Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F9DCE52C98711EF81AD3FAB762E951A.roa
File: 9F9DCE52C98711EF81AD3FAB762E951A.roa (raw, json)
Hash identifier: NDmFcnNIQnQd8ipb14NOjAJM+ltoWkwsQUw8GMLYRxI=
Subject key identifier: A6:1B:5B:28:78:10:64:CE:8A:24:AB:D4:C7:9A:76:B2:D1:BF:9E:27
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F58D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F9DCE52C98711EF81AD3FAB762E951A.roa
Signing time: Fri 03 Jan 2025 04:03:01 +0000
ROA not before: Fri 03 Jan 2025 04:02:57 +0000
ROA not after: Sat 13 Dec 2025 04:02:57 +0000
asID: 984
IP address blocks: 156.233.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62861 (0xf58d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:02:57 2025 GMT
Not After : Dec 13 04:02:57 2025 GMT
Subject: CN=67776175-5c7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a0:57:c9:ac:f3:12:90:5b:60:41:3e:e7:c8:
48:b6:82:1b:54:9d:17:93:8f:1b:46:a3:77:a3:ea:
f1:a9:bc:bf:04:04:31:92:42:7a:10:ca:2b:5c:b5:
96:16:19:bc:0f:f9:ac:05:19:ba:57:82:3d:19:fd:
b4:34:b3:9e:f1:4a:1c:cc:8e:67:8f:9b:ca:25:ca:
9b:da:8c:d7:dd:91:7a:7d:25:61:02:85:ac:47:84:
e1:13:41:a8:39:70:3c:1e:5d:85:7a:3d:e7:e9:ce:
8a:30:5f:cc:5a:94:d6:d9:07:c8:82:f1:65:3d:f1:
75:23:bf:bf:c7:e5:d6:d1:0e:1a:87:18:ac:70:72:
d9:a2:b3:9a:77:d3:c5:fb:7e:64:bc:20:2a:f3:53:
8e:cb:5e:1b:9b:2c:4a:71:96:92:25:19:c2:a3:99:
05:56:a6:43:65:2d:b2:a6:53:3e:aa:01:a4:ea:7b:
d9:aa:cc:ca:52:f0:9f:d4:b2:8d:de:db:75:ec:6f:
65:44:35:c9:a5:38:d2:59:b5:c2:36:7f:f1:2b:5c:
75:f2:9c:37:da:98:41:04:53:d3:0d:e1:d1:21:55:
85:c5:9c:9e:d8:fc:61:4f:92:69:f6:43:36:a3:4a:
51:35:23:78:bf:24:04:9f:e6:7f:85:79:4e:55:b9:
ae:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1B:5B:28:78:10:64:CE:8A:24:AB:D4:C7:9A:76:B2:D1:BF:9E:27
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9F9DCE52C98711EF81AD3FAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.12.0/24
Signature Algorithm: sha256WithRSAEncryption
58:90:bb:01:b8:a5:85:de:cf:33:13:85:b2:2f:fd:6e:70:08:
76:b9:a5:5a:4f:1d:3a:f3:6b:ee:11:7f:c5:36:68:51:36:1b:
ee:84:c1:1a:30:19:04:a1:2d:53:5e:22:cb:59:21:66:41:ea:
e9:9a:56:82:76:c2:c6:76:cd:a1:ac:bc:e2:ed:f1:23:88:bb:
cb:77:4d:a1:48:d3:1b:af:26:ce:09:1a:69:1b:37:3d:50:ee:
1e:76:b4:09:69:a6:81:b9:93:a4:46:b4:4c:e1:f8:c5:6a:a5:
92:c2:86:2c:50:7a:c0:a4:4e:78:62:d0:d0:e8:fc:55:df:6a:
0d:9a:35:f0:7e:fd:ec:12:79:b6:dd:7b:a9:75:9f:c6:ec:53:
79:a3:21:c1:b0:c3:f7:e2:f9:f9:9c:ae:fe:7b:1f:d9:d2:ab:
32:e2:62:94:30:ab:5c:19:df:b4:a4:d9:c9:49:f8:48:f6:26:
50:83:2f:83:dd:27:4a:cb:d6:a1:92:b1:64:83:27:08:c6:e9:
56:e7:73:35:38:e1:29:22:b9:46:37:74:9a:8e:0f:66:34:6b:
18:ce:0a:82:51:8b:d6:0d:2e:aa:d5:b1:55:6e:e1:49:a1:60:
73:07:fd:69:a7:5c:12:ab:9f:60:2a:d3:4b:ac:c1:60:d2:ec:
c6:a4:f3:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQwMjU3WhcNMjUxMjEzMDQwMjU3WjAYMRYw
FAYDVQQDEw02Nzc3NjE3NS01YzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3qBXyazzEpBbYEE+58hItoIbVJ0Xk48bRqN3o+rxqby/BAQxkkJ6EMor
XLWWFhm8D/msBRm6V4I9Gf20NLOe8UoczI5nj5vKJcqb2ozX3ZF6fSVhAoWsR4Th
E0GoOXA8Hl2Fej3n6c6KMF/MWpTW2QfIgvFlPfF1I7+/x+XW0Q4ahxiscHLZorOa
d9PF+35kvCAq81OOy14bmyxKcZaSJRnCo5kFVqZDZS2yplM+qgGk6nvZqszKUvCf
1LKN3tt17G9lRDXJpTjSWbXCNn/xK1x18pw32phBBFPTDeHRIVWFxZye2PxhT5Jp
9kM2o0pRNSN4vyQEn+Z/hXlOVbmuswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKYb
Wyh4EGTOiiSr1MeadrLRv54nMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RjlEQ0U1MkM5ODcxMUVGODFBRDNGQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkMMA0GCSqGSIb3DQEBCwUA
A4IBAQBYkLsBuKWF3s8zE4WyL/1ucAh2uaVaTx0682vuEX/FNmhRNhvuhMEaMBkE
oS1TXiLLWSFmQerpmlaCdsLGds2hrLzi7fEjiLvLd02hSNMbrybOCRppGzc9UO4e
drQJaaaBuZOkRrRM4fjFaqWSwoYsUHrApE54YtDQ6PxV32oNmjXwfv3sEnm23Xup
dZ/G7FN5oyHBsMP34vn5nK7+ex/Z0qsy4mKUMKtcGd+0pNnJSfhI9iZQgy+D3SdK
y9ahkrFkgycIxulW53M1OOEpIrlGN3Sajg9mNGsYzgqCUYvWDS6q1bFVbuFJoWBz
B/1pp1wSq59gKtNLrMFg0uzGpPM0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:08 2025 by rpki-client