Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F036598CC94211EF919CF461762E951A.roa
File: F036598CC94211EF919CF461762E951A.roa (raw, json)
Hash identifier: CezdP49MQHzBX/vw4KaJGSFTguj4wM/UoYFbAcfOcKA=
Subject key identifier: 6E:F7:5D:7D:DA:55:95:98:BB:16:D3:0A:F4:1F:7F:6E:C5:20:F8:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F340
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F036598CC94211EF919CF461762E951A.roa
Signing time: Thu 02 Jan 2025 19:51:21 +0000
ROA not before: Thu 02 Jan 2025 19:51:17 +0000
ROA not after: Sat 13 Dec 2025 19:51:17 +0000
asID: 984
IP address blocks: 156.224.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62272 (0xf340)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 19:51:17 2025 GMT
Not After : Dec 13 19:51:17 2025 GMT
Subject: CN=6776ee39-0e68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:25:40:03:b6:be:32:27:89:51:48:67:7f:7a:
04:1d:43:d7:80:1f:e3:9c:0c:9c:20:db:b5:ab:ee:
6e:51:f9:f7:10:b4:1f:45:45:f0:ac:1f:1a:69:5a:
bf:26:6d:1b:7d:3b:fd:1e:00:1f:c7:2f:9c:54:93:
82:c1:1e:7b:d0:0f:b3:05:c5:80:d9:de:c2:ea:81:
41:23:1e:36:b6:c8:10:3a:e5:a7:a6:cd:09:3d:25:
f4:f7:21:0f:67:07:b5:b9:05:34:aa:7a:fc:23:65:
7c:27:91:7e:f2:a9:7d:1b:3e:49:d7:0a:9f:4b:14:
69:52:07:99:87:5f:b5:8c:ec:54:0e:2f:c3:bf:d0:
13:0a:f7:00:07:8c:2a:dd:99:45:70:d9:fa:72:af:
ea:5d:9b:8a:c6:5d:d4:52:4c:26:26:04:9a:f5:55:
b7:fe:f6:28:c3:f5:d0:b9:46:42:52:22:5b:81:ac:
b1:97:b9:26:0a:5a:ef:a1:33:18:2e:01:20:51:95:
f0:76:be:ab:73:da:b3:7e:af:c1:74:9a:ff:5d:22:
94:e2:ef:ba:5e:d2:c2:73:45:42:d8:4b:43:32:36:
90:78:b4:c1:a7:09:8e:89:ab:af:f0:53:34:5b:e0:
98:45:91:9d:bf:d1:b7:52:29:63:25:57:f3:88:22:
2c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F7:5D:7D:DA:55:95:98:BB:16:D3:0A:F4:1F:7F:6E:C5:20:F8:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F036598CC94211EF919CF461762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.89.0/24
Signature Algorithm: sha256WithRSAEncryption
69:cd:66:5d:aa:61:5c:20:4d:5f:62:76:44:20:c8:10:c1:79:
bc:3f:64:f6:1f:e5:95:1f:d9:64:4d:1b:66:1b:09:18:bc:32:
20:05:4f:8b:05:d2:ba:ac:b2:2e:72:b8:c9:2e:b7:59:14:d2:
21:a5:54:3b:2d:ed:dc:08:cb:25:7f:5c:a9:ea:33:2f:54:de:
42:40:49:c5:1c:7c:78:5f:5f:a5:2d:1e:23:bd:b9:c4:b9:db:
1f:bf:0b:dd:19:01:87:29:8f:eb:1e:35:f4:a0:e5:ae:8e:b1:
fd:9a:10:84:dc:ef:e3:22:2f:13:30:61:fd:df:47:3b:e7:d6:
2d:70:a6:d1:67:72:43:5e:9d:5d:2e:f6:67:ce:dc:a5:22:e7:
1c:0d:ba:8b:ac:8b:fe:00:45:f9:f6:13:c3:6f:2f:01:48:43:
5b:d0:b6:85:1e:c9:20:94:e8:e6:43:01:fd:42:5e:cd:a3:de:
99:49:d3:3d:28:9a:1f:fd:69:ab:10:57:de:cf:c7:0c:0d:76:
9e:a7:37:2e:6d:b2:02:63:a6:d6:96:c6:e6:fa:0c:e5:ad:ca:
c1:19:6d:77:51:64:f8:1b:58:ba:bf:18:d1:74:f7:42:9b:a8:
40:67:52:d1:df:44:ca:47:67:b5:1a:da:89:ce:46:07:cf:43:
a1:00:37:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPNAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMTk1MTE3WhcNMjUxMjEzMTk1MTE3WjAYMRYw
FAYDVQQDEw02Nzc2ZWUzOS0wZTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAySVAA7a+MieJUUhnf3oEHUPXgB/jnAycINu1q+5uUfn3ELQfRUXwrB8a
aVq/Jm0bfTv9HgAfxy+cVJOCwR570A+zBcWA2d7C6oFBIx42tsgQOuWnps0JPSX0
9yEPZwe1uQU0qnr8I2V8J5F+8ql9Gz5J1wqfSxRpUgeZh1+1jOxUDi/Dv9ATCvcA
B4wq3ZlFcNn6cq/qXZuKxl3UUkwmJgSa9VW3/vYow/XQuUZCUiJbgayxl7kmClrv
oTMYLgEgUZXwdr6rc9qzfq/BdJr/XSKU4u+6XtLCc0VC2EtDMjaQeLTBpwmOiauv
8FM0W+CYRZGdv9G3UiljJVfziCIsxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG73
XX3aVZWYuxbTCvQff27FIPgzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMDM2NTk4Q0M5NDIxMUVGOTE5Q0Y0NjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOBZMA0GCSqGSIb3DQEBCwUA
A4IBAQBpzWZdqmFcIE1fYnZEIMgQwXm8P2T2H+WVH9lkTRtmGwkYvDIgBU+LBdK6
rLIucrjJLrdZFNIhpVQ7Le3cCMslf1yp6jMvVN5CQEnFHHx4X1+lLR4jvbnEudsf
vwvdGQGHKY/rHjX0oOWujrH9mhCE3O/jIi8TMGH930c759YtcKbRZ3JDXp1dLvZn
ztylIuccDbqLrIv+AEX59hPDby8BSENb0LaFHskglOjmQwH9Ql7No96ZSdM9KJof
/WmrEFfez8cMDXaepzcubbICY6bWlsbm+gzlrcrBGW13UWT4G1i6vxjRdPdCm6hA
Z1LR30TKR2e1GtqJzkYHz0OhADeX
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:33 2025 by rpki-client