Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D96D9192CCCC11EFA8698B66762E951A.roa
File: D96D9192CCCC11EFA8698B66762E951A.roa (raw, json)
Hash identifier: 9KWn2aBsDf4QqhJr5YQkMCRk2L6QE25YQoSqlISRnNs=
Subject key identifier: 53:C1:BA:00:B7:A3:39:28:6B:A8:DE:50:44:04:DE:E9:4E:5E:CC:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA8C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D96D9192CCCC11EFA8698B66762E951A.roa
Signing time: Tue 07 Jan 2025 07:56:06 +0000
ROA not before: Tue 07 Jan 2025 07:56:03 +0000
ROA not after: Mon 13 Dec 2027 07:56:03 +0000
asID: 17561
IP address blocks: 156.233.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64140 (0xfa8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 07:56:03 2025 GMT
Not After : Dec 13 07:56:03 2027 GMT
Subject: CN=677cde16-4e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d7:af:68:02:57:54:f3:fb:a8:0c:8a:5f:13:
f9:6a:42:fe:17:54:7b:3e:2a:91:a5:ba:54:d3:8b:
25:12:4b:ea:8b:91:4c:b7:be:d5:72:dd:a6:db:07:
07:33:3d:6b:a0:20:5e:27:05:ef:e0:62:e9:44:d7:
8d:6f:e2:3c:5e:59:29:6b:46:c3:81:8c:49:64:39:
f5:05:31:98:15:8d:45:e7:c3:8e:fd:1c:f1:ad:09:
19:13:ea:af:cb:c7:97:c3:ff:2a:bf:ed:30:4b:77:
ec:a6:28:b2:a1:b1:20:de:c3:73:a9:df:4d:9d:53:
23:c8:67:37:9b:f9:a7:63:17:0f:5f:50:37:ca:fa:
65:58:00:c8:86:38:85:63:d2:66:c8:c3:e2:bf:31:
43:e8:fd:77:cc:65:2f:e7:3d:09:46:a2:de:67:e7:
ce:bf:93:cf:8e:ab:11:9e:ab:55:33:b6:b9:b2:93:
29:54:75:c2:2e:b2:6c:29:7a:1e:1b:e6:90:7b:07:
d3:a2:c3:77:5e:c0:65:f7:66:b1:ac:73:0b:c9:11:
6c:b8:28:d1:1b:fe:3c:dc:07:30:cf:dd:19:2f:85:
6c:17:db:9d:f4:ab:37:b6:6a:97:31:fa:1b:a9:85:
ff:18:c3:a0:bb:cc:b8:f3:42:ac:23:09:48:b8:f0:
12:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C1:BA:00:B7:A3:39:28:6B:A8:DE:50:44:04:DE:E9:4E:5E:CC:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D96D9192CCCC11EFA8698B66762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.131.0/24
Signature Algorithm: sha256WithRSAEncryption
92:bf:0f:d2:01:5e:16:e5:1a:80:65:af:6a:2b:26:5b:37:96:
a6:e2:5c:ac:58:73:0b:23:79:49:80:ff:73:ff:7e:b5:29:f5:
6d:b3:d0:72:46:72:d2:08:4f:95:aa:50:0e:d8:b1:67:32:11:
f0:df:6d:b8:81:6d:e2:0f:b1:e5:00:74:64:75:3e:7b:d7:4b:
0c:fd:55:b5:66:53:7a:4e:f5:7b:7b:27:d3:c0:9e:fd:95:04:
91:9d:f5:de:bc:ba:c9:28:e2:f1:e0:60:f5:e7:6d:70:9d:2a:
94:0b:9c:ae:74:77:7a:3f:f2:95:22:38:2d:54:7c:14:f2:0d:
74:72:fe:72:a4:1e:35:49:9e:3d:ab:95:a1:d6:5a:25:15:85:
7c:80:80:65:97:db:95:ca:4b:d1:ac:d6:e2:8c:ba:8f:52:f8:
11:a1:4a:15:3c:20:74:80:d5:5e:1c:34:f0:d7:9a:97:08:18:
4e:ab:fe:f7:66:cf:14:bc:ff:d6:09:e7:6d:d5:23:2b:6b:50:
b3:a4:06:9f:2f:8a:56:86:14:2d:02:e9:80:12:00:56:22:3f:
22:0c:77:cf:2e:cc:ba:57:4c:66:a7:08:09:96:3f:5c:4f:49:
23:65:58:4b:8e:af:2e:eb:c0:6e:70:65:0f:f0:fc:d6:2a:b6:
0b:5b:d2:a6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPqMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDc1NjAzWhcNMjcxMjEzMDc1NjAzWjAYMRYw
FAYDVQQDEw02NzdjZGUxNi00ZTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1devaAJXVPP7qAyKXxP5akL+F1R7PiqRpbpU04slEkvqi5FMt77Vct2m
2wcHMz1roCBeJwXv4GLpRNeNb+I8Xlkpa0bDgYxJZDn1BTGYFY1F58OO/RzxrQkZ
E+qvy8eXw/8qv+0wS3fspiiyobEg3sNzqd9NnVMjyGc3m/mnYxcPX1A3yvplWADI
hjiFY9JmyMPivzFD6P13zGUv5z0JRqLeZ+fOv5PPjqsRnqtVM7a5spMpVHXCLrJs
KXoeG+aQewfTosN3XsBl92axrHMLyRFsuCjRG/483Acwz90ZL4VsF9ud9Ks3tmqX
MfobqYX/GMOgu8y480KsIwlIuPASmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFPB
ugC3ozkoa6jeUEQE3ulOXsyvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOTZEOTE5MkNDQ0MxMUVGQTg2OThCNjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmDMA0GCSqGSIb3DQEBCwUA
A4IBAQCSvw/SAV4W5RqAZa9qKyZbN5am4lysWHMLI3lJgP9z/361KfVts9ByRnLS
CE+VqlAO2LFnMhHw3224gW3iD7HlAHRkdT5710sM/VW1ZlN6TvV7eyfTwJ79lQSR
nfXevLrJKOLx4GD1521wnSqUC5yudHd6P/KVIjgtVHwU8g10cv5ypB41SZ49q5Wh
1lolFYV8gIBll9uVykvRrNbijLqPUvgRoUoVPCB0gNVeHDTw15qXCBhOq/73Zs8U
vP/WCedt1SMra1CzpAafL4pWhhQtAumAEgBWIj8iDHfPLsy6V0xmpwgJlj9cT0kj
ZVhLjq8u68BucGUP8PzWKrYLW9Km
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:59 2025 by rpki-client