Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D30AC200CC9711EF9C32B786762E951A.roa
File: D30AC200CC9711EF9C32B786762E951A.roa (raw, json)
Hash identifier: dqZQCVBAIC533dN/RUZ4VUfS9Wv5JsR6F8+h0ZjP7zc=
Subject key identifier: 8B:DF:14:71:94:67:D5:A9:01:C7:6B:FE:41:E5:72:70:32:8F:21:48
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F946
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D30AC200CC9711EF9C32B786762E951A.roa
Signing time: Tue 07 Jan 2025 01:36:32 +0000
ROA not before: Tue 07 Jan 2025 01:36:29 +0000
ROA not after: Sat 13 Dec 2025 01:36:29 +0000
asID: 984
IP address blocks: 156.227.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63814 (0xf946)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 01:36:29 2025 GMT
Not After : Dec 13 01:36:29 2025 GMT
Subject: CN=677c8520-2827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:30:07:fa:73:28:d3:63:34:45:b7:62:28:05:
dc:0c:18:65:08:73:68:1c:a2:47:e3:ed:15:29:c9:
93:86:61:fd:70:14:ab:73:c5:78:a6:ed:df:5b:46:
5a:62:55:58:80:db:e4:95:69:2d:7e:bd:3c:6f:79:
4e:07:35:95:2c:00:ec:74:2d:35:dc:ab:bf:c1:c7:
30:52:48:40:5e:d6:bb:17:aa:77:2f:a9:f8:7c:51:
90:69:36:72:df:8d:f0:54:1c:2b:5f:c6:ff:37:7b:
9f:3e:93:0f:29:1b:64:b0:43:cc:45:58:42:0a:7c:
bb:21:6a:da:86:67:f4:54:ff:99:cc:18:1e:b8:d4:
e9:47:a7:4d:c7:fb:f4:66:99:6c:74:0a:9f:c4:0f:
72:72:16:af:7e:c7:d4:f9:26:d8:69:62:8b:ee:d1:
af:97:7f:96:80:bc:e2:b8:cb:aa:cd:36:49:12:08:
6d:9d:fe:dd:9e:d5:da:d4:a1:90:18:43:b1:15:37:
e7:fb:f6:5c:f4:8c:fb:04:68:e9:00:4b:2b:b7:d8:
0f:95:79:42:94:71:fe:ca:70:c0:f0:6e:9d:51:0a:
80:8e:d7:ee:ad:6e:57:b4:7f:6c:55:ea:2f:2e:0b:
0d:a0:eb:28:6f:69:71:02:39:73:01:1a:04:93:1c:
7b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DF:14:71:94:67:D5:A9:01:C7:6B:FE:41:E5:72:70:32:8F:21:48
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D30AC200CC9711EF9C32B786762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.89.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:e3:30:d5:3f:df:43:67:75:11:ac:24:f5:c4:99:d1:b2:13:
6f:45:c5:62:09:31:39:9c:3c:61:71:37:92:03:70:8a:17:e4:
c2:a0:98:30:d2:b1:e8:b4:93:ea:4f:87:d3:b5:55:81:91:92:
7c:ee:ea:bc:ab:89:6f:b1:fe:21:a3:c1:b6:59:b2:6b:12:56:
a9:ee:a8:97:3a:cf:39:39:27:a3:06:1a:14:3c:54:e5:c6:b9:
f7:af:bd:5f:3f:59:61:f9:74:b8:df:e3:f4:44:fb:da:e8:3e:
e1:e5:91:9a:73:eb:59:7f:16:b2:ec:de:2c:c5:fa:5d:bd:42:
0c:7f:d9:49:9f:1f:d6:2e:3b:dc:8e:a2:4d:2d:9a:13:96:08:
c6:45:1a:47:4f:9e:2a:57:32:ba:2e:4c:b3:2e:d6:f9:78:a4:
61:76:f6:24:ed:66:80:fe:8c:a9:97:39:bb:12:1f:fd:a6:49:
43:33:95:f2:c4:1a:f5:51:fc:0b:56:13:b5:25:08:c0:81:f5:
9b:e3:93:21:5d:0e:d6:95:5b:b7:53:7b:20:6c:91:2d:34:10:
d4:6e:99:e4:29:6f:44:f6:f3:e3:30:55:43:cf:4d:1e:e1:75:
1d:d3:84:93:ed:fe:d3:b9:14:02:71:a3:5d:4d:83:ec:3e:28:
de:1d:12:b2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPlGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDEzNjI5WhcNMjUxMjEzMDEzNjI5WjAYMRYw
FAYDVQQDEw02NzdjODUyMC0yODI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApjAH+nMo02M0RbdiKAXcDBhlCHNoHKJH4+0VKcmThmH9cBSrc8V4pu3f
W0ZaYlVYgNvklWktfr08b3lOBzWVLADsdC013Ku/wccwUkhAXta7F6p3L6n4fFGQ
aTZy343wVBwrX8b/N3ufPpMPKRtksEPMRVhCCny7IWrahmf0VP+ZzBgeuNTpR6dN
x/v0ZplsdAqfxA9ychavfsfU+SbYaWKL7tGvl3+WgLziuMuqzTZJEghtnf7dntXa
1KGQGEOxFTfn+/Zc9Iz7BGjpAEsrt9gPlXlClHH+ynDA8G6dUQqAjtfurW5XtH9s
VeovLgsNoOsob2lxAjlzARoEkxx7bwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIvf
FHGUZ9WpAcdr/kHlcnAyjyFIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMzBBQzIwMENDOTcxMUVGOUMzMkI3ODY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONZMA0GCSqGSIb3DQEBCwUA
A4IBAQCt4zDVP99DZ3URrCT1xJnRshNvRcViCTE5nDxhcTeSA3CKF+TCoJgw0rHo
tJPqT4fTtVWBkZJ87uq8q4lvsf4ho8G2WbJrElap7qiXOs85OSejBhoUPFTlxrn3
r71fP1lh+XS43+P0RPva6D7h5ZGac+tZfxay7N4sxfpdvUIMf9lJnx/WLjvcjqJN
LZoTlgjGRRpHT54qVzK6LkyzLtb5eKRhdvYk7WaA/oyplzm7Eh/9pklDM5XyxBr1
UfwLVhO1JQjAgfWb45MhXQ7WlVu3U3sgbJEtNBDUbpnkKW9E9vPjMFVDz00e4XUd
04ST7f7TuRQCcaNdTYPsPijeHRKy
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:13 2025 by rpki-client