Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FD27084C95611EFA842AD5D762E951A.roa
File: 9FD27084C95611EFA842AD5D762E951A.roa (raw, json)
Hash identifier: U02m1WPJitu9g7wQ/Ozs7P4PQDONeRg2Qi9TpvNa+gA=
Subject key identifier: 0C:72:B9:CB:2F:1C:58:D6:33:56:99:29:CC:F3:3C:8F:F2:F3:DE:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3FC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FD27084C95611EFA842AD5D762E951A.roa
Signing time: Thu 02 Jan 2025 22:12:16 +0000
ROA not before: Thu 02 Jan 2025 22:12:12 +0000
ROA not after: Sat 13 Dec 2025 22:12:12 +0000
asID: 984
IP address blocks: 156.226.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62460 (0xf3fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:12:12 2025 GMT
Not After : Dec 13 22:12:12 2025 GMT
Subject: CN=67770f40-e1dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bb:9c:23:89:cd:8e:83:01:dc:fe:39:16:6f:
86:cd:69:98:ec:ab:f0:1e:6f:d3:af:df:1d:68:c2:
87:2a:b9:29:2f:40:9b:46:1a:05:1d:25:04:6c:cf:
d8:cb:03:0b:73:2e:fb:0d:0c:12:e8:e0:b3:88:f3:
14:4a:05:cb:41:09:86:6c:87:5c:88:da:0b:64:4e:
8a:c0:c1:85:c9:89:3a:12:44:22:58:ce:1a:34:5b:
4f:bf:79:62:5c:0c:ec:e0:98:9e:8a:28:dc:76:6e:
8e:70:7a:cb:b8:e9:a9:69:a4:db:83:fa:80:de:a4:
e6:07:57:52:af:0d:8f:16:71:e2:fa:23:cf:e5:0f:
c7:a8:8b:d9:d6:0b:57:74:d2:9f:69:bb:56:71:f0:
65:ee:92:e9:38:58:d0:51:76:71:fd:47:26:95:2c:
8a:80:9a:e9:ea:a6:d4:58:9d:28:75:38:01:8d:12:
c3:b9:0e:75:70:41:bf:b1:6e:c1:16:f4:f6:f9:11:
2f:fb:ea:8a:4f:08:c6:c7:d8:f6:60:22:b8:15:01:
9e:59:e8:1b:ca:ba:5d:c3:f4:33:01:49:9e:e2:22:
47:54:39:be:ec:8f:74:64:e3:8a:52:43:fc:a1:99:
4f:14:1a:08:d7:03:8e:23:9d:50:5e:d0:87:a5:86:
19:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:72:B9:CB:2F:1C:58:D6:33:56:99:29:CC:F3:3C:8F:F2:F3:DE:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FD27084C95611EFA842AD5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.150.0/24
Signature Algorithm: sha256WithRSAEncryption
21:2d:7e:35:9c:9f:7f:5c:7f:43:d8:dc:7c:16:eb:3e:c0:df:
db:91:02:f9:11:9a:c6:53:e9:ec:1d:98:63:a3:38:fc:a1:3e:
e5:4c:57:a6:2a:b5:bf:7f:a6:54:43:21:f4:d5:59:08:9a:5b:
17:36:6a:08:74:8c:f9:41:b4:b8:58:b3:87:e4:37:e9:21:be:
49:f4:f5:70:ea:f7:63:87:12:e3:44:41:c1:f4:0d:e6:51:ef:
8b:fb:41:91:5a:66:08:cc:ad:76:ef:0a:27:2d:c5:ef:1c:ae:
ca:09:75:70:1e:0c:89:9a:f8:50:00:8b:14:8f:3d:cf:30:b7:
81:36:cd:9c:16:28:34:30:ee:1e:97:a0:aa:62:d8:ef:a8:62:
d5:55:6b:46:c0:48:2b:16:90:53:13:fb:ca:49:2e:8f:f2:41:
13:01:40:8b:74:af:4f:49:48:c1:2d:51:a4:94:a1:9c:70:f2:
53:4f:c7:cc:ae:7d:c3:bd:d0:ae:d6:9c:8c:8b:91:db:07:9e:
bc:58:36:da:67:da:9c:8c:6b:01:43:9a:94:00:64:50:85:9b:
2e:18:a8:27:6c:fd:2c:14:7d:98:e5:89:48:0c:f6:c4:36:1e:
ca:a6:a2:4f:f4:a3:b6:88:af:49:41:93:59:a8:9f:a9:d1:7d:
7f:73:36:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPP8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjIxMjEyWhcNMjUxMjEzMjIxMjEyWjAYMRYw
FAYDVQQDEw02Nzc3MGY0MC1lMWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzrucI4nNjoMB3P45Fm+GzWmY7KvwHm/Tr98daMKHKrkpL0CbRhoFHSUE
bM/YywMLcy77DQwS6OCziPMUSgXLQQmGbIdciNoLZE6KwMGFyYk6EkQiWM4aNFtP
v3liXAzs4Jieiijcdm6OcHrLuOmpaaTbg/qA3qTmB1dSrw2PFnHi+iPP5Q/HqIvZ
1gtXdNKfabtWcfBl7pLpOFjQUXZx/UcmlSyKgJrp6qbUWJ0odTgBjRLDuQ51cEG/
sW7BFvT2+REv++qKTwjGx9j2YCK4FQGeWegbyrpdw/QzAUme4iJHVDm+7I90ZOOK
UkP8oZlPFBoI1wOOI51QXtCHpYYZEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAxy
ucsvHFjWM1aZKczzPI/y895/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RkQyNzA4NEM5NTYxMUVGQTg0MkFENUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKWMA0GCSqGSIb3DQEBCwUA
A4IBAQAhLX41nJ9/XH9D2Nx8Fus+wN/bkQL5EZrGU+nsHZhjozj8oT7lTFemKrW/
f6ZUQyH01VkImlsXNmoIdIz5QbS4WLOH5DfpIb5J9PVw6vdjhxLjREHB9A3mUe+L
+0GRWmYIzK127wonLcXvHK7KCXVwHgyJmvhQAIsUjz3PMLeBNs2cFig0MO4el6Cq
YtjvqGLVVWtGwEgrFpBTE/vKSS6P8kETAUCLdK9PSUjBLVGklKGccPJTT8fMrn3D
vdCu1pyMi5HbB568WDbaZ9qcjGsBQ5qUAGRQhZsuGKgnbP0sFH2Y5YlIDPbENh7K
pqJP9KO2iK9JQZNZqJ+p0X1/czYi
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:11 2025 by rpki-client