Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9132BC8CD9E11EF841194A6762E951A.roa
File: B9132BC8CD9E11EF841194A6762E951A.roa (raw, json)
Hash identifier: fmli+AHkMFvL0l/6WTNmBZvrQIQMj/TKbEkPeqm1EOM=
Subject key identifier: 8F:1B:B9:D3:A2:CE:1A:A8:BA:8B:04:69:32:CF:0A:53:02:39:D1:58
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100B3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9132BC8CD9E11EF841194A6762E951A.roa
Signing time: Wed 08 Jan 2025 08:58:27 +0000
ROA not before: Wed 08 Jan 2025 08:58:23 +0000
ROA not after: Tue 16 Dec 2025 08:58:23 +0000
asID: 984
IP address blocks: 156.249.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65715 (0x100b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:58:23 2025 GMT
Not After : Dec 16 08:58:23 2025 GMT
Subject: CN=677e3e32-4865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:5e:99:f6:35:83:bd:59:45:b4:33:f2:e2:
ce:95:88:32:cb:f9:b6:0c:85:f5:6e:e1:86:67:fd:
e4:19:7d:a0:88:c6:41:c0:d6:b7:7f:67:fd:17:20:
b7:fb:f7:c8:1e:9d:00:7e:35:a7:c9:d1:64:52:3e:
95:ee:ef:22:2b:a0:76:f4:aa:d0:76:6a:cc:de:c0:
b2:b1:12:b1:75:4f:d9:ae:e2:86:16:62:c9:82:7a:
8d:8a:f6:a9:f2:64:ff:b0:a1:8c:5c:03:c4:d7:cb:
d1:a3:61:49:eb:92:df:aa:fd:35:d1:b4:e7:f1:ee:
a6:ce:f8:a5:ec:5d:68:c7:9c:8d:0e:2e:a5:58:54:
a4:57:8a:43:a9:fd:da:05:e8:d4:08:4f:82:82:1d:
ff:8f:e8:5f:c4:7f:fb:74:f1:8c:9b:bd:c0:4d:86:
62:5c:13:38:8a:0a:92:6d:07:09:e2:f6:45:17:a0:
10:57:ed:0b:19:50:db:cd:e9:df:af:09:52:a3:df:
20:d4:1c:7c:3c:64:81:c2:09:2a:df:66:f8:5d:70:
35:7f:d1:3f:d5:b7:88:b9:1b:e4:f0:a7:1b:8e:4d:
8e:5a:f9:50:83:b1:c7:93:c9:cf:74:56:03:a9:f5:
5c:97:8d:9d:fc:52:1c:f7:c5:8f:a7:69:44:3b:f4:
ee:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:1B:B9:D3:A2:CE:1A:A8:BA:8B:04:69:32:CF:0A:53:02:39:D1:58
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9132BC8CD9E11EF841194A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.102.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:0b:7b:f4:12:fe:06:5d:42:8e:ef:cf:70:89:7f:ef:ff:59:
9a:01:d6:7b:fa:ca:8d:54:f7:0a:b8:a3:02:49:10:35:39:6b:
47:5a:ec:b9:08:a5:fb:53:6e:87:f4:59:7d:bc:80:10:75:9c:
04:50:25:07:b5:6a:90:4d:1a:bf:83:55:16:b1:8a:a5:c9:5b:
18:95:b4:9c:e3:48:8a:e9:b6:ef:bb:ec:49:b4:aa:9c:cd:e1:
ad:3b:4c:d8:61:35:05:72:ce:c8:70:54:79:43:44:16:83:76:
b9:ee:c7:7f:0e:66:a0:2a:a4:f9:64:e8:18:0b:bc:b2:c9:84:
65:c2:fb:51:37:1a:80:72:bc:37:36:08:74:87:f1:31:46:5e:
1c:cf:bd:57:d0:76:c8:d6:ec:33:46:d0:a0:ef:fe:a7:d3:c9:
4f:9d:f7:85:83:15:43:61:32:1f:99:ed:8f:bf:c2:58:29:a3:
24:58:5e:a9:f9:9c:47:76:30:08:36:1d:dd:54:e1:0a:13:4a:
52:7b:3e:27:ef:07:c0:c8:f8:62:11:5a:3d:4f:f5:d6:12:8f:
b9:88:f7:5e:2a:6f:73:57:69:73:cf:c4:ea:53:a5:a5:51:83:
0c:14:5b:f8:34:a6:33:01:8d:98:91:da:a9:fc:62:95:86:52:
47:cd:59:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQCzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDg1ODIzWhcNMjUxMjE2MDg1ODIzWjAYMRYw
FAYDVQQDEw02NzdlM2UzMi00ODY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp6JemfY1g71ZRbQz8uLOlYgyy/m2DIX1buGGZ/3kGX2giMZBwNa3f2f9
FyC3+/fIHp0AfjWnydFkUj6V7u8iK6B29KrQdmrM3sCysRKxdU/ZruKGFmLJgnqN
ivap8mT/sKGMXAPE18vRo2FJ65Lfqv010bTn8e6mzvil7F1ox5yNDi6lWFSkV4pD
qf3aBejUCE+Cgh3/j+hfxH/7dPGMm73ATYZiXBM4igqSbQcJ4vZFF6AQV+0LGVDb
zenfrwlSo98g1Bx8PGSBwgkq32b4XXA1f9E/1beIuRvk8Kcbjk2OWvlQg7HHk8nP
dFYDqfVcl42d/FIc98WPp2lEO/TucQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI8b
udOizhqouosEaTLPClMCOdFYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COTEzMkJDOENEOUUxMUVGODQxMTk0QTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlmMA0GCSqGSIb3DQEBCwUA
A4IBAQCpC3v0Ev4GXUKO789wiX/v/1maAdZ7+sqNVPcKuKMCSRA1OWtHWuy5CKX7
U26H9Fl9vIAQdZwEUCUHtWqQTRq/g1UWsYqlyVsYlbSc40iK6bbvu+xJtKqczeGt
O0zYYTUFcs7IcFR5Q0QWg3a57sd/DmagKqT5ZOgYC7yyyYRlwvtRNxqAcrw3Ngh0
h/ExRl4cz71X0HbI1uwzRtCg7/6n08lPnfeFgxVDYTIfme2Pv8JYKaMkWF6p+ZxH
djAINh3dVOEKE0pSez4n7wfAyPhiEVo9T/XWEo+5iPdeKm9zV2lzz8TqU6WlUYMM
FFv4NKYzAY2Ykdqp/GKVhlJHzVlQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:42 2025 by rpki-client