Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9F9CBF2CD8011EF8B39896C762E951A.roa
File: E9F9CBF2CD8011EF8B39896C762E951A.roa (raw, json)
Hash identifier: QBT3F7vfu/IDF9I2KnBu+cYyiv1bXYO+I1bxoekOI4U=
Subject key identifier: F1:D9:41:41:41:11:66:DB:49:32:46:DA:18:E2:3C:7E:A3:D9:6A:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010003
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9F9CBF2CD8011EF8B39896C762E951A.roa
Signing time: Wed 08 Jan 2025 05:25:04 +0000
ROA not before: Wed 08 Jan 2025 05:25:00 +0000
ROA not after: Sat 13 Dec 2025 05:25:00 +0000
asID: 984
IP address blocks: 156.251.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65539 (0x10003)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:25:00 2025 GMT
Not After : Dec 13 05:25:00 2025 GMT
Subject: CN=677e0c30-5d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:89:9c:44:07:53:ca:61:25:65:65:78:36:30:
de:fc:f7:31:76:36:ef:5e:0b:54:c1:6e:a4:11:57:
eb:a3:7a:76:aa:56:2e:87:19:d7:74:01:89:1c:27:
1f:c5:e9:48:58:f5:72:68:05:2d:e1:b6:9e:45:19:
5c:c1:db:31:be:4f:e7:e8:4b:a5:f5:50:69:5c:e1:
76:bc:68:11:69:a8:00:67:a8:de:f5:84:62:34:21:
cd:98:af:2a:74:3c:9a:e4:66:4a:aa:d5:4b:aa:99:
74:23:ff:c1:2b:cb:a1:ca:ee:e7:79:ab:67:2e:95:
fe:ed:21:1a:08:1e:89:76:7a:91:55:39:e0:32:74:
ae:ec:52:ce:26:48:fc:6b:6f:e5:d8:2d:1a:3c:18:
28:5a:ed:ee:6d:40:f1:41:f6:2b:44:4f:fa:07:53:
a9:5f:b7:fc:92:e1:dc:81:be:cd:87:b9:c9:04:aa:
34:35:9e:87:86:67:bd:03:e9:83:f8:f7:4b:56:b1:
79:9f:49:03:9c:2d:a8:bb:1b:81:91:05:ca:0f:d0:
eb:d2:78:ed:0b:94:9f:85:e1:e0:d7:cc:c8:30:a6:
5f:38:b2:b5:62:f3:03:d8:00:12:7a:18:57:9c:90:
65:15:33:f3:b9:cc:4c:ff:94:8d:cb:ab:28:b7:b5:
aa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D9:41:41:41:11:66:DB:49:32:46:DA:18:E2:3C:7E:A3:D9:6A:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E9F9CBF2CD8011EF8B39896C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.127.0/24
Signature Algorithm: sha256WithRSAEncryption
97:d0:64:d4:58:32:10:da:2a:39:2c:11:92:30:bf:14:c7:df:
69:2d:fd:00:4d:df:55:1a:5c:97:dc:a3:b6:f2:33:c8:05:15:
eb:a5:d5:30:87:93:52:bd:3e:57:f1:e8:18:dd:d7:ac:3c:bb:
da:ff:96:68:ce:f7:61:7f:dc:ff:f3:86:fc:08:ff:b0:e1:ea:
23:2b:45:1c:ee:a5:31:e4:04:0a:2b:03:9f:6f:7c:df:85:27:
a6:58:69:e7:b4:bd:03:0f:91:7c:04:1d:d8:73:8b:bf:e8:36:
e1:64:8c:55:ae:d4:c3:47:b4:ce:98:c6:11:41:8e:cc:49:11:
e5:15:e3:89:13:a6:53:2e:bf:e4:e2:ab:08:53:90:1a:7a:5a:
27:2b:a2:ee:ae:b9:4e:b3:5d:c8:93:f4:f2:71:8d:5c:b0:fb:
a0:22:c9:68:cb:ab:62:fe:d9:2c:cd:bb:3a:38:dc:96:10:e6:
aa:b2:12:96:95:24:02:76:01:99:c0:fe:e7:23:50:e5:10:05:
10:df:fd:31:0f:1e:93:6f:a8:c0:cf:78:c5:c8:92:63:1f:49:
01:d1:37:d0:6c:cf:b1:3c:a6:a8:a2:b8:03:94:22:e0:20:25:
ef:68:58:b5:de:c9:61:a8:72:de:a0:cf:50:ae:c7:2e:ae:ae:
a5:7a:3a:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQADMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDUyNTAwWhcNMjUxMjEzMDUyNTAwWjAYMRYw
FAYDVQQDEw02NzdlMGMzMC01ZDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqYmcRAdTymElZWV4NjDe/PcxdjbvXgtUwW6kEVfro3p2qlYuhxnXdAGJ
HCcfxelIWPVyaAUt4baeRRlcwdsxvk/n6Eul9VBpXOF2vGgRaagAZ6je9YRiNCHN
mK8qdDya5GZKqtVLqpl0I//BK8uhyu7neatnLpX+7SEaCB6JdnqRVTngMnSu7FLO
Jkj8a2/l2C0aPBgoWu3ubUDxQfYrRE/6B1OpX7f8kuHcgb7Nh7nJBKo0NZ6Hhme9
A+mD+PdLVrF5n0kDnC2ouxuBkQXKD9Dr0njtC5SfheHg18zIMKZfOLK1YvMD2AAS
ehhXnJBlFTPzucxM/5SNy6sot7WqkQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPHZ
QUFBEWbbSTJG2hjiPH6j2Wq+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FOUY5Q0JGMkNEODAxMUVGOEIzOTg5NkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPt/MA0GCSqGSIb3DQEBCwUA
A4IBAQCX0GTUWDIQ2io5LBGSML8Ux99pLf0ATd9VGlyX3KO28jPIBRXrpdUwh5NS
vT5X8egY3desPLva/5Zozvdhf9z/84b8CP+w4eojK0Uc7qUx5AQKKwOfb3zfhSem
WGnntL0DD5F8BB3Yc4u/6DbhZIxVrtTDR7TOmMYRQY7MSRHlFeOJE6ZTLr/k4qsI
U5AaelonK6LurrlOs13Ik/TycY1csPugIsloy6ti/tkszbs6ONyWEOaqshKWlSQC
dgGZwP7nI1DlEAUQ3/0xDx6Tb6jAz3jFyJJjH0kB0TfQbM+xPKaoorgDlCLgICXv
aFi13slhqHLeoM9Qrscurq6lejoG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:40 2025 by rpki-client