9WrSLwL4GbPSN5IpS
T+cFf4UaWlEj48C2Vmyqo476miD1cL9F596JDau3ZfdIMn80w7CpzDnU4SM0viP+
kV4hPjgEtqlzb2MZ2VRGySzaybc52UvX/UJRSL7hPLPvJ2WD2P245ObzWaI1m1Kp
946Ag/A1T843G7mf47/uEArLAtu8qUaQMrpPnPBpOuyjxV8JHlxapp3rF7zjV/8I
6+/1mR9qn8CJ8V9njGoAFwemA3mb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:34 2025 by rpki-client