Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D68781DECCA611EFB52E7877762E951A.roa
File: D68781DECCA611EFB52E7877762E951A.roa (raw, json)
Hash identifier: zQNyFwKMD/k7MIWUcSb8Ps6+YcDsAP7xttgUDy4eJOM=
Subject key identifier: B6:6B:F1:C9:40:10:99:EB:92:14:27:DA:65:CF:F8:4B:E7:6F:14:41
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9C6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D68781DECCA611EFB52E7877762E951A.roa
Signing time: Tue 07 Jan 2025 03:24:01 +0000
ROA not before: Tue 07 Jan 2025 03:23:57 +0000
ROA not after: Sat 13 Dec 2025 03:23:57 +0000
asID: 984
IP address blocks: 156.229.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63942 (0xf9c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 03:23:57 2025 GMT
Not After : Dec 13 03:23:57 2025 GMT
Subject: CN=677c9e51-0bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a1:77:78:84:06:38:1a:d1:86:bc:50:27:94:
cc:47:2c:f9:f3:e3:17:b3:cd:e0:96:dd:a5:52:be:
ce:0c:9a:70:58:c4:17:95:82:a2:6f:f5:2b:5e:61:
64:c4:29:4a:6c:5a:43:67:79:59:ad:4a:85:34:ae:
09:f6:7f:ee:6c:50:07:c7:d8:b3:95:40:51:0d:a3:
e5:14:a0:e2:6b:0b:e1:0e:17:6a:41:1b:83:59:b4:
22:3c:d4:11:95:af:96:20:d4:81:6b:fe:80:76:3b:
8f:79:13:69:25:82:00:46:5d:64:bb:2c:22:c8:68:
99:22:cc:34:b7:5c:25:b6:29:06:bd:44:f8:29:79:
b2:bd:0d:82:7b:89:d0:6f:c1:98:4e:2e:51:56:ab:
c4:75:db:d5:65:af:31:2e:88:e6:e7:5e:db:78:4c:
b6:14:c4:66:26:14:b0:8b:42:55:b9:5b:fe:f3:9e:
aa:bb:b0:40:6b:a7:7c:0f:92:92:a9:01:c3:0e:07:
1f:dc:b7:69:d8:f0:80:1a:54:e3:0c:31:4a:68:64:
bf:d5:48:7c:62:c3:be:ed:63:b3:83:bc:63:2c:0a:
a8:a8:61:1e:cc:91:40:38:46:c9:3d:94:f7:28:69:
ed:23:cd:ba:a9:d9:9b:95:52:8b:7c:8b:80:a2:3d:
29:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6B:F1:C9:40:10:99:EB:92:14:27:DA:65:CF:F8:4B:E7:6F:14:41
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D68781DECCA611EFB52E7877762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.246.0/24
Signature Algorithm: sha256WithRSAEncryption
67:21:3b:3c:06:2d:1e:11:63:d0:6b:ad:ce:1f:37:78:a2:ac:
c3:e4:aa:ff:8d:94:0b:57:72:40:7d:9f:b4:bf:fd:20:81:b9:
50:14:53:c4:2d:b0:65:82:35:f3:42:70:f8:b3:7c:3e:ca:fa:
54:e0:ed:26:65:be:7b:7e:7f:2d:80:2e:9a:98:78:b0:f9:57:
c0:55:b8:cb:63:4a:55:1c:23:83:66:5b:00:6c:98:92:e3:62:
ea:cf:5b:04:e9:56:2f:3a:07:84:a1:c7:9c:8e:61:88:f1:49:
35:b8:7d:6c:4c:97:79:6e:45:05:22:c2:e5:39:75:1b:93:12:
81:e1:a8:54:ac:05:5f:78:6d:33:67:3a:8d:36:02:77:81:46:
28:04:1b:ca:dc:cd:4d:f6:d8:13:51:88:8f:e7:68:60:eb:40:
b6:d0:35:f9:5e:d6:37:e5:d1:99:fd:b9:7c:cc:c9:82:c5:6f:
3f:bf:b7:0e:46:5e:25:e5:eb:a9:c1:9a:91:23:3d:aa:fd:0a:
e9:c3:1a:13:5e:80:90:61:e5:2a:d5:ef:34:58:3e:3c:d9:cc:
50:4c:e3:a7:21:56:34:76:c2:a6:00:25:8c:2f:e6:07:cc:7e:
1d:0f:8e:53:36:ee:e9:ca:08:7e:7b:f1:5c:cb:42:e7:f9:6d:
d2:30:c3:28
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPnGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDMyMzU3WhcNMjUxMjEzMDMyMzU3WjAYMRYw
FAYDVQQDEw02NzdjOWU1MS0wYmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuaF3eIQGOBrRhrxQJ5TMRyz58+MXs83glt2lUr7ODJpwWMQXlYKib/Ur
XmFkxClKbFpDZ3lZrUqFNK4J9n/ubFAHx9izlUBRDaPlFKDiawvhDhdqQRuDWbQi
PNQRla+WINSBa/6AdjuPeRNpJYIARl1kuywiyGiZIsw0t1wltikGvUT4KXmyvQ2C
e4nQb8GYTi5RVqvEddvVZa8xLojm517beEy2FMRmJhSwi0JVuVv+856qu7BAa6d8
D5KSqQHDDgcf3Ldp2PCAGlTjDDFKaGS/1Uh8YsO+7WOzg7xjLAqoqGEezJFAOEbJ
PZT3KGntI826qdmblVKLfIuAoj0pUwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLZr
8clAEJnrkhQn2mXP+EvnbxRBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENjg3ODFERUNDQTYxMUVGQjUyRTc4Nzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOX2MA0GCSqGSIb3DQEBCwUA
A4IBAQBnITs8Bi0eEWPQa63OHzd4oqzD5Kr/jZQLV3JAfZ+0v/0ggblQFFPELbBl
gjXzQnD4s3w+yvpU4O0mZb57fn8tgC6amHiw+VfAVbjLY0pVHCODZlsAbJiS42Lq
z1sE6VYvOgeEocecjmGI8Uk1uH1sTJd5bkUFIsLlOXUbkxKB4ahUrAVfeG0zZzqN
NgJ3gUYoBBvK3M1N9tgTUYiP52hg60C20DX5XtY35dGZ/bl8zMmCxW8/v7cORl4l
5eupwZqRIz2q/QrpwxoTXoCQYeUq1e80WD482cxQTOOnIVY0dsKmACWML+YHzH4d
D45TNu7pygh+e/Fcy0Ln+W3SMMMo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:05 2025 by rpki-client