Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D004DDF4D2F311EFA10B947E762E951A.roa
File: D004DDF4D2F311EFA10B947E762E951A.roa (raw, json)
Hash identifier: 2d1kXXnAQvV5phhSqwWXmPgRX/DvKhmVQqy5iyrpMeM=
Subject key identifier: 07:3A:93:3B:07:D2:F6:A4:35:3A:21:61:B6:01:D2:30:75:C9:F7:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010793
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D004DDF4D2F311EFA10B947E762E951A.roa
Signing time: Wed 15 Jan 2025 03:50:08 +0000
ROA not before: Wed 15 Jan 2025 03:50:04 +0000
ROA not after: Sat 03 Jan 2026 03:50:04 +0000
asID: 984
IP address blocks: 156.249.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67475 (0x10793)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 03:50:04 2025 GMT
Not After : Jan 3 03:50:04 2026 GMT
Subject: CN=67873070-e8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:35:5b:7b:80:0e:24:c3:97:e7:9d:6b:90:5e:
26:f7:db:71:fc:b5:71:13:22:26:1b:02:8a:d3:27:
c5:1c:f0:ad:5b:15:af:6f:c2:50:15:f0:40:e3:f0:
4e:a4:c4:77:39:06:b3:db:c3:ed:94:fb:05:a2:63:
24:58:ac:5b:45:9d:78:62:18:b6:b4:c0:b3:b8:df:
be:d7:5d:f6:6a:57:5b:47:37:ec:7d:66:5b:74:ff:
c3:63:5c:26:19:2c:75:c4:d9:17:a8:7b:3d:1d:7a:
ec:16:2c:e6:68:b3:75:8b:11:28:4e:de:0f:95:97:
45:4f:27:5a:05:10:90:d5:71:1d:48:c2:53:64:37:
40:b7:a7:15:a3:f6:24:9a:a7:65:61:74:96:92:63:
4a:0f:e3:2e:72:e3:75:53:e2:ef:74:1a:67:62:9e:
be:e5:63:02:ba:e6:05:75:38:a2:ec:a4:b4:3f:49:
b4:58:f6:4b:02:30:3b:28:2f:f1:44:42:ca:c2:39:
28:b1:ad:44:98:05:3a:f8:47:58:35:51:b6:76:52:
3c:6a:0d:96:77:20:da:62:c5:38:ba:73:bc:58:02:
8e:a1:3e:7a:db:68:8b:bd:87:54:e1:c9:28:0a:0d:
aa:f1:3b:60:0e:f4:57:3c:12:b7:1e:ef:2e:d4:bd:
b5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:3A:93:3B:07:D2:F6:A4:35:3A:21:61:B6:01:D2:30:75:C9:F7:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D004DDF4D2F311EFA10B947E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.98.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:15:43:7b:0c:f4:3b:e5:2e:9a:83:04:ad:1a:b4:ef:15:d3:
d5:de:9f:89:94:c3:6c:2a:e1:1a:bc:46:d8:25:cb:6e:95:d6:
69:00:05:ef:f6:13:d1:7a:4e:6b:25:6f:b4:98:31:03:7f:4d:
a4:e8:7a:7a:0b:6e:8b:2c:c0:49:98:08:1b:79:d9:77:ae:22:
2e:59:40:f9:70:48:30:e1:29:f8:41:8d:3c:4e:ad:05:68:f1:
6f:36:2c:63:7d:72:d6:e8:23:cd:3d:0e:77:fe:4b:61:e5:dc:
ca:76:8e:e0:d7:2d:3d:cf:33:f9:f2:32:a3:b1:9f:be:21:bf:
f0:93:30:45:18:49:b8:95:d2:b5:51:ba:d4:3e:65:76:5b:f2:
85:3c:da:27:34:3d:11:b7:a6:78:49:76:21:b4:fa:40:05:0a:
41:b4:d8:17:52:f5:5f:d3:47:a7:72:68:2f:f9:47:f9:86:88:
e5:77:c8:cf:76:71:e7:be:df:57:10:05:21:1d:51:a5:c7:7e:
b7:99:df:80:74:56:1e:09:fa:57:c6:64:57:78:23:2a:e5:ec:
e5:29:47:69:93:f1:8b:63:54:10:13:02:e8:46:15:26:1c:6f:
75:88:4d:1b:76:3c:b0:dd:00:ee:60:a7:80:c1:b9:3f:7c:1d:
f3:94:04:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQeTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDM1MDA0WhcNMjYwMTAzMDM1MDA0WjAYMRYw
FAYDVQQDEw02Nzg3MzA3MC1lOGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnTVbe4AOJMOX551rkF4m99tx/LVxEyImGwKK0yfFHPCtWxWvb8JQFfBA
4/BOpMR3OQaz28PtlPsFomMkWKxbRZ14Yhi2tMCzuN++1132aldbRzfsfWZbdP/D
Y1wmGSx1xNkXqHs9HXrsFizmaLN1ixEoTt4PlZdFTydaBRCQ1XEdSMJTZDdAt6cV
o/YkmqdlYXSWkmNKD+MucuN1U+LvdBpnYp6+5WMCuuYFdTii7KS0P0m0WPZLAjA7
KC/xRELKwjkosa1EmAU6+EdYNVG2dlI8ag2WdyDaYsU4unO8WAKOoT5622iLvYdU
4ckoCg2q8TtgDvRXPBK3Hu8u1L21uwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAc6
kzsH0vakNTohYbYB0jB1yfdtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDA0RERGNEQyRjMxMUVGQTEwQjk0N0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPliMA0GCSqGSIb3DQEBCwUA
A4IBAQC2FUN7DPQ75S6agwStGrTvFdPV3p+JlMNsKuEavEbYJctuldZpAAXv9hPR
ek5rJW+0mDEDf02k6Hp6C26LLMBJmAgbedl3riIuWUD5cEgw4Sn4QY08Tq0FaPFv
NixjfXLW6CPNPQ53/kth5dzKdo7g1y09zzP58jKjsZ++Ib/wkzBFGEm4ldK1UbrU
PmV2W/KFPNonND0Rt6Z4SXYhtPpABQpBtNgXUvVf00encmgv+Uf5hojld8jPdnHn
vt9XEAUhHVGlx363md+AdFYeCfpXxmRXeCMq5ezlKUdpk/GLY1QQEwLoRhUmHG91
iE0bdjyw3QDuYKeAwbk/fB3zlAS8
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:51 2025 by rpki-client