Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D00AE1F8C96211EF8AD0C9A9762E951A.roa
File: D00AE1F8C96211EF8AD0C9A9762E951A.roa (raw, json)
Hash identifier: t9WEClJ7w3PVeALR+txraAFk8moNMGx9RN2MNhYn09U=
Subject key identifier: A8:ED:CB:B0:28:5D:03:96:B3:AB:B8:56:F0:0C:D8:9E:82:33:F9:66
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F470
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D00AE1F8C96211EF8AD0C9A9762E951A.roa
Signing time: Thu 02 Jan 2025 23:39:31 +0000
ROA not before: Thu 02 Jan 2025 23:39:27 +0000
ROA not after: Sat 13 Dec 2025 23:39:27 +0000
asID: 984
IP address blocks: 156.226.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62576 (0xf470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 23:39:27 2025 GMT
Not After : Dec 13 23:39:27 2025 GMT
Subject: CN=677723b2-0761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:66:9a:38:b9:a2:cc:ec:47:dd:3d:30:5a:5c:
7b:19:99:fe:59:1a:2e:58:45:0d:58:86:6e:fe:04:
61:54:b5:d0:e0:64:7c:61:57:12:24:24:82:e1:46:
97:15:94:d4:75:ca:f0:fc:97:f5:fd:b6:7e:ae:55:
2b:1a:77:09:c0:1e:38:df:93:c2:76:2d:2d:6a:c6:
e0:89:0a:2c:c2:69:c3:e1:db:c7:91:46:1c:6a:f6:
d1:6b:c2:1a:6c:ee:7c:cd:89:e8:91:3f:dc:22:13:
9c:48:08:e2:78:6f:41:12:88:53:94:3e:7c:0d:f8:
fb:89:4a:d6:71:7a:06:f4:eb:24:f5:54:d0:75:bb:
b7:d9:ab:c5:5a:c2:05:48:1d:5a:65:1d:2b:e7:c6:
bb:90:9f:e5:fe:fb:96:d9:e6:5a:4d:5a:bb:a8:5b:
56:77:ad:25:b6:1b:c1:4f:db:8c:c3:a4:9b:d1:20:
e6:ad:a1:be:5e:e4:77:3f:0f:68:f3:29:28:5b:21:
56:95:c9:99:4d:3c:10:8f:c3:1e:45:73:b9:58:a2:
4b:ea:ae:ea:f1:fc:cd:b6:94:48:b9:08:35:83:06:
2d:1c:97:bd:7a:a0:d9:43:6f:82:02:b6:5e:d4:c1:
3b:c3:96:fe:55:a4:bd:75:85:ab:d2:96:e6:84:9d:
0e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:ED:CB:B0:28:5D:03:96:B3:AB:B8:56:F0:0C:D8:9E:82:33:F9:66
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D00AE1F8C96211EF8AD0C9A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.234.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:84:7e:94:15:ae:6a:9c:a1:2c:9b:b5:16:3b:94:b6:d1:7a:
72:64:bc:e8:0b:c3:c8:12:8d:83:37:2a:80:02:4f:5d:ae:31:
26:71:08:91:d3:6b:8c:bd:c1:91:3e:36:ae:da:16:3b:fb:04:
7c:ae:cc:77:1a:f7:ac:c9:13:20:95:8d:63:95:a5:61:54:49:
5c:4b:0d:62:66:da:b1:fc:03:f8:1c:27:f3:47:02:46:aa:4a:
26:ab:0f:14:2c:b9:6c:7e:b2:d4:7b:3a:59:0a:3f:ba:ff:da:
05:c6:15:ca:9e:cb:f0:f2:c9:72:18:28:98:fb:4e:ae:ee:44:
b3:2d:20:ee:b8:fa:56:ec:b5:81:c6:89:7f:0c:7a:60:1a:1e:
83:41:c4:69:14:c3:e6:f8:61:ab:1f:58:e6:89:12:75:2a:c6:
96:4a:db:d7:a1:51:43:68:a9:a3:69:35:ea:5e:da:bd:06:bf:
37:2d:e1:cc:df:ee:74:db:af:48:80:04:f2:09:ac:23:0a:b9:
b7:11:ac:2f:85:8b:e5:f2:f6:e8:5e:5a:75:2a:02:c2:8f:25:
e1:3b:3e:e0:5d:38:74:3e:16:25:6c:79:d6:1e:b1:9d:9f:58:
c5:3e:85:cd:d0:ee:59:c1:2c:6b:43:ca:d6:a0:cc:2e:b3:ed:
34:ed:09:d5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPRwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjMzOTI3WhcNMjUxMjEzMjMzOTI3WjAYMRYw
FAYDVQQDEw02Nzc3MjNiMi0wNzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqGaaOLmizOxH3T0wWlx7GZn+WRouWEUNWIZu/gRhVLXQ4GR8YVcSJCSC
4UaXFZTUdcrw/Jf1/bZ+rlUrGncJwB4435PCdi0tasbgiQoswmnD4dvHkUYcavbR
a8IabO58zYnokT/cIhOcSAjieG9BEohTlD58Dfj7iUrWcXoG9Osk9VTQdbu32avF
WsIFSB1aZR0r58a7kJ/l/vuW2eZaTVq7qFtWd60lthvBT9uMw6Sb0SDmraG+XuR3
Pw9o8ykoWyFWlcmZTTwQj8MeRXO5WKJL6q7q8fzNtpRIuQg1gwYtHJe9eqDZQ2+C
ArZe1ME7w5b+VaS9dYWr0pbmhJ0OtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKjt
y7AoXQOWs6u4VvAM2J6CM/lmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMDBBRTFGOEM5NjIxMUVGOEFEMEM5QTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLqMA0GCSqGSIb3DQEBCwUA
A4IBAQCuhH6UFa5qnKEsm7UWO5S20XpyZLzoC8PIEo2DNyqAAk9drjEmcQiR02uM
vcGRPjau2hY7+wR8rsx3GvesyRMglY1jlaVhVElcSw1iZtqx/AP4HCfzRwJGqkom
qw8ULLlsfrLUezpZCj+6/9oFxhXKnsvw8slyGCiY+06u7kSzLSDuuPpW7LWBxol/
DHpgGh6DQcRpFMPm+GGrH1jmiRJ1KsaWStvXoVFDaKmjaTXqXtq9Br83LeHM3+50
269IgATyCawjCrm3EawvhYvl8vboXlp1KgLCjyXhOz7gXTh0PhYlbHnWHrGdn1jF
PoXN0O5ZwSxrQ8rWoMwus+007QnV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:03 2025 by rpki-client