Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8A9DFB2C94E11EF828248AC762E951A.roa
File: D8A9DFB2C94E11EF828248AC762E951A.roa (raw, json)
Hash identifier: 7XPlq+avWlZ/FDetYSTqLEqVUhuVpHbCN3JGQHNwrfc=
Subject key identifier: C6:9F:9A:32:4F:01:F0:5D:89:8F:9D:A9:9E:1B:A7:17:9E:9A:D1:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3B2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8A9DFB2C94E11EF828248AC762E951A.roa
Signing time: Thu 02 Jan 2025 21:16:35 +0000
ROA not before: Thu 02 Jan 2025 21:16:32 +0000
ROA not after: Sat 13 Dec 2025 21:16:32 +0000
asID: 984
IP address blocks: 156.225.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62386 (0xf3b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:16:32 2025 GMT
Not After : Dec 13 21:16:32 2025 GMT
Subject: CN=67770233-a8ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:19:f5:a8:c2:64:2d:57:97:15:a8:6a:92:b7:
6f:b1:22:32:f5:a6:c9:5b:24:58:3a:cd:41:b1:27:
73:06:0b:ec:88:d1:ad:b8:b6:e8:da:42:3b:19:d6:
fb:ce:31:ea:9e:75:b4:bf:9c:48:f9:7d:75:da:c4:
05:41:4c:5a:ad:c1:50:2b:86:96:85:c1:00:a6:24:
0c:ab:a6:44:d5:6f:c0:c2:1a:41:85:ee:12:b9:ce:
64:9d:8e:81:bb:6c:d0:99:6e:c4:37:91:1e:fc:fd:
6e:de:d3:d9:44:e8:84:c6:df:e6:71:be:ae:a7:45:
08:d8:31:9d:4d:7d:90:6c:7f:d8:94:74:1e:ef:1f:
06:dd:c6:06:60:56:d6:de:38:c6:25:6e:a2:bd:f4:
eb:5a:4c:42:28:9a:23:53:ef:62:77:92:9e:b2:5d:
bc:f7:d0:10:bb:f1:95:ec:26:46:f1:ca:06:9b:f0:
0c:9c:b2:b3:c4:59:4b:54:d4:7d:46:06:5c:81:e0:
8a:35:23:d9:01:0d:b9:9f:8c:b5:cc:08:86:79:4a:
14:af:9b:8e:10:db:2d:0d:e3:e1:1e:e9:d7:5e:71:
ca:21:19:94:e4:c2:86:3e:11:41:62:38:05:0a:e5:
4c:83:5b:15:d3:4f:c3:a6:c2:5c:5f:b8:19:f4:cc:
2a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9F:9A:32:4F:01:F0:5D:89:8F:9D:A9:9E:1B:A7:17:9E:9A:D1:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8A9DFB2C94E11EF828248AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.176.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a4:14:c6:5f:2f:cf:72:7e:c1:09:70:b2:6a:24:c1:14:44:
11:49:c7:9c:b1:20:e7:5e:79:ae:2e:8a:eb:de:6a:38:53:b2:
f2:9f:39:82:9f:77:72:0d:a2:79:75:57:30:e9:78:fe:95:6d:
7e:44:89:c8:15:9b:f6:52:5a:17:9b:d8:7e:2e:4a:c6:bd:2c:
3c:b3:e5:83:79:c9:14:50:1e:ea:07:c0:7b:c7:62:c7:31:77:
74:78:a2:9a:74:ad:0f:be:3e:f9:2f:9e:cb:3e:b1:04:06:5b:
4e:b6:4e:af:f2:d1:f0:c8:84:83:0c:4b:90:03:ad:5f:9e:aa:
bf:2c:d0:b0:fd:97:06:5f:84:69:86:17:8f:51:ba:6b:4c:b4:
bc:0d:b6:b3:d0:ed:85:68:cc:c2:27:ee:e7:06:88:16:17:d4:
9d:b5:c5:69:8f:cd:2d:1a:d5:2f:c3:0c:55:3b:80:8c:9e:6b:
f8:74:c3:a3:28:7a:f1:f1:4d:52:cf:cd:82:8e:75:a0:b2:74:
98:a9:9a:d8:8c:5e:1b:76:4d:7e:da:5c:d7:ab:38:92:e2:a0:
5c:80:84:61:7f:a1:1e:f0:a6:3b:7b:8b:b6:14:89:21:96:b4:
00:75:c0:1e:4e:f6:66:91:00:86:16:ef:59:e1:06:4e:b4:8b:
c9:d4:99:a3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPOyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjExNjMyWhcNMjUxMjEzMjExNjMyWjAYMRYw
FAYDVQQDEw02Nzc3MDIzMy1hOGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzhn1qMJkLVeXFahqkrdvsSIy9abJWyRYOs1BsSdzBgvsiNGtuLbo2kI7
Gdb7zjHqnnW0v5xI+X112sQFQUxarcFQK4aWhcEApiQMq6ZE1W/AwhpBhe4Suc5k
nY6Bu2zQmW7EN5Ee/P1u3tPZROiExt/mcb6up0UI2DGdTX2QbH/YlHQe7x8G3cYG
YFbW3jjGJW6ivfTrWkxCKJojU+9id5Kesl2899AQu/GV7CZG8coGm/AMnLKzxFlL
VNR9RgZcgeCKNSPZAQ25n4y1zAiGeUoUr5uOENstDePhHunXXnHKIRmU5MKGPhFB
YjgFCuVMg1sV00/DpsJcX7gZ9MwqoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMaf
mjJPAfBdiY+dqZ4bpxeemtE6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOEE5REZCMkM5NEUxMUVGODI4MjQ4QUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOGwMA0GCSqGSIb3DQEBCwUA
A4IBAQA3pBTGXy/Pcn7BCXCyaiTBFEQRScecsSDnXnmuLorr3mo4U7LynzmCn3dy
DaJ5dVcw6Xj+lW1+RInIFZv2UloXm9h+LkrGvSw8s+WDeckUUB7qB8B7x2LHMXd0
eKKadK0Pvj75L57LPrEEBltOtk6v8tHwyISDDEuQA61fnqq/LNCw/ZcGX4RphheP
UbprTLS8Dbaz0O2FaMzCJ+7nBogWF9SdtcVpj80tGtUvwwxVO4CMnmv4dMOjKHrx
8U1Sz82CjnWgsnSYqZrYjF4bdk1+2lzXqziS4qBcgIRhf6Ee8KY7e4u2FIkhlrQA
dcAeTvZmkQCGFu9Z4QZOtIvJ1Jmj
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:12 2025 by rpki-client