Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FB291EACD7711EF96B2EEB0762E951A.roa
File: 9FB291EACD7711EF96B2EEB0762E951A.roa (raw, json)
Hash identifier: +uL/87Yu04QAytAwp+XG+kv32bARk2L8/3Ydjg00TGQ=
Subject key identifier: FA:94:BB:47:34:20:2C:7F:58:84:D0:50:DC:20:47:15:9F:1E:2E:0F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFBD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FB291EACD7711EF96B2EEB0762E951A.roa
Signing time: Wed 08 Jan 2025 04:18:34 +0000
ROA not before: Wed 08 Jan 2025 04:18:30 +0000
ROA not after: Mon 13 Dec 2027 04:18:30 +0000
asID: 17561
IP address blocks: 156.250.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65469 (0xffbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 04:18:30 2025 GMT
Not After : Dec 13 04:18:30 2027 GMT
Subject: CN=677dfc99-cdf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:27:25:d2:42:2f:bb:4f:4f:b0:f9:fa:0c:9d:
24:42:b1:47:08:f8:11:ba:89:a9:70:1b:e0:62:12:
aa:d4:d8:74:39:8d:20:ae:45:96:ab:82:53:b6:cd:
e7:e0:b0:e8:b4:bb:00:70:8c:6d:68:88:2c:48:e7:
e6:ff:3e:ce:ee:07:45:31:54:1c:ca:b6:cf:c0:bd:
f6:ff:59:1d:35:db:15:ec:21:96:12:93:2b:9a:8e:
6f:93:63:38:3f:4d:d4:ce:b6:53:60:ec:a9:d1:04:
59:e0:ce:f9:e8:6d:e2:58:9b:82:9b:60:7e:3e:e6:
76:ae:9a:38:6c:ed:a0:95:da:bc:d9:00:51:04:ba:
4f:e8:ce:d2:1c:c5:b4:d6:3a:bd:5d:0e:16:ab:38:
b2:4f:f1:d8:f9:f5:c5:00:33:a7:c5:1e:44:c5:33:
e2:77:42:81:ca:d6:a1:7f:1f:dc:bc:01:eb:97:7a:
b5:36:af:7d:76:73:fb:b6:28:8c:0e:6c:38:0c:58:
e2:18:b4:b2:b7:e8:08:1e:17:be:17:bb:a5:cf:dc:
77:9e:a9:a8:99:53:14:a4:19:da:9b:78:52:cf:a9:
c3:d1:8d:f6:c8:4c:9d:a3:1f:26:c6:0d:58:71:14:
c7:c6:bf:66:0a:7b:74:d5:dd:2f:46:1a:a2:bd:2a:
bc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:94:BB:47:34:20:2C:7F:58:84:D0:50:DC:20:47:15:9F:1E:2E:0F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FB291EACD7711EF96B2EEB0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.35.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:99:75:5e:4b:97:d2:70:a0:0a:64:2b:08:d9:dd:8c:be:4c:
bd:dd:11:ee:2c:d4:10:9e:fc:2d:b7:6b:af:1b:af:cf:67:86:
ff:1f:d4:50:43:6a:ac:fc:8a:b2:ff:b4:ff:a2:83:da:e4:4c:
74:74:1a:67:a2:f4:04:1c:a9:02:09:0e:1c:71:92:74:5e:54:
0a:4f:22:13:eb:85:1e:ff:36:06:48:8f:d8:87:57:c9:7f:7d:
f2:b7:bf:44:42:f8:23:2f:26:ca:46:dd:9c:59:06:c3:f0:b0:
67:be:3f:d6:ea:26:13:1d:68:f0:05:81:26:5d:46:33:b2:2b:
8d:be:e4:17:99:6d:76:1f:45:5f:0c:3e:b3:46:6e:f3:4f:ca:
23:34:33:68:5a:8e:5a:6c:37:15:d8:5f:2f:ca:78:01:f0:45:
bf:94:70:75:7f:d6:2a:22:f0:b2:b2:17:86:89:d4:29:f7:52:
09:1f:37:6c:b0:d6:2e:0c:17:c8:17:3f:ae:8e:13:ea:e5:5d:
e6:48:b4:e4:0c:74:c5:7f:ca:06:29:c2:28:c4:3c:7e:37:d2:
f4:84:27:46:59:b3:aa:e7:ef:ad:b6:11:0a:00:d8:95:ca:d0:
6f:62:85:97:cd:40:a6:31:8b:73:76:b7:34:04:0e:bc:c5:b1:
de:b1:61:35
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDQxODMwWhcNMjcxMjEzMDQxODMwWjAYMRYw
FAYDVQQDEw02NzdkZmM5OS1jZGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7Scl0kIvu09PsPn6DJ0kQrFHCPgRuompcBvgYhKq1Nh0OY0grkWWq4JT
ts3n4LDotLsAcIxtaIgsSOfm/z7O7gdFMVQcyrbPwL32/1kdNdsV7CGWEpMrmo5v
k2M4P03UzrZTYOyp0QRZ4M756G3iWJuCm2B+PuZ2rpo4bO2gldq82QBRBLpP6M7S
HMW01jq9XQ4WqziyT/HY+fXFADOnxR5ExTPid0KBytahfx/cvAHrl3q1Nq99dnP7
tiiMDmw4DFjiGLSyt+gIHhe+F7ulz9x3nqmomVMUpBnam3hSz6nD0Y32yEydox8m
xg1YcRTHxr9mCnt01d0vRhqivSq8dwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPqU
u0c0ICx/WITQUNwgRxWfHi4PMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RkIyOTFFQUNENzcxMUVGOTZCMkVFQjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPojMA0GCSqGSIb3DQEBCwUA
A4IBAQB6mXVeS5fScKAKZCsI2d2Mvky93RHuLNQQnvwtt2uvG6/PZ4b/H9RQQ2qs
/Iqy/7T/ooPa5Ex0dBpnovQEHKkCCQ4ccZJ0XlQKTyIT64Ue/zYGSI/Yh1fJf33y
t79EQvgjLybKRt2cWQbD8LBnvj/W6iYTHWjwBYEmXUYzsiuNvuQXmW12H0VfDD6z
Rm7zT8ojNDNoWo5abDcV2F8vyngB8EW/lHB1f9YqIvCysheGidQp91IJHzdssNYu
DBfIFz+ujhPq5V3mSLTkDHTFf8oGKcIoxDx+N9L0hCdGWbOq5++tthEKANiVytBv
YoWXzUCmMYtzdrc0BA68xbHesWE1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:39 2025 by rpki-client