Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9387890CD9F11EFB5F932AD762E951A.roa
File: C9387890CD9F11EFB5F932AD762E951A.roa (raw, json)
Hash identifier: z/G+8AuxZeKkay8V3YWLh24/JiY0vMSQpbeQcsn8DFk=
Subject key identifier: AD:A1:F7:57:57:0C:EC:96:79:9E:3F:CD:92:43:D5:9C:98:10:36:FA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100C6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9387890CD9F11EFB5F932AD762E951A.roa
Signing time: Wed 08 Jan 2025 09:06:03 +0000
ROA not before: Wed 08 Jan 2025 09:05:59 +0000
ROA not after: Mon 13 Dec 2027 09:05:59 +0000
asID: 17561
IP address blocks: 156.253.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65734 (0x100c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:05:59 2025 GMT
Not After : Dec 13 09:05:59 2027 GMT
Subject: CN=677e3ffb-5581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:26:63:46:a8:56:19:46:08:b2:80:28:50:42:
06:f5:61:8c:58:bf:e3:01:7e:a3:3e:ee:24:2b:74:
87:54:c7:26:87:84:5c:3a:02:2a:34:31:2c:c0:11:
10:34:db:19:81:b9:dc:c4:a1:48:3d:e3:b3:e2:38:
da:55:bc:e6:b1:55:88:55:7c:26:e3:68:9d:31:ca:
09:de:27:18:c3:29:44:84:ae:34:50:88:f0:6c:df:
e8:15:f3:b7:ed:df:74:de:43:42:20:8f:89:f5:a1:
be:58:d2:8f:67:1d:4b:65:d7:92:66:9f:da:99:9d:
18:b9:ae:04:85:86:1a:f3:c1:4c:b7:d9:3b:58:c6:
6a:9a:b3:7a:ad:6b:d3:f2:1e:e6:48:22:ac:3a:e0:
90:6d:bb:7b:53:a6:b8:1a:96:ba:60:cc:ed:f6:16:
84:b9:59:8c:45:ed:19:75:fa:d8:e4:d0:59:78:19:
b2:98:b0:e9:9a:58:2d:95:ac:4d:7a:82:ee:e8:76:
93:44:b8:37:bd:fb:34:e7:18:37:f0:00:fc:14:40:
db:ea:a3:8a:8c:4c:bd:22:10:c0:dd:8f:bb:0f:be:
8a:8f:e7:0e:5f:7a:5e:1a:0e:45:03:0e:54:b6:37:
20:db:96:48:a6:26:49:eb:38:4d:ac:76:60:5f:5f:
9b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A1:F7:57:57:0C:EC:96:79:9E:3F:CD:92:43:D5:9C:98:10:36:FA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9387890CD9F11EFB5F932AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.33.0/24
Signature Algorithm: sha256WithRSAEncryption
79:fe:c0:ec:36:dc:fa:04:a6:3b:4c:7c:87:53:6b:d8:3a:c9:
48:6c:ce:1c:14:8b:03:e7:51:0d:a7:22:25:d3:d0:58:4d:9b:
4e:4d:f0:9a:9c:0b:93:cc:0a:9f:0c:35:12:2a:af:61:aa:a9:
8a:43:e8:e8:f5:b6:f8:b7:04:96:8d:16:e1:3a:5f:7b:9e:4b:
e7:a7:3e:41:dc:ac:ad:b6:4c:9c:37:5f:00:1a:1c:1c:6d:93:
08:1e:8d:ee:d5:ab:14:8d:1c:fa:fa:9c:dc:23:eb:11:07:1a:
83:47:b6:9c:1e:8e:25:48:14:a8:f5:c3:9a:7a:ec:b5:92:c2:
6f:39:e7:5e:52:a8:bf:9d:87:c5:5a:c6:cd:17:16:3f:14:87:
97:8d:dc:3a:32:db:3e:a0:a9:ec:95:5c:11:70:d3:8c:81:24:
2b:94:5c:ed:1b:2c:5d:e9:6f:2b:2c:da:f3:20:25:1f:4b:78:
2c:51:77:e9:b3:27:9e:eb:c0:b0:ea:64:0a:12:2a:10:5f:05:
dd:71:f4:de:0a:f0:af:70:1a:3d:26:90:de:04:2a:7a:f3:7c:
03:b1:9a:f0:99:76:88:be:bd:9e:2f:0c:c9:bf:00:b9:f1:f6:
6a:16:cb:5a:31:fa:1a:c8:8d:2f:88:aa:52:73:2b:c1:0e:e1:
23:b6:01:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQDGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkwNTU5WhcNMjcxMjEzMDkwNTU5WjAYMRYw
FAYDVQQDEw02NzdlM2ZmYi01NTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvCZjRqhWGUYIsoAoUEIG9WGMWL/jAX6jPu4kK3SHVMcmh4RcOgIqNDEs
wBEQNNsZgbncxKFIPeOz4jjaVbzmsVWIVXwm42idMcoJ3icYwylEhK40UIjwbN/o
FfO37d903kNCII+J9aG+WNKPZx1LZdeSZp/amZ0Yua4EhYYa88FMt9k7WMZqmrN6
rWvT8h7mSCKsOuCQbbt7U6a4Gpa6YMzt9haEuVmMRe0ZdfrY5NBZeBmymLDpmlgt
laxNeoLu6HaTRLg3vfs05xg38AD8FEDb6qOKjEy9IhDA3Y+7D76Kj+cOX3peGg5F
Aw5Utjcg25ZIpiZJ6zhNrHZgX1+biwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK2h
91dXDOyWeZ4/zZJD1ZyYEDb6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOTM4Nzg5MENEOUYxMUVGQjVGOTMyQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP0hMA0GCSqGSIb3DQEBCwUA
A4IBAQB5/sDsNtz6BKY7THyHU2vYOslIbM4cFIsD51ENpyIl09BYTZtOTfCanAuT
zAqfDDUSKq9hqqmKQ+jo9bb4twSWjRbhOl97nkvnpz5B3KyttkycN18AGhwcbZMI
Ho3u1asUjRz6+pzcI+sRBxqDR7acHo4lSBSo9cOaeuy1ksJvOedeUqi/nYfFWsbN
FxY/FIeXjdw6Mts+oKnslVwRcNOMgSQrlFztGyxd6W8rLNrzICUfS3gsUXfpsyee
68Cw6mQKEioQXwXdcfTeCvCvcBo9JpDeBCp683wDsZrwmXaIvr2eLwzJvwC58fZq
FstaMfoayI0viKpScyvBDuEjtgHz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:42 2025 by rpki-client