Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D78BA0DCCD6011EF9A5F0791762E951A.roa
File: D78BA0DCCD6011EF9A5F0791762E951A.roa (raw, json)
Hash identifier: CgFjgmFVNKLMeXzAqmdHYUBJnNj6Ds8V4QGKIX1aFTc=
Subject key identifier: 9D:B9:6A:F5:59:CC:A5:BE:2C:3B:79:6C:79:61:60:D8:40:5B:6E:7B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF31
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D78BA0DCCD6011EF9A5F0791762E951A.roa
Signing time: Wed 08 Jan 2025 01:35:29 +0000
ROA not before: Wed 08 Jan 2025 01:35:25 +0000
ROA not after: Sat 13 Dec 2025 01:35:25 +0000
asID: 984
IP address blocks: 156.247.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65329 (0xff31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 01:35:25 2025 GMT
Not After : Dec 13 01:35:25 2025 GMT
Subject: CN=677dd661-8eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ca:a7:0b:c4:80:1b:6b:9c:64:84:29:83:0f:
2e:a5:25:81:e0:11:54:4e:71:ba:65:a7:47:57:79:
c4:7f:7b:a9:ce:f4:84:12:e3:be:59:c2:b1:e7:0b:
4c:6c:01:95:93:4c:11:af:82:9d:e1:3a:a4:7b:37:
42:03:97:39:a6:6d:1e:23:d2:dd:e4:89:35:20:1f:
ab:95:19:05:c2:8a:bd:b1:1f:3e:96:fb:a8:80:f6:
82:39:96:04:72:05:2b:61:d8:55:a9:d8:df:16:fb:
b3:23:9c:f9:d8:b0:2f:7b:e7:70:62:75:1a:69:d5:
e6:29:bf:a9:e5:20:04:46:0d:23:42:24:7a:9f:1c:
b2:80:c9:12:9b:ec:93:ce:2d:31:6a:6a:88:9a:c0:
79:49:15:7d:a0:0a:6d:82:25:54:d9:74:7a:97:3f:
eb:41:1b:ab:83:15:b1:2d:38:2d:55:68:3e:54:c4:
c5:64:2a:e7:2c:70:45:a3:90:10:ed:d1:56:23:4f:
ef:b9:17:ea:53:9c:54:c8:57:96:ca:3f:43:19:ab:
99:13:92:0d:81:c2:3e:68:9b:a9:1c:e4:62:0b:f6:
57:df:b9:fd:e9:c5:84:66:a2:29:f8:24:83:27:f7:
4c:16:f5:c4:03:6b:b5:a8:d8:a2:e3:d5:32:56:65:
19:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B9:6A:F5:59:CC:A5:BE:2C:3B:79:6C:79:61:60:D8:40:5B:6E:7B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D78BA0DCCD6011EF9A5F0791762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.97.0/24
Signature Algorithm: sha256WithRSAEncryption
99:98:e2:01:17:5a:07:6a:3f:49:1a:b3:f9:4f:1a:74:a3:e7:
e3:59:be:14:99:33:e2:ea:c1:a8:17:34:a2:d9:bf:a0:18:4c:
61:85:6a:2e:ae:d4:26:88:6b:a7:7e:c9:eb:67:10:74:f9:fc:
51:da:7c:84:df:e1:e0:17:6f:4c:be:43:fe:a6:ad:24:10:67:
02:19:73:2a:2e:87:44:7e:56:72:ac:b0:14:91:92:58:59:72:
d4:de:cb:9c:4a:a0:cf:a0:bb:84:b1:51:fc:16:a6:d9:a1:dc:
80:b9:65:99:1a:60:5e:2c:df:cc:6b:3f:76:6f:85:7d:ff:c7:
ff:c5:35:fb:8f:82:97:1e:51:53:82:ce:16:35:38:95:83:33:
a6:cb:f8:1f:a1:13:e5:a6:da:14:42:57:23:f4:76:81:b8:24:
97:7b:a5:f5:c9:76:83:11:f2:fc:1b:99:79:c6:ac:07:a0:f9:
76:50:7a:c8:8a:b7:ee:35:1f:37:24:f3:aa:2c:35:97:51:63:
13:f3:ce:09:c9:2e:8b:b3:e3:7f:7c:a3:00:a5:65:f4:f9:11:
f2:25:d1:23:f0:ed:a4:d6:57:1f:aa:0e:81:1f:6f:6d:eb:c6:
bd:a4:d7:33:1d:a9:ce:67:b6:72:a3:35:ff:07:d5:09:c5:c0:
99:28:b8:ea
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP8xMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDEzNTI1WhcNMjUxMjEzMDEzNTI1WjAYMRYw
FAYDVQQDEw02NzdkZDY2MS04ZWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8qnC8SAG2ucZIQpgw8upSWB4BFUTnG6ZadHV3nEf3upzvSEEuO+WcKx
5wtMbAGVk0wRr4Kd4TqkezdCA5c5pm0eI9Ld5Ik1IB+rlRkFwoq9sR8+lvuogPaC
OZYEcgUrYdhVqdjfFvuzI5z52LAve+dwYnUaadXmKb+p5SAERg0jQiR6nxyygMkS
m+yTzi0xamqImsB5SRV9oAptgiVU2XR6lz/rQRurgxWxLTgtVWg+VMTFZCrnLHBF
o5AQ7dFWI0/vuRfqU5xUyFeWyj9DGauZE5INgcI+aJupHORiC/ZX37n96cWEZqIp
+CSDJ/dMFvXEA2u1qNii49UyVmUZfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ25
avVZzKW+LDt5bHlhYNhAW257MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENzhCQTBEQ0NENjAxMUVGOUE1RjA3OTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdhMA0GCSqGSIb3DQEBCwUA
A4IBAQCZmOIBF1oHaj9JGrP5Txp0o+fjWb4UmTPi6sGoFzSi2b+gGExhhWourtQm
iGunfsnrZxB0+fxR2nyE3+HgF29MvkP+pq0kEGcCGXMqLodEflZyrLAUkZJYWXLU
3sucSqDPoLuEsVH8FqbZodyAuWWZGmBeLN/Maz92b4V9/8f/xTX7j4KXHlFTgs4W
NTiVgzOmy/gfoRPlptoUQlcj9HaBuCSXe6X1yXaDEfL8G5l5xqwHoPl2UHrIirfu
NR83JPOqLDWXUWMT884JyS6Ls+N/fKMApWX0+RHyJdEj8O2k1lcfqg6BH29t68a9
pNczHanOZ7ZyozX/B9UJxcCZKLjq
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:42 2025 by rpki-client