Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F936FDD4CD9811EF87961E81762E951A.roa
File: F936FDD4CD9811EF87961E81762E951A.roa (raw, json)
Hash identifier: Gtbdy7tz7WGG/SwvHjL2oK7Bn4/KAwD1L22lO2gEcWo=
Subject key identifier: D5:19:9D:58:5E:F3:33:88:BA:C5:E5:B2:D1:FE:B8:51:16:A2:79:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010073
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F936FDD4CD9811EF87961E81762E951A.roa
Signing time: Wed 08 Jan 2025 08:17:17 +0000
ROA not before: Wed 08 Jan 2025 08:17:13 +0000
ROA not after: Tue 16 Dec 2025 08:17:13 +0000
asID: 984
IP address blocks: 156.249.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65651 (0x10073)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:17:13 2025 GMT
Not After : Dec 16 08:17:13 2025 GMT
Subject: CN=677e348d-e4de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4c:5e:8f:db:1a:38:05:bf:c5:a2:fc:c1:14:
6b:ff:dc:41:8e:d4:72:2b:3d:1d:db:07:48:54:d0:
99:a4:15:8c:99:8a:e6:d4:9c:47:73:db:de:4f:27:
be:35:4e:a0:a8:84:cd:30:18:9d:50:18:10:15:c9:
ea:c4:bc:ca:6f:6d:f4:92:d0:23:76:5b:99:84:a1:
eb:6c:18:c6:3a:72:d0:87:b5:2a:2f:c0:23:b1:19:
62:9c:08:cb:ee:58:d2:5c:88:70:35:df:7e:54:e5:
31:99:68:ad:6d:53:f5:14:cd:8d:ad:74:91:34:47:
a2:b7:5b:af:e5:e4:88:e6:d2:4d:69:e1:88:51:48:
d7:cb:1f:13:a0:52:93:fb:85:6b:b7:f0:7e:d7:6c:
7d:b8:b4:00:f3:83:66:38:63:05:3e:7c:fb:5a:de:
a0:08:f5:cf:f9:e8:04:95:c8:bf:a9:08:99:f9:d2:
ce:55:d7:9b:9d:fb:3c:5b:57:69:7a:01:51:c1:0f:
da:08:68:f8:6f:c2:e7:1d:6a:5b:d0:7f:27:51:cd:
a0:2a:4b:d8:45:ac:7a:8b:eb:a5:c3:02:61:9d:2f:
59:c7:ac:00:2f:28:cd:99:91:44:5e:3a:95:80:9f:
06:f5:2f:9b:af:a2:d2:83:85:0d:dd:89:6a:e7:3c:
30:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:19:9D:58:5E:F3:33:88:BA:C5:E5:B2:D1:FE:B8:51:16:A2:79:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F936FDD4CD9811EF87961E81762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.76.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:ae:2a:b0:8e:67:39:60:75:fc:f1:ed:08:ef:49:02:a4:6a:
10:ac:ef:41:44:df:ce:33:50:7c:f2:68:3c:2e:56:15:48:f0:
e1:d7:10:bc:c8:28:bc:bc:2b:17:fe:ab:b3:7f:65:dd:62:8d:
60:f5:7c:a8:4b:d9:b0:0f:d2:b9:a8:4c:1a:62:6e:7c:5d:ed:
80:2b:1d:25:19:97:e1:19:b4:02:34:0c:35:55:43:ce:de:65:
7e:13:44:6c:51:af:c9:dd:71:1c:7c:89:9e:32:ae:76:d5:56:
d1:33:c2:0b:88:40:4a:2f:7a:b3:fb:6c:2a:d0:b3:7a:a7:4f:
23:ae:94:5d:3e:29:20:31:50:83:53:7c:18:d1:82:76:a3:dc:
a6:db:45:7e:59:e5:e8:87:94:0d:7e:93:0b:4e:3a:3c:8a:73:
86:ad:6f:73:36:b9:a5:cf:78:ab:22:30:29:02:63:a6:b6:b9:
b6:d0:d0:39:10:7c:03:5c:e3:c9:f7:38:9d:06:f1:f1:b8:02:
20:45:77:84:c7:d7:c2:c0:b8:b2:54:16:0e:e7:59:93:6a:ec:
16:1e:e3:4b:d4:b6:36:e5:62:1b:3b:19:24:2f:b9:96:16:2e:
ab:bf:f7:6d:dd:6c:e7:3f:cd:e8:68:c4:3f:3a:49:4b:42:17:
9d:81:a6:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQBzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDgxNzEzWhcNMjUxMjE2MDgxNzEzWjAYMRYw
FAYDVQQDEw02NzdlMzQ4ZC1lNGRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvExej9saOAW/xaL8wRRr/9xBjtRyKz0d2wdIVNCZpBWMmYrm1JxHc9ve
Tye+NU6gqITNMBidUBgQFcnqxLzKb230ktAjdluZhKHrbBjGOnLQh7UqL8AjsRli
nAjL7ljSXIhwNd9+VOUxmWitbVP1FM2NrXSRNEeit1uv5eSI5tJNaeGIUUjXyx8T
oFKT+4Vrt/B+12x9uLQA84NmOGMFPnz7Wt6gCPXP+egElci/qQiZ+dLOVdebnfs8
W1dpegFRwQ/aCGj4b8LnHWpb0H8nUc2gKkvYRax6i+ulwwJhnS9Zx6wALyjNmZFE
XjqVgJ8G9S+br6LSg4UN3Ylq5zwwPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNUZ
nVhe8zOIusXlstH+uFEWonmqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GOTM2RkRENENEOTgxMUVGODc5NjFFODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlMMA0GCSqGSIb3DQEBCwUA
A4IBAQAPriqwjmc5YHX88e0I70kCpGoQrO9BRN/OM1B88mg8LlYVSPDh1xC8yCi8
vCsX/quzf2XdYo1g9XyoS9mwD9K5qEwaYm58Xe2AKx0lGZfhGbQCNAw1VUPO3mV+
E0RsUa/J3XEcfImeMq521VbRM8ILiEBKL3qz+2wq0LN6p08jrpRdPikgMVCDU3wY
0YJ2o9ym20V+WeXoh5QNfpMLTjo8inOGrW9zNrmlz3irIjApAmOmtrm20NA5EHwD
XOPJ9zidBvHxuAIgRXeEx9fCwLiyVBYO51mTauwWHuNL1LY25WIbOxkkL7mWFi6r
v/dt3WznP83oaMQ/OklLQhedgabE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:35:56 2025 by rpki-client