Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F59D0166C99011EFBBCADD66762E951A.roa
File: F59D0166C99011EFBBCADD66762E951A.roa (raw, json)
Hash identifier: TAomK45e+/Ke/xGVpyjS1eBZJ/UyL+fFU5QcnYAm2qk=
Subject key identifier: 79:22:DA:3F:E5:D8:DE:94:EB:D0:7C:AF:6B:C9:C9:9D:7C:B4:E3:C3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5E3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F59D0166C99011EFBBCADD66762E951A.roa
Signing time: Fri 03 Jan 2025 05:09:50 +0000
ROA not before: Fri 03 Jan 2025 05:09:47 +0000
ROA not after: Sat 13 Dec 2025 05:09:47 +0000
asID: 984
IP address blocks: 156.233.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62947 (0xf5e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:09:47 2025 GMT
Not After : Dec 13 05:09:47 2025 GMT
Subject: CN=6777711e-e95b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e0:b0:4f:eb:ea:5e:19:55:00:c5:c2:ac:bc:
d9:8f:27:61:09:cb:f2:04:35:9c:8e:51:00:b6:08:
a1:ff:fb:a4:ae:41:de:99:28:df:a2:4f:e4:d0:f5:
2a:27:ca:93:ab:41:d5:68:a9:5c:02:cf:70:33:98:
c0:2b:1c:9c:52:63:c3:ba:5c:ea:a7:75:a8:c8:c9:
ad:af:09:45:4f:83:82:79:de:18:8a:81:51:b0:0b:
5d:8e:8c:d4:5e:56:7f:7e:25:28:8e:2b:8f:0d:b9:
1d:15:eb:5b:08:cc:a3:99:1c:a2:82:3d:50:07:b8:
df:b1:80:25:42:40:af:66:6e:09:78:c2:53:6a:0e:
50:4b:93:25:39:eb:19:d4:02:57:f2:7b:4e:71:e5:
14:83:24:e3:55:fb:64:b7:08:9d:b5:de:90:32:aa:
96:3a:da:8f:20:8b:46:90:80:04:7f:56:6a:19:47:
7f:02:5a:98:23:ff:da:2e:04:ea:d0:d9:f8:7b:41:
81:f0:1e:30:ed:ea:80:e5:9e:8b:64:15:3e:f5:0b:
ea:c3:a5:8a:d0:08:b7:f9:ca:20:81:0f:60:37:bf:
4b:ff:72:d9:46:ba:f9:fb:82:26:23:e4:02:ac:f9:
ed:11:95:f4:4c:e0:ff:19:e5:c0:67:74:13:2f:5a:
4b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:22:DA:3F:E5:D8:DE:94:EB:D0:7C:AF:6B:C9:C9:9D:7C:B4:E3:C3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F59D0166C99011EFBBCADD66762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.97.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:44:69:a2:0c:4d:07:c0:2b:27:43:ea:ba:61:db:63:c2:24:
36:86:76:42:84:2c:8a:93:48:5c:ea:ac:38:74:c6:9e:4f:b0:
ce:7a:30:28:77:38:ed:42:e8:ec:5c:eb:75:d5:58:a9:ee:1c:
02:bf:c4:81:26:b0:a9:65:8d:58:79:01:2a:3a:70:45:45:60:
28:f2:23:4c:45:23:a0:86:b6:e6:b8:58:09:e8:b9:ba:36:61:
d5:8f:99:65:cb:2e:22:eb:08:de:01:12:99:d5:a8:67:56:8f:
1f:e2:c0:84:44:03:a7:4d:31:74:c6:8c:37:fe:bf:bd:84:35:
5b:2f:7e:fc:b7:76:0d:43:5b:c4:af:8a:98:85:b7:7b:6a:d6:
4a:6a:c8:a9:45:04:41:7e:6c:2d:3f:7b:63:94:01:9f:88:68:
2b:c7:c3:56:ed:98:ba:7b:3a:92:f7:c6:47:e4:ec:75:14:ad:
9a:26:c4:eb:bb:a2:85:41:48:99:01:c7:bc:ee:1b:a3:94:91:
49:66:67:90:cf:3f:6e:19:30:4c:a0:a7:c8:6d:b6:25:f9:07:
8b:53:47:1c:64:f6:b6:57:85:7d:45:2e:23:9c:e1:1c:8c:5a:
d7:2c:0a:a6:a2:63:14:04:cb:3a:b3:77:d1:8f:6a:3b:17:c6:
67:e9:e4:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPXjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUwOTQ3WhcNMjUxMjEzMDUwOTQ3WjAYMRYw
FAYDVQQDEw02Nzc3NzExZS1lOTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0eCwT+vqXhlVAMXCrLzZjydhCcvyBDWcjlEAtgih//ukrkHemSjfok/k
0PUqJ8qTq0HVaKlcAs9wM5jAKxycUmPDulzqp3WoyMmtrwlFT4OCed4YioFRsAtd
jozUXlZ/fiUojiuPDbkdFetbCMyjmRyigj1QB7jfsYAlQkCvZm4JeMJTag5QS5Ml
OesZ1AJX8ntOceUUgyTjVftktwidtd6QMqqWOtqPIItGkIAEf1ZqGUd/AlqYI//a
LgTq0Nn4e0GB8B4w7eqA5Z6LZBU+9Qvqw6WK0Ai3+coggQ9gN79L/3LZRrr5+4Im
I+QCrPntEZX0TOD/GeXAZ3QTL1pLXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHki
2j/l2N6U69B8r2vJyZ18tOPDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNTlEMDE2NkM5OTAxMUVGQkJDQURENjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlhMA0GCSqGSIb3DQEBCwUA
A4IBAQAfRGmiDE0HwCsnQ+q6YdtjwiQ2hnZChCyKk0hc6qw4dMaeT7DOejAodzjt
QujsXOt11Vip7hwCv8SBJrCpZY1YeQEqOnBFRWAo8iNMRSOghrbmuFgJ6Lm6NmHV
j5llyy4i6wjeARKZ1ahnVo8f4sCERAOnTTF0xow3/r+9hDVbL378t3YNQ1vEr4qY
hbd7atZKasipRQRBfmwtP3tjlAGfiGgrx8NW7Zi6ezqS98ZH5Ox1FK2aJsTru6KF
QUiZAce87hujlJFJZmeQzz9uGTBMoKfIbbYl+QeLU0ccZPa2V4V9RS4jnOEcjFrX
LAqmomMUBMs6s3fRj2o7F8Zn6eS4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:26 2025 by rpki-client