Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F96D4C94C99811EF8058BB96762E951A.roa
File: F96D4C94C99811EF8058BB96762E951A.roa (raw, json)
Hash identifier: HBUWM70XF6QoNUm3AZpj0RsJ8tqn1Y+WTuQQgq03jBE=
Subject key identifier: 03:33:3C:07:10:4E:20:81:E8:B7:74:E9:72:02:5D:91:C2:F8:79:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F62D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F96D4C94C99811EF8058BB96762E951A.roa
Signing time: Fri 03 Jan 2025 06:07:13 +0000
ROA not before: Fri 03 Jan 2025 06:07:09 +0000
ROA not after: Mon 13 Dec 2027 06:07:09 +0000
asID: 17561
IP address blocks: 156.233.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63021 (0xf62d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 06:07:09 2025 GMT
Not After : Dec 13 06:07:09 2027 GMT
Subject: CN=67777e91-9983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b1:0e:82:08:d5:d7:b0:63:1e:08:51:52:0a:
73:96:98:65:d3:b4:b4:a4:86:ca:c6:ee:3a:6b:bc:
3b:c1:19:b5:7a:41:d8:af:ec:d8:75:dd:b6:36:18:
17:19:de:7a:09:db:36:98:67:f1:97:22:6b:f8:e0:
9d:73:d7:fa:07:28:a5:3e:14:99:10:ec:29:a5:f1:
2b:00:c4:50:25:46:57:59:7b:63:b5:08:81:15:1c:
a7:9a:6d:ba:40:0e:04:8f:be:b2:7e:03:30:37:75:
d2:d0:32:67:f5:82:f7:be:e1:60:e7:2c:d5:da:a2:
dc:78:74:86:26:8f:55:05:9c:d9:c9:94:13:5e:0c:
d5:f7:30:23:e7:55:66:22:55:1c:62:c7:81:25:a7:
16:36:ff:c8:55:93:37:fe:29:65:cd:89:7e:2d:0e:
73:8a:a8:42:26:53:fc:33:e6:3f:06:7e:21:bb:e9:
35:38:f0:87:53:ea:36:40:26:26:11:1a:2c:c6:f8:
27:de:f3:a9:e5:5e:63:48:0e:5a:cd:70:c7:08:2c:
57:56:d5:81:98:f2:c8:9d:44:3f:9a:25:bb:a1:65:
86:e7:e8:d8:52:3d:8b:52:ba:2f:2e:65:be:39:83:
26:a6:86:83:d8:96:7d:39:ab:b8:c2:0f:5f:93:ed:
3f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:33:3C:07:10:4E:20:81:E8:B7:74:E9:72:02:5D:91:C2:F8:79:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F96D4C94C99811EF8058BB96762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.155.0/24
Signature Algorithm: sha256WithRSAEncryption
44:23:6c:ed:e9:96:37:0f:7d:b4:9e:ff:0d:f7:e4:a3:82:f6:
83:d4:bc:83:92:e9:57:52:6f:14:2a:5f:70:ce:fd:93:f2:9f:
df:56:c3:32:aa:2b:b6:88:c9:11:99:68:e2:c2:8e:78:d1:cb:
0d:12:c9:62:60:fb:18:d4:7f:8c:03:a8:59:52:ff:2f:2a:81:
1f:00:47:d1:7e:11:f9:65:b8:e2:f0:04:5e:20:b2:3f:c8:e7:
fd:e6:0b:6d:6b:18:92:00:72:b5:2d:c4:51:31:4d:3f:ec:a6:
d8:3b:86:8a:d2:16:b1:51:34:0b:bb:c8:83:63:6f:b0:ca:04:
42:1c:ac:a0:27:bc:a1:48:c1:2e:71:df:cf:e0:ca:fc:b6:07:
d4:48:3c:9d:cb:4b:46:b0:f2:40:fb:e8:d5:cd:ab:f7:f1:b9:
f1:49:fd:3a:4f:8f:6e:57:c0:5f:15:29:73:47:d1:fa:a7:bd:
10:fb:08:50:2f:d0:9d:5a:c1:fd:b0:8c:e3:04:53:cb:a5:9d:
6d:c5:ad:76:62:e7:84:f1:8f:07:d7:0f:2e:19:c9:68:d7:49:
4b:45:ff:50:59:b8:d4:7b:1f:51:69:e5:75:a1:42:e6:21:b2:
5c:a8:e5:a8:7b:5f:bd:04:3d:b2:cd:c3:8d:0d:ad:5b:9e:78:
98:d8:a1:4c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDYwNzA5WhcNMjcxMjEzMDYwNzA5WjAYMRYw
FAYDVQQDEw02Nzc3N2U5MS05OTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz7EOggjV17BjHghRUgpzlphl07S0pIbKxu46a7w7wRm1ekHYr+zYdd22
NhgXGd56Cds2mGfxlyJr+OCdc9f6ByilPhSZEOwppfErAMRQJUZXWXtjtQiBFRyn
mm26QA4Ej76yfgMwN3XS0DJn9YL3vuFg5yzV2qLceHSGJo9VBZzZyZQTXgzV9zAj
51VmIlUcYseBJacWNv/IVZM3/illzYl+LQ5ziqhCJlP8M+Y/Bn4hu+k1OPCHU+o2
QCYmERosxvgn3vOp5V5jSA5azXDHCCxXVtWBmPLInUQ/miW7oWWG5+jYUj2LUrov
LmW+OYMmpoaD2JZ9Oau4wg9fk+0/ywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAMz
PAcQTiCB6Ld06XICXZHC+HnLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GOTZENEM5NEM5OTgxMUVGODA1OEJCOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmbMA0GCSqGSIb3DQEBCwUA
A4IBAQBEI2zt6ZY3D320nv8N9+SjgvaD1LyDkulXUm8UKl9wzv2T8p/fVsMyqiu2
iMkRmWjiwo540csNEsliYPsY1H+MA6hZUv8vKoEfAEfRfhH5Zbji8AReILI/yOf9
5gttaxiSAHK1LcRRMU0/7KbYO4aK0haxUTQLu8iDY2+wygRCHKygJ7yhSMEucd/P
4Mr8tgfUSDydy0tGsPJA++jVzav38bnxSf06T49uV8BfFSlzR9H6p70Q+whQL9Cd
WsH9sIzjBFPLpZ1txa12YueE8Y8H1w8uGclo10lLRf9QWbjUex9RaeV1oULmIbJc
qOWoe1+9BD2yzcONDa1bnniY2KFM
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:53 2025 by rpki-client