Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDB6F2CECD5F11EFA13E7B88762E951A.roa
File: CDB6F2CECD5F11EFA13E7B88762E951A.roa (raw, json)
Hash identifier: myKN7yjrCqEZRxhXs29OCBkUwaI28yWwwYEDWKW+de4=
Subject key identifier: E9:96:5D:46:74:C8:F9:8A:AA:96:37:EA:C8:6D:8C:7F:22:53:9D:80
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF29
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDB6F2CECD5F11EFA13E7B88762E951A.roa
Signing time: Wed 08 Jan 2025 01:28:03 +0000
ROA not before: Wed 08 Jan 2025 01:27:59 +0000
ROA not after: Sat 13 Dec 2025 01:27:59 +0000
asID: 984
IP address blocks: 156.247.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65321 (0xff29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 01:27:59 2025 GMT
Not After : Dec 13 01:27:59 2025 GMT
Subject: CN=677dd4a3-3eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:64:2a:da:95:cf:ea:c3:5c:7e:cd:24:91:f9:
a8:59:d9:ec:a7:ac:60:94:60:73:1d:82:4f:0b:c3:
c8:ba:a6:ec:52:45:63:6b:73:43:d1:11:02:a3:ac:
42:a3:d4:4c:b0:af:30:ed:bb:ae:12:6e:04:2a:89:
a8:dc:d6:3e:09:dd:e8:c9:16:69:2e:63:dc:a2:64:
e0:41:70:6e:a5:93:00:dd:d5:33:60:c0:30:f2:51:
ad:55:60:29:ea:88:7e:6d:a2:5c:a4:37:18:2d:b8:
b1:17:5c:45:31:1a:25:5c:21:57:6f:3a:10:a4:31:
53:7a:4a:3c:7c:0a:a5:d9:59:66:a0:bf:5e:5f:cd:
89:67:1f:4a:56:2d:fb:44:a6:21:0a:ec:56:10:fd:
29:62:01:de:0b:15:fb:ee:44:f5:f2:d7:f1:17:2e:
cd:f8:6f:01:17:b2:39:17:19:92:eb:89:d3:ea:03:
34:48:bc:bd:81:19:61:00:0c:e8:11:5d:77:81:c6:
07:b7:cd:d1:fb:c3:49:c9:0e:f9:6a:04:11:01:6d:
aa:00:da:19:b0:27:54:55:35:2c:0c:a2:f6:66:c9:
26:22:30:32:2c:77:aa:e3:9d:38:45:6c:97:99:82:
1a:fc:cc:dc:5b:7c:94:d5:11:db:9e:2d:86:11:09:
24:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:96:5D:46:74:C8:F9:8A:AA:96:37:EA:C8:6D:8C:7F:22:53:9D:80
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDB6F2CECD5F11EFA13E7B88762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.93.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c0:86:f9:27:14:63:1e:b5:65:3a:da:a1:d8:2a:84:b8:8b:
32:7c:dd:64:74:c7:62:12:05:47:e8:de:95:31:d3:85:63:6d:
92:86:c4:45:fd:6d:f3:dd:1f:19:4f:55:b7:6a:94:e2:33:2a:
a2:a6:6b:d9:0c:16:00:ed:70:6f:5d:8e:9f:c8:81:68:27:0c:
a1:80:66:7c:52:d9:88:b6:7e:35:2a:d6:16:e8:92:f6:12:cc:
0b:2e:82:7d:62:c2:42:23:62:63:1f:ec:75:a6:69:c9:37:72:
a8:a1:9c:7f:84:b7:4e:3e:c1:c6:37:61:df:7a:a1:a5:25:0e:
d7:ab:9a:b8:a6:e1:68:67:7e:b5:89:d7:3c:f5:8b:ef:9c:ba:
b3:d2:e5:07:6e:00:bb:ef:c5:ef:71:c6:aa:7a:d6:4c:b2:15:
ac:4f:87:e6:73:2b:e3:9f:31:ed:45:20:ce:45:39:f5:c8:99:
9f:e5:8e:27:cd:6f:d3:2e:31:cd:3f:fe:6d:ba:cd:6e:50:f6:
fe:a0:05:3e:1b:ab:6b:dd:1b:06:3d:81:16:df:74:76:fc:90:
31:fa:13:19:18:1a:c3:33:1c:38:10:81:a6:02:4a:66:50:80:
62:c3:03:e5:e6:f3:7d:f8:f4:de:b0:44:42:f2:fc:2e:5e:9b:
74:88:04:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP8pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDEyNzU5WhcNMjUxMjEzMDEyNzU5WjAYMRYw
FAYDVQQDEw02NzdkZDRhMy0zZWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz2Qq2pXP6sNcfs0kkfmoWdnsp6xglGBzHYJPC8PIuqbsUkVja3ND0REC
o6xCo9RMsK8w7buuEm4EKomo3NY+Cd3oyRZpLmPcomTgQXBupZMA3dUzYMAw8lGt
VWAp6oh+baJcpDcYLbixF1xFMRolXCFXbzoQpDFTeko8fAql2VlmoL9eX82JZx9K
Vi37RKYhCuxWEP0pYgHeCxX77kT18tfxFy7N+G8BF7I5FxmS64nT6gM0SLy9gRlh
AAzoEV13gcYHt83R+8NJyQ75agQRAW2qANoZsCdUVTUsDKL2ZskmIjAyLHeq4504
RWyXmYIa/MzcW3yU1RHbni2GEQkkmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOmW
XUZ0yPmKqpY36shtjH8iU52AMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DREI2RjJDRUNENUYxMUVGQTEzRTdCODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPddMA0GCSqGSIb3DQEBCwUA
A4IBAQCTwIb5JxRjHrVlOtqh2CqEuIsyfN1kdMdiEgVH6N6VMdOFY22ShsRF/W3z
3R8ZT1W3apTiMyqipmvZDBYA7XBvXY6fyIFoJwyhgGZ8UtmItn41KtYW6JL2EswL
LoJ9YsJCI2JjH+x1pmnJN3KooZx/hLdOPsHGN2HfeqGlJQ7Xq5q4puFoZ361idc8
9YvvnLqz0uUHbgC778XvccaqetZMshWsT4fmcyvjnzHtRSDORTn1yJmf5Y4nzW/T
LjHNP/5tus1uUPb+oAU+G6tr3RsGPYEW33R2/JAx+hMZGBrDMxw4EIGmAkpmUIBi
wwPl5vN9+PTesERC8vwuXpt0iATl
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:46 2025 by rpki-client