Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ACADFE0ECD9D11EF93FE05A0762E951A.roa
File: ACADFE0ECD9D11EF93FE05A0762E951A.roa (raw, json)
Hash identifier: adJyYfv4gZ0FjHnIcsSIBL9f+UIhWMHK8bukQJwJMxw=
Subject key identifier: 02:F3:D6:1E:14:31:8E:CD:CB:C5:43:6E:DD:34:00:EA:95:59:E4:29
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100A1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ACADFE0ECD9D11EF93FE05A0762E951A.roa
Signing time: Wed 08 Jan 2025 08:50:56 +0000
ROA not before: Wed 08 Jan 2025 08:50:53 +0000
ROA not after: Tue 16 Dec 2025 08:50:53 +0000
asID: 984
IP address blocks: 156.249.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65697 (0x100a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:50:53 2025 GMT
Not After : Dec 16 08:50:53 2025 GMT
Subject: CN=677e3c70-aa1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9f:c3:c0:84:3a:f4:e7:fc:2f:e8:10:4c:2f:
9e:44:45:a8:2e:51:7c:5a:b7:87:64:dc:6b:0f:87:
f0:75:3a:91:4f:fd:d1:99:1e:1c:5a:8a:e9:53:6c:
5d:43:6a:d4:cb:80:5a:68:80:cd:4d:b3:46:62:d0:
55:df:c2:55:af:63:3f:bc:bf:d6:8f:3e:d9:0e:63:
2d:74:ab:c3:00:6a:d7:c0:30:f7:df:54:b7:75:58:
3d:65:56:e5:1a:b6:21:4a:1d:fb:4d:8a:58:81:5a:
e3:87:53:f3:2c:7d:e0:90:50:b8:1b:e6:3a:3a:5b:
a9:c7:d8:12:32:50:45:0b:2f:e1:c3:8a:2d:25:fc:
2b:0d:c0:34:fa:5d:67:56:81:eb:e7:8e:7c:26:67:
73:26:40:df:04:85:18:71:15:0e:97:bd:f6:85:e3:
f3:0e:a5:d0:42:7c:3f:86:84:26:31:8a:39:ce:2a:
a9:55:4b:83:53:8c:75:a6:02:17:89:8b:7a:d2:78:
46:86:43:19:8c:3a:fe:93:7a:86:6c:3b:84:52:c6:
5a:50:eb:bb:c7:ac:50:3c:a7:e8:16:a7:67:f8:45:
c2:08:2a:ce:cf:93:99:91:cb:3c:f8:3c:8b:9d:f7:
5a:17:62:d5:e1:37:a4:00:60:39:59:77:70:bf:a0:
f2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F3:D6:1E:14:31:8E:CD:CB:C5:43:6E:DD:34:00:EA:95:59:E4:29
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ACADFE0ECD9D11EF93FE05A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.95.0/24
Signature Algorithm: sha256WithRSAEncryption
19:3c:1b:31:fb:88:e3:f9:f1:81:0b:9c:42:1a:1d:71:9d:bd:
50:55:07:d6:83:f7:59:6e:75:a4:2e:72:b3:a3:4d:21:fd:a9:
25:a4:61:96:7d:2a:3a:76:c3:ab:92:c4:2d:01:fe:f3:cb:42:
e6:a1:14:96:60:07:84:a3:70:a7:7a:70:f9:30:3d:67:3a:75:
20:fa:5c:52:6a:44:37:18:99:52:5e:b2:c1:ce:e5:de:ff:20:
de:59:f4:14:a2:89:15:81:07:a1:10:79:da:7d:68:f8:50:cc:
b1:eb:36:71:f6:09:f7:ec:92:b2:79:ba:f5:19:65:cb:8a:75:
bf:71:66:7e:af:b9:48:39:16:ad:5f:e2:da:5a:e3:d9:3d:12:
c6:1d:37:f5:b5:e6:8a:1c:8b:31:38:de:b5:e7:2b:a8:86:4a:
ab:03:ba:8d:8b:cc:10:94:ed:08:82:42:d1:cd:49:2e:e0:2c:
a9:28:00:2e:35:59:44:20:b0:8a:9b:1c:41:51:91:bf:cb:d0:
bf:d6:17:5d:bf:00:d9:e3:b4:73:40:40:ba:78:ef:ab:b9:8e:
ba:d6:ab:5f:7f:19:0b:90:c8:ed:9c:69:a2:e9:fe:a5:15:61:
3c:ba:dd:fc:98:22:43:78:40:28:7b:7e:8a:97:22:a4:38:c7:
02:dc:d5:9b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQChMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDg1MDUzWhcNMjUxMjE2MDg1MDUzWjAYMRYw
FAYDVQQDEw02NzdlM2M3MC1hYTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApZ/DwIQ69Of8L+gQTC+eREWoLlF8WreHZNxrD4fwdTqRT/3RmR4cWorp
U2xdQ2rUy4BaaIDNTbNGYtBV38JVr2M/vL/Wjz7ZDmMtdKvDAGrXwDD331S3dVg9
ZVblGrYhSh37TYpYgVrjh1PzLH3gkFC4G+Y6Olupx9gSMlBFCy/hw4otJfwrDcA0
+l1nVoHr5458JmdzJkDfBIUYcRUOl732hePzDqXQQnw/hoQmMYo5ziqpVUuDU4x1
pgIXiYt60nhGhkMZjDr+k3qGbDuEUsZaUOu7x6xQPKfoFqdn+EXCCCrOz5OZkcs8
+DyLnfdaF2LV4TekAGA5WXdwv6DyFQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFALz
1h4UMY7Ny8VDbt00AOqVWeQpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQ0FERkUwRUNEOUQxMUVGOTNGRTA1QTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlfMA0GCSqGSIb3DQEBCwUA
A4IBAQAZPBsx+4jj+fGBC5xCGh1xnb1QVQfWg/dZbnWkLnKzo00h/aklpGGWfSo6
dsOrksQtAf7zy0LmoRSWYAeEo3CnenD5MD1nOnUg+lxSakQ3GJlSXrLBzuXe/yDe
WfQUookVgQehEHnafWj4UMyx6zZx9gn37JKyebr1GWXLinW/cWZ+r7lIORatX+La
WuPZPRLGHTf1teaKHIsxON615yuohkqrA7qNi8wQlO0IgkLRzUku4CypKAAuNVlE
ILCKmxxBUZG/y9C/1hddvwDZ47RzQEC6eO+ruY661qtffxkLkMjtnGmi6f6lFWE8
ut38mCJDeEAoe36KlyKkOMcC3NWb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:05 2025 by rpki-client