Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8906DD6CCB011EFB80A46B4762E951A.roa
File: A8906DD6CCB011EFB80A46B4762E951A.roa (raw, json)
Hash identifier: uZng+cmrqR62FRCjtTJTCLlIXGcCjLSBTi5RWq/sUQ4=
Subject key identifier: 2A:5A:0B:B5:B8:07:99:A3:D5:4A:1E:B6:EC:26:1A:93:3B:EA:A3:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9F6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8906DD6CCB011EFB80A46B4762E951A.roa
Signing time: Tue 07 Jan 2025 04:34:19 +0000
ROA not before: Tue 07 Jan 2025 04:34:15 +0000
ROA not after: Sat 13 Dec 2025 04:34:15 +0000
asID: 984
IP address blocks: 156.232.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63990 (0xf9f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:34:15 2025 GMT
Not After : Dec 13 04:34:15 2025 GMT
Subject: CN=677caecb-d1ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:da:d8:e5:8e:be:71:84:74:48:2a:a0:4c:5f:
eb:d1:01:74:b9:45:89:f3:86:ea:6c:00:61:c9:a9:
38:31:22:92:fb:71:42:5f:27:90:04:eb:ce:7e:76:
6a:54:04:6c:bf:11:c0:13:30:d6:f1:86:0e:3a:0d:
04:27:dd:04:ea:ac:62:31:d2:01:ee:55:0c:c3:35:
36:e4:30:3e:73:3d:b6:24:99:e1:01:b3:82:fa:d8:
b4:b7:9e:cd:9b:03:d4:84:e6:f5:e7:bd:e3:12:e8:
e8:bc:0d:54:50:42:de:e9:05:b3:92:52:06:8b:e0:
ab:29:3f:c0:5b:0a:df:a1:13:19:95:fd:7e:87:33:
1d:07:ec:a7:1d:63:4b:68:9c:88:d8:74:9e:6f:eb:
54:5b:18:ac:5a:a2:3f:32:f4:67:a0:47:c5:bf:8c:
a6:2e:7b:8c:1a:24:9b:2a:10:76:95:f7:82:df:89:
a6:14:be:aa:f6:ae:81:a5:f4:28:5d:1f:97:ef:4a:
6b:77:98:3f:fc:99:9d:23:c5:2a:32:34:e5:c5:89:
6e:9d:92:71:22:da:ee:b0:8a:de:6a:da:d3:d7:22:
6d:91:50:a5:34:a1:70:5e:40:d9:67:61:64:ea:9b:
b9:a3:91:c1:5f:38:7e:40:95:0e:93:14:fd:a8:a2:
f2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5A:0B:B5:B8:07:99:A3:D5:4A:1E:B6:EC:26:1A:93:3B:EA:A3:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A8906DD6CCB011EFB80A46B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.76.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:55:eb:75:bf:6c:60:a6:43:5f:a1:cd:0a:79:7f:7d:5c:2e:
47:9d:29:de:a2:c9:df:11:57:f7:49:2d:2c:2c:3b:b7:93:b4:
3c:16:cc:03:2c:87:78:d4:b2:af:8d:86:54:69:46:2a:cf:18:
1f:27:c5:cf:9a:54:7b:45:41:bf:c2:84:e7:4f:e1:22:b6:00:
c9:c6:4b:4a:38:64:d6:a1:f1:7f:1b:b8:49:f3:0d:d5:fd:5a:
a9:92:0f:50:3a:91:f3:a1:6b:a3:c6:37:0c:9d:02:76:4a:33:
5f:a6:78:81:e1:ab:3d:3b:4f:5c:f1:e0:a2:1f:49:c2:3d:18:
7a:59:3f:ee:68:d5:b2:a7:fc:df:08:0d:8d:19:b2:d4:bc:dd:
6b:8b:75:a0:91:0f:91:98:86:67:58:a6:81:ac:62:92:cc:45:
e9:9d:61:d8:ea:fe:74:39:1b:42:97:64:1e:68:82:33:02:10:
5f:70:29:6c:1b:af:c2:8b:bc:ae:30:a8:f0:dc:22:fb:d5:e5:
ed:50:06:51:88:f9:81:f4:9f:fa:4b:8f:0f:32:2f:50:81:39:
5f:18:e8:10:8a:e7:e8:5a:f0:bf:14:21:a1:f4:1d:2d:d5:27:
c4:99:8b:5b:f4:42:e2:21:21:0c:8f:07:96:64:57:89:bb:8d:
d0:ec:db:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPn2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQzNDE1WhcNMjUxMjEzMDQzNDE1WjAYMRYw
FAYDVQQDEw02NzdjYWVjYi1kMWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+NrY5Y6+cYR0SCqgTF/r0QF0uUWJ84bqbABhyak4MSKS+3FCXyeQBOvO
fnZqVARsvxHAEzDW8YYOOg0EJ90E6qxiMdIB7lUMwzU25DA+cz22JJnhAbOC+ti0
t57NmwPUhOb1573jEujovA1UUELe6QWzklIGi+CrKT/AWwrfoRMZlf1+hzMdB+yn
HWNLaJyI2HSeb+tUWxisWqI/MvRnoEfFv4ymLnuMGiSbKhB2lfeC34mmFL6q9q6B
pfQoXR+X70prd5g//JmdI8UqMjTlxYlunZJxItrusIreatrT1yJtkVClNKFwXkDZ
Z2Fk6pu5o5HBXzh+QJUOkxT9qKLyZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCpa
C7W4B5mj1UoetuwmGpM76qOQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BODkwNkRENkNDQjAxMUVGQjgwQTQ2QjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhMMA0GCSqGSIb3DQEBCwUA
A4IBAQAfVet1v2xgpkNfoc0KeX99XC5HnSneosnfEVf3SS0sLDu3k7Q8FswDLId4
1LKvjYZUaUYqzxgfJ8XPmlR7RUG/woTnT+EitgDJxktKOGTWofF/G7hJ8w3V/Vqp
kg9QOpHzoWujxjcMnQJ2SjNfpniB4as9O09c8eCiH0nCPRh6WT/uaNWyp/zfCA2N
GbLUvN1ri3WgkQ+RmIZnWKaBrGKSzEXpnWHY6v50ORtCl2QeaIIzAhBfcClsG6/C
i7yuMKjw3CL71eXtUAZRiPmB9J/6S48PMi9QgTlfGOgQiufoWvC/FCGh9B0t1SfE
mYtb9ELiISEMjweWZFeJu43Q7Nsh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:31 2025 by rpki-client