Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0FE873CCC9811EF93884A8F762E951A.roa
File: F0FE873CCC9811EF93884A8F762E951A.roa (raw, json)
Hash identifier: s6NsnGzW+lGIsQjWqpvgIl3z/SOones29pB4vfIaoVI=
Subject key identifier: E4:9B:7A:A3:26:00:55:FA:6C:B8:E8:35:40:4A:08:AB:6C:AA:7B:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F950
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0FE873CCC9811EF93884A8F762E951A.roa
Signing time: Tue 07 Jan 2025 01:44:32 +0000
ROA not before: Tue 07 Jan 2025 01:44:29 +0000
ROA not after: Sat 13 Dec 2025 01:44:29 +0000
asID: 984
IP address blocks: 156.227.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63824 (0xf950)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 01:44:29 2025 GMT
Not After : Dec 13 01:44:29 2025 GMT
Subject: CN=677c8700-d09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:16:bf:3d:79:2a:e3:8d:08:38:2a:9d:4d:41:
aa:cb:8e:20:2d:6d:78:96:cf:a5:b1:98:51:3e:2f:
1a:f5:b3:79:80:00:ee:1f:d6:59:5d:bd:1b:b8:ca:
e7:11:b2:bd:87:cc:e6:f6:02:dd:c9:c6:25:00:f3:
ea:a4:f7:32:6f:ca:ff:0b:54:d1:d7:8f:c4:a8:1c:
83:22:1a:62:fc:03:e1:b3:dd:4a:c5:82:26:f4:e1:
3d:c5:aa:f4:bf:2a:c2:35:24:ef:6b:7f:45:75:64:
df:98:02:0c:fb:33:4c:53:da:83:29:0a:d6:a7:94:
04:58:a2:ca:b9:46:94:3b:71:5d:c4:e1:66:b1:78:
87:1c:f3:ca:4d:9b:cf:65:ee:ef:70:7a:05:ca:f8:
62:57:92:5f:e8:a4:87:47:ef:de:ae:87:99:1a:94:
42:4a:3e:39:d1:58:c1:9c:1f:8f:b3:19:7d:e6:e5:
51:e1:fd:12:e4:54:ee:46:e4:c5:77:f8:08:11:dc:
7d:31:70:fc:7c:7e:5c:84:c3:70:f5:63:38:80:65:
2f:76:60:55:3c:73:ea:03:55:ef:05:0c:22:11:45:
6c:0b:cc:28:5c:ba:64:88:4c:01:e1:f0:e6:37:73:
aa:2c:0e:e2:17:88:71:a5:51:7a:8c:6a:84:9c:e1:
06:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9B:7A:A3:26:00:55:FA:6C:B8:E8:35:40:4A:08:AB:6C:AA:7B:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0FE873CCC9811EF93884A8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.94.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:7b:87:0e:6c:59:10:91:c6:b1:ba:cf:b6:d3:af:ec:ad:ef:
6a:98:e8:42:1b:ad:0f:fc:86:90:ae:30:c2:66:c5:e4:43:6b:
2d:83:43:17:dc:d6:db:64:e3:66:10:b5:c2:6e:d1:6a:89:8b:
df:1a:9e:d4:82:41:4e:1f:d1:e1:47:b2:0b:15:7c:72:5c:b4:
3a:c3:d2:1c:bf:cd:4b:fa:c6:d2:e8:8c:a7:5c:9d:55:61:87:
72:74:fc:c5:a9:d3:88:e3:fd:b1:a9:12:5f:e9:34:4e:b5:08:
8c:d3:d5:00:f2:a0:7a:fd:6b:4e:68:81:55:da:b3:61:4b:df:
76:78:72:5e:a0:33:4a:f5:b6:6b:bd:65:3c:59:1e:83:5a:7c:
36:c0:df:b0:50:d9:c3:4d:14:ab:f8:6e:68:c7:3e:63:bb:e9:
95:91:7a:44:58:b4:24:45:6b:a9:ab:4f:cb:b5:3a:c8:6e:17:
64:41:21:e1:d4:9c:d5:ab:f6:9f:da:06:cb:c2:ef:16:4f:10:
12:b6:4e:52:86:54:cf:7d:84:d9:88:da:e2:4a:a7:44:c8:1b:
67:b6:61:ae:ab:d3:81:84:ca:88:6b:66:62:9a:06:ec:d5:f9:
a1:85:2c:f6:b6:25:c9:1f:36:22:25:b2:63:c9:17:50:18:31:
4a:fe:08:f2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPlQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDE0NDI5WhcNMjUxMjEzMDE0NDI5WjAYMRYw
FAYDVQQDEw02NzdjODcwMC1kMDlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1ha/PXkq440IOCqdTUGqy44gLW14ls+lsZhRPi8a9bN5gADuH9ZZXb0b
uMrnEbK9h8zm9gLdycYlAPPqpPcyb8r/C1TR14/EqByDIhpi/APhs91KxYIm9OE9
xar0vyrCNSTva39FdWTfmAIM+zNMU9qDKQrWp5QEWKLKuUaUO3FdxOFmsXiHHPPK
TZvPZe7vcHoFyvhiV5Jf6KSHR+/eroeZGpRCSj450VjBnB+Psxl95uVR4f0S5FTu
RuTFd/gIEdx9MXD8fH5chMNw9WM4gGUvdmBVPHPqA1XvBQwiEUVsC8woXLpkiEwB
4fDmN3OqLA7iF4hxpVF6jGqEnOEGTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOSb
eqMmAFX6bLjoNUBKCKtsqnvhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMEZFODczQ0NDOTgxMUVGOTM4ODRBOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONeMA0GCSqGSIb3DQEBCwUA
A4IBAQCoe4cObFkQkcaxus+206/sre9qmOhCG60P/IaQrjDCZsXkQ2stg0MX3Nbb
ZONmELXCbtFqiYvfGp7UgkFOH9HhR7ILFXxyXLQ6w9Icv81L+sbS6IynXJ1VYYdy
dPzFqdOI4/2xqRJf6TROtQiM09UA8qB6/WtOaIFV2rNhS992eHJeoDNK9bZrvWU8
WR6DWnw2wN+wUNnDTRSr+G5oxz5ju+mVkXpEWLQkRWupq0/LtTrIbhdkQSHh1JzV
q/af2gbLwu8WTxAStk5ShlTPfYTZiNriSqdEyBtntmGuq9OBhMqIa2Zimgbs1fmh
hSz2tiXJHzYiJbJjyRdQGDFK/gjy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:42 2025 by rpki-client