Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9BFC3DEC97211EF8C6A1A94762E951A.roa
File: D9BFC3DEC97211EF8C6A1A94762E951A.roa (raw, json)
Hash identifier: yz527lTmPBXVETASeH+Uo1t5aszdhkV5aQs1fjJ83dc=
Subject key identifier: 65:6E:D5:27:BE:EA:27:0F:4A:B2:0A:2D:D3:16:FE:35:60:57:A3:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4C7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9BFC3DEC97211EF8C6A1A94762E951A.roa
Signing time: Fri 03 Jan 2025 01:34:19 +0000
ROA not before: Fri 03 Jan 2025 01:34:15 +0000
ROA not after: Sat 13 Dec 2025 01:34:15 +0000
asID: 984
IP address blocks: 156.227.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62663 (0xf4c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:34:15 2025 GMT
Not After : Dec 13 01:34:15 2025 GMT
Subject: CN=67773e9b-1d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:a9:a9:40:47:77:5d:75:e8:08:4b:e9:c5:32:
ba:2e:d2:ac:ac:66:d5:8a:5c:58:66:2f:ea:c7:a9:
e2:f1:95:32:fc:6f:72:fb:8c:4b:54:72:6e:ce:a2:
b9:93:e0:c2:f6:30:66:ab:1a:73:f1:b3:17:0c:d6:
db:32:18:e2:7c:00:00:27:27:6f:18:23:80:78:c0:
e9:30:2c:7c:a0:f1:f3:0b:1b:3b:77:55:03:fe:a9:
37:a2:64:b4:e3:07:28:2c:00:f2:67:48:63:a4:b5:
76:12:1a:fc:97:8e:55:d5:fc:03:d5:50:a3:e0:c0:
ac:f4:d9:90:69:e4:10:c0:3e:ef:d4:1c:21:b2:08:
3f:2c:8e:09:15:91:10:52:58:b2:2d:96:78:e6:f3:
58:55:30:07:e5:39:16:8c:0a:12:4f:1d:33:3f:c5:
dd:1e:39:42:e7:fd:37:72:e3:26:d0:56:94:b1:11:
f3:a3:16:49:13:e2:92:60:70:d7:39:e9:66:31:f6:
08:95:82:63:b9:80:35:c1:ae:9b:46:db:92:72:1d:
ac:be:10:bd:48:91:1b:60:16:47:ab:8d:86:88:84:
8f:92:29:6f:f2:67:0b:d2:31:c2:2a:84:43:e7:84:
0d:e7:2e:2c:b6:c8:d1:08:b4:cf:92:26:8f:aa:45:
74:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6E:D5:27:BE:EA:27:0F:4A:B2:0A:2D:D3:16:FE:35:60:57:A3:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9BFC3DEC97211EF8C6A1A94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.85.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:36:75:3c:ac:48:e8:27:4f:53:c0:aa:c8:27:40:a1:58:71:
20:e3:0b:6d:6c:15:5a:f0:36:00:99:8d:ea:02:b5:1d:dd:dc:
76:c8:5a:3a:2b:2b:c5:49:03:96:30:03:a3:c5:56:12:9c:ef:
84:63:d4:c4:56:fe:3c:2a:10:bc:36:ac:c6:3d:52:0a:bc:af:
84:4f:e2:78:22:cf:01:b7:96:24:7f:56:5e:09:de:59:21:df:
f4:b6:9e:d2:19:bf:8c:f0:9b:86:9c:40:06:8a:89:8b:5b:7c:
1b:11:53:d0:66:97:c7:26:80:50:2a:83:1d:85:d7:c0:47:77:
3a:07:6f:4e:05:da:2c:b8:b5:f4:7d:e1:64:ce:41:8f:36:5e:
c1:a3:55:b0:10:a5:16:4f:68:12:7f:a3:ac:22:fd:b3:bb:18:
f1:2a:68:5a:e7:f1:84:da:3e:f4:da:9c:f6:e1:70:70:86:3a:
08:d1:dd:30:41:db:f8:53:95:c4:de:52:a8:55:8f:30:08:ea:
84:71:87:8a:9d:21:5c:6a:27:c7:d8:8f:4b:c4:dd:b7:2c:38:
5c:bd:f0:c7:2b:6b:eb:e4:78:af:12:67:6c:8f:73:66:5a:3b:
6c:dc:5b:10:f2:e5:5e:ee:19:b5:e1:bf:ae:dd:11:11:cc:f8:
b8:e8:92:ec
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPTHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDEzNDE1WhcNMjUxMjEzMDEzNDE1WjAYMRYw
FAYDVQQDEw02Nzc3M2U5Yi0xZDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6KmpQEd3XXXoCEvpxTK6LtKsrGbVilxYZi/qx6ni8ZUy/G9y+4xLVHJu
zqK5k+DC9jBmqxpz8bMXDNbbMhjifAAAJydvGCOAeMDpMCx8oPHzCxs7d1UD/qk3
omS04wcoLADyZ0hjpLV2Ehr8l45V1fwD1VCj4MCs9NmQaeQQwD7v1Bwhsgg/LI4J
FZEQUliyLZZ45vNYVTAH5TkWjAoSTx0zP8XdHjlC5/03cuMm0FaUsRHzoxZJE+KS
YHDXOelmMfYIlYJjuYA1wa6bRtuSch2svhC9SJEbYBZHq42GiISPkilv8mcL0jHC
KoRD54QN5y4stsjRCLTPkiaPqkV0FwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGVu
1Se+6icPSrIKLdMW/jVgV6NlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOUJGQzNERUM5NzIxMUVGOEM2QTFBOTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONVMA0GCSqGSIb3DQEBCwUA
A4IBAQBqNnU8rEjoJ09TwKrIJ0ChWHEg4wttbBVa8DYAmY3qArUd3dx2yFo6KyvF
SQOWMAOjxVYSnO+EY9TEVv48KhC8NqzGPVIKvK+ET+J4Is8Bt5Ykf1ZeCd5ZId/0
tp7SGb+M8JuGnEAGiomLW3wbEVPQZpfHJoBQKoMdhdfAR3c6B29OBdosuLX0feFk
zkGPNl7Bo1WwEKUWT2gSf6OsIv2zuxjxKmha5/GE2j702pz24XBwhjoI0d0wQdv4
U5XE3lKoVY8wCOqEcYeKnSFcaifH2I9LxN23LDhcvfDHK2vr5HivEmdsj3NmWjts
3FsQ8uVe7hm14b+u3RERzPi46JLs
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:34 2025 by rpki-client