Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F01657E0CD9D11EFB40D34A2762E951A.roa
File: F01657E0CD9D11EFB40D34A2762E951A.roa (raw, json)
Hash identifier: C0XRw3TKLMhsXYLMSG4wqUqEuVymdFqQ9O9+bZPvzQA=
Subject key identifier: 5C:10:5B:E7:59:45:5D:7D:46:DF:63:6A:60:0C:09:78:53:4E:3E:C7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100A5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F01657E0CD9D11EFB40D34A2762E951A.roa
Signing time: Wed 08 Jan 2025 08:52:49 +0000
ROA not before: Wed 08 Jan 2025 08:52:46 +0000
ROA not after: Tue 16 Dec 2025 08:52:46 +0000
asID: 984
IP address blocks: 156.249.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65701 (0x100a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:52:46 2025 GMT
Not After : Dec 16 08:52:46 2025 GMT
Subject: CN=677e3ce1-3866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d5:fc:74:aa:ef:21:6f:6b:3e:41:da:98:fc:
73:e5:ee:0c:5d:3f:0b:8c:89:6a:f6:85:ee:6b:81:
e8:17:23:9e:ec:1a:74:f4:6d:11:79:ce:1a:fe:e9:
56:2c:fd:70:17:6d:d6:f4:ca:2e:21:4f:ed:c7:e4:
ef:d5:1a:a0:56:c2:9d:4c:a5:88:7f:e3:0d:86:fb:
cf:4e:c7:a5:a0:02:b7:f7:aa:2b:2a:8e:5b:7e:32:
2d:15:48:0d:2e:0d:fa:35:94:16:c5:5c:10:6a:d2:
05:76:eb:84:2a:4a:c8:2c:94:04:3a:ef:10:df:f7:
b5:fe:5b:b9:dd:8d:12:10:b6:ee:69:f2:18:3a:9b:
8f:43:07:c6:ac:c9:95:56:43:57:61:90:d9:8c:83:
51:90:ca:f3:57:1e:3b:37:9d:1d:44:3f:bf:c0:a3:
f5:29:13:77:45:68:51:dd:f6:2e:e2:59:62:73:94:
b4:55:a4:ef:55:d5:6a:11:f0:46:76:95:20:e3:47:
4c:1e:b6:41:1b:68:16:bd:97:5a:2f:f8:ea:14:a2:
63:2c:e5:ae:31:bb:2a:c0:9f:4d:13:30:74:34:1a:
e2:e7:86:b2:68:c6:be:82:d1:34:66:23:18:48:e6:
b3:ff:01:40:d0:0e:a5:6a:d0:a0:d6:50:9c:13:9c:
62:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:10:5B:E7:59:45:5D:7D:46:DF:63:6A:60:0C:09:78:53:4E:3E:C7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F01657E0CD9D11EFB40D34A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.97.0/24
Signature Algorithm: sha256WithRSAEncryption
67:d8:29:74:4d:72:7a:fa:02:64:dc:46:39:ec:e9:43:7f:61:
d5:97:d1:7b:d5:45:f1:81:cc:d3:55:b4:6c:e8:4d:37:46:9f:
05:12:0f:af:7a:07:d5:19:3a:c5:ec:44:74:b1:16:7f:cd:1c:
1e:4d:ae:46:77:47:50:60:3a:82:1f:bf:ac:e1:ed:9b:a6:d5:
45:b2:a7:96:71:9c:b2:75:9c:5b:3d:98:1f:1b:2d:1a:e1:9b:
d7:b8:eb:d0:84:88:08:24:f1:e5:68:79:1b:fe:bb:b6:53:ff:
af:55:31:21:42:75:cf:c8:f2:56:33:09:b8:23:6d:53:b5:6c:
b8:5d:3e:68:79:55:0d:d2:52:f3:4d:86:5b:2c:07:ec:2a:d5:
77:f3:51:bc:05:af:05:82:67:d2:88:8b:e4:55:87:78:ca:d2:
ee:11:ed:e0:56:be:10:6c:4e:2e:c3:56:c8:ef:c7:c1:ca:4e:
33:3c:3a:d6:c5:9e:43:9a:92:3d:51:c4:f9:78:6c:80:eb:ce:
07:f4:8c:03:43:25:ce:1d:18:54:5a:05:50:b4:5c:24:aa:9a:
18:a8:85:e2:59:1b:f5:8e:fd:fe:df:65:5d:aa:8f:c2:65:90:
cb:39:59:bb:b9:1b:a7:47:d0:2e:4e:98:88:73:74:99:f0:7f:
07:c3:ca:bb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQClMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDg1MjQ2WhcNMjUxMjE2MDg1MjQ2WjAYMRYw
FAYDVQQDEw02NzdlM2NlMS0zODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6tX8dKrvIW9rPkHamPxz5e4MXT8LjIlq9oXua4HoFyOe7Bp09G0Rec4a
/ulWLP1wF23W9MouIU/tx+Tv1RqgVsKdTKWIf+MNhvvPTseloAK396orKo5bfjIt
FUgNLg36NZQWxVwQatIFduuEKkrILJQEOu8Q3/e1/lu53Y0SELbuafIYOpuPQwfG
rMmVVkNXYZDZjINRkMrzVx47N50dRD+/wKP1KRN3RWhR3fYu4llic5S0VaTvVdVq
EfBGdpUg40dMHrZBG2gWvZdaL/jqFKJjLOWuMbsqwJ9NEzB0NBri54ayaMa+gtE0
ZiMYSOaz/wFA0A6latCg1lCcE5ximQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFwQ
W+dZRV19Rt9jamAMCXhTTj7HMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMDE2NTdFMENEOUQxMUVGQjQwRDM0QTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlhMA0GCSqGSIb3DQEBCwUA
A4IBAQBn2Cl0TXJ6+gJk3EY57OlDf2HVl9F71UXxgczTVbRs6E03Rp8FEg+vegfV
GTrF7ER0sRZ/zRweTa5Gd0dQYDqCH7+s4e2bptVFsqeWcZyydZxbPZgfGy0a4ZvX
uOvQhIgIJPHlaHkb/ru2U/+vVTEhQnXPyPJWMwm4I21TtWy4XT5oeVUN0lLzTYZb
LAfsKtV381G8Ba8FgmfSiIvkVYd4ytLuEe3gVr4QbE4uw1bI78fByk4zPDrWxZ5D
mpI9UcT5eGyA684H9IwDQyXOHRhUWgVQtFwkqpoYqIXiWRv1jv3+32Vdqo/CZZDL
OVm7uRunR9AuTpiIc3SZ8H8Hw8q7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:49 2025 by rpki-client