Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9EC6F20CCE011EF95EC2C66762E951A.roa
File: E9EC6F20CCE011EF95EC2C66762E951A.roa (raw, json)
Hash identifier: n+qO67BNoUvENxbRSWBycJHiJAA9vrUMy6K7/6+urZg=
Subject key identifier: C3:01:E1:0B:BC:09:8F:3D:2F:5A:56:03:FF:70:F6:7B:FF:85:AC:6A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBA1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9EC6F20CCE011EF95EC2C66762E951A.roa
Signing time: Tue 07 Jan 2025 10:19:44 +0000
ROA not before: Tue 07 Jan 2025 10:19:40 +0000
ROA not after: Sat 13 Dec 2025 10:19:40 +0000
asID: 984
IP address blocks: 156.233.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64417 (0xfba1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 10:19:40 2025 GMT
Not After : Dec 13 10:19:40 2025 GMT
Subject: CN=677cffc0-ed47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:dd:2b:5a:a9:72:45:90:fb:68:d1:a7:e8:b5:
fc:a9:c1:9c:d7:54:34:aa:bc:4d:72:58:65:88:bf:
45:a3:1f:7b:69:de:06:61:cd:65:cf:4e:2d:3d:50:
ec:58:4e:f0:cf:3a:47:28:05:5f:e5:f5:67:7d:e0:
a9:02:96:3a:73:98:3a:40:82:7a:0e:84:cf:9c:98:
92:3e:e8:d9:ad:c9:0b:01:88:fe:fb:6e:65:89:3c:
79:ac:95:2f:bf:9d:9f:a2:bb:f9:e7:af:48:2e:4c:
67:8a:a3:7c:ac:70:26:0a:26:3f:17:b5:07:48:44:
51:4b:8f:a6:ab:11:2c:52:36:3b:f3:7f:ef:eb:c6:
3b:b9:61:8e:fc:12:96:d9:80:b9:a0:50:21:ed:05:
53:03:05:fa:fe:be:d5:f8:1b:ab:07:cc:0b:2e:e7:
1f:f2:8b:3c:fd:7d:ab:2c:9d:6d:7a:6a:14:88:06:
38:c5:c0:5e:d7:20:f0:3e:1c:eb:88:b5:b6:7d:34:
50:71:9d:a7:e1:09:b6:c5:eb:86:66:dd:c6:81:65:
58:29:96:f9:a8:bb:c8:d7:ff:ca:8e:38:eb:74:88:
83:d4:ea:43:67:4b:52:54:ef:65:46:37:1b:bb:71:
d1:54:3a:45:10:af:58:b3:d0:a0:75:ae:78:be:94:
1e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:01:E1:0B:BC:09:8F:3D:2F:5A:56:03:FF:70:F6:7B:FF:85:AC:6A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9EC6F20CCE011EF95EC2C66762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.229.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:e0:de:7a:49:db:11:31:b9:f4:68:9b:97:84:5a:d8:c3:33:
af:9c:f9:70:b4:eb:ec:69:4d:e2:a6:92:fd:c6:11:42:52:2a:
d0:11:87:a1:f1:9d:b4:f4:ee:d7:7f:ff:7b:7b:6e:58:0d:a6:
ce:ba:50:aa:f4:b4:df:d4:15:b8:2c:e2:cc:b3:73:f4:b1:46:
c5:14:d1:55:12:2e:a1:d7:cc:26:6b:a4:aa:23:76:7f:03:a5:
34:ed:07:9d:82:2b:da:5c:97:48:6c:c5:66:5a:1d:25:78:20:
69:da:b8:08:d1:c7:6f:85:96:3c:a0:ad:02:46:84:9c:8f:de:
fc:23:bb:89:e5:b3:b3:99:47:b7:6f:6c:9e:6b:db:0f:63:d3:
11:7d:be:da:cd:24:e5:62:d9:3f:b5:43:cf:c8:29:8b:a7:45:
a8:b9:01:98:96:ba:94:48:07:98:e1:24:a3:e3:4c:17:74:e6:
39:23:14:dd:5b:71:5a:65:3d:2f:f8:70:5b:9f:92:99:0e:f8:
bf:fa:66:39:64:3e:a6:31:17:ec:03:ef:dc:44:6b:5e:d2:a2:
3d:03:c4:04:cf:45:d4:aa:de:c9:e5:f1:c2:66:64:29:cb:64:
72:75:63:43:d7:09:b2:1d:c1:6f:f0:66:ce:f9:e4:b5:08:9e:
e4:33:37:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPuhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTAxOTQwWhcNMjUxMjEzMTAxOTQwWjAYMRYw
FAYDVQQDEw02NzdjZmZjMC1lZDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2d0rWqlyRZD7aNGn6LX8qcGc11Q0qrxNclhliL9Fox97ad4GYc1lz04t
PVDsWE7wzzpHKAVf5fVnfeCpApY6c5g6QIJ6DoTPnJiSPujZrckLAYj++25liTx5
rJUvv52forv5569ILkxniqN8rHAmCiY/F7UHSERRS4+mqxEsUjY783/v68Y7uWGO
/BKW2YC5oFAh7QVTAwX6/r7V+BurB8wLLucf8os8/X2rLJ1temoUiAY4xcBe1yDw
PhzriLW2fTRQcZ2n4Qm2xeuGZt3GgWVYKZb5qLvI1//KjjjrdIiD1OpDZ0tSVO9l
Rjcbu3HRVDpFEK9Ys9Cgda54vpQe/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMMB
4Qu8CY89L1pWA/9w9nv/haxqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOUVDNkYyMENDRTAxMUVGOTVFQzJDNjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnlMA0GCSqGSIb3DQEBCwUA
A4IBAQBq4N56SdsRMbn0aJuXhFrYwzOvnPlwtOvsaU3ippL9xhFCUirQEYeh8Z20
9O7Xf/97e25YDabOulCq9LTf1BW4LOLMs3P0sUbFFNFVEi6h18wma6SqI3Z/A6U0
7QedgivaXJdIbMVmWh0leCBp2rgI0cdvhZY8oK0CRoScj978I7uJ5bOzmUe3b2ye
a9sPY9MRfb7azSTlYtk/tUPPyCmLp0WouQGYlrqUSAeY4SSj40wXdOY5IxTdW3Fa
ZT0v+HBbn5KZDvi/+mY5ZD6mMRfsA+/cRGte0qI9A8QEz0XUqt7J5fHCZmQpy2Ry
dWND1wmyHcFv8GbO+eS1CJ7kMzc5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:13 2025 by rpki-client