Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32C3FD60C98711EFB42FC3A8762E951A.roa
File: 32C3FD60C98711EFB42FC3A8762E951A.roa (raw, json)
Hash identifier: XDBvXeDo/9cQTyQXoFyT7+cQPGi7JlXWHTOXDwCpCdg=
Subject key identifier: CA:7F:30:9A:81:D4:D1:6F:D1:A3:65:2B:2E:C3:81:D3:C2:F5:F5:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F589
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32C3FD60C98711EFB42FC3A8762E951A.roa
Signing time: Fri 03 Jan 2025 03:59:58 +0000
ROA not before: Fri 03 Jan 2025 03:59:55 +0000
ROA not after: Mon 13 Dec 2027 03:59:55 +0000
asID: 17561
IP address blocks: 156.233.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62857 (0xf589)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:59:55 2025 GMT
Not After : Dec 13 03:59:55 2027 GMT
Subject: CN=677760be-9b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5b:82:45:c1:06:16:a2:e7:de:74:c2:bb:82:
97:e4:51:26:e0:64:a9:40:97:a7:23:61:08:e6:31:
41:87:f4:1a:d3:d1:43:1f:e0:f2:21:b4:cf:9b:b8:
70:05:8f:3f:08:3d:a7:a6:46:50:f0:6d:0b:64:1f:
17:c1:ba:54:da:91:83:a4:96:86:2a:f0:1a:3c:16:
80:4b:13:58:a9:ca:b8:6a:1f:fc:57:8b:8c:00:1c:
e0:77:a2:fb:ac:30:a3:bd:3b:0f:a9:87:82:00:9f:
78:24:f0:a7:da:91:e2:52:a6:2b:70:0f:6e:ce:da:
56:17:11:44:94:e1:fe:31:a2:94:d4:29:84:2f:28:
4c:3a:5c:3e:f4:32:40:aa:b8:04:6c:48:3f:7b:06:
2c:f4:cd:14:15:81:4e:07:0d:cc:0e:bf:e5:2b:32:
48:07:57:3b:61:da:cf:c9:a9:5d:1e:91:ab:c3:ec:
f8:bf:aa:68:11:a0:d4:0b:89:a8:6f:4f:1c:05:e7:
ca:42:35:1a:78:1c:a9:55:24:dd:4c:1d:24:46:20:
93:01:65:c2:cb:a1:92:85:a4:97:aa:ce:bb:39:7e:
47:21:e5:0e:a4:19:98:ff:00:9f:58:42:2e:54:c3:
8d:77:11:84:02:0d:2d:ea:17:70:25:5e:91:dd:20:
52:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:7F:30:9A:81:D4:D1:6F:D1:A3:65:2B:2E:C3:81:D3:C2:F5:F5:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32C3FD60C98711EFB42FC3A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.10.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:34:c8:3a:1a:c7:67:8b:33:70:a5:a4:b7:e1:db:be:e7:d0:
ef:4e:13:ed:7b:7a:6a:b5:51:5a:b2:52:b6:17:ac:33:74:93:
45:45:d8:41:64:2e:28:99:4c:c6:eb:6e:ff:d7:c4:02:f0:29:
37:bd:83:90:e1:ca:ad:5f:fe:ff:5c:e2:d0:de:16:bb:96:f1:
c1:02:cc:f5:32:4e:83:f1:c0:eb:70:25:bb:ce:eb:00:a2:d9:
de:d2:aa:a4:49:55:cc:52:6b:51:46:f7:2e:97:a8:7b:78:0b:
58:ba:2f:86:77:38:e0:5b:bf:64:7d:02:70:8f:38:7b:2c:c9:
cd:29:25:47:a0:30:d1:97:df:ac:c2:b4:76:80:3c:66:bf:73:
45:80:bc:9f:34:88:90:92:65:ca:54:1f:2f:d6:66:12:19:2a:
44:8a:7c:56:41:06:26:68:e1:34:f4:00:00:a1:8c:2a:dd:e0:
67:62:32:b0:dc:c5:cf:51:95:78:e2:fe:61:20:8b:9c:7a:c7:
39:9a:b0:47:7e:92:1d:83:ba:67:7e:cf:37:3f:59:5e:6f:c3:
c6:49:a4:6a:0c:fd:94:01:f5:c1:f5:2a:7d:52:a9:c9:72:9b:
09:0b:22:20:b6:bc:2d:9a:a8:82:b3:b6:87:17:a4:a5:aa:bf:
40:af:69:b6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPWJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDM1OTU1WhcNMjcxMjEzMDM1OTU1WjAYMRYw
FAYDVQQDEw02Nzc3NjBiZS05YjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtVuCRcEGFqLn3nTCu4KX5FEm4GSpQJenI2EI5jFBh/Qa09FDH+DyIbTP
m7hwBY8/CD2npkZQ8G0LZB8XwbpU2pGDpJaGKvAaPBaASxNYqcq4ah/8V4uMABzg
d6L7rDCjvTsPqYeCAJ94JPCn2pHiUqYrcA9uztpWFxFElOH+MaKU1CmELyhMOlw+
9DJAqrgEbEg/ewYs9M0UFYFOBw3MDr/lKzJIB1c7YdrPyaldHpGrw+z4v6poEaDU
C4mob08cBefKQjUaeBypVSTdTB0kRiCTAWXCy6GShaSXqs67OX5HIeUOpBmY/wCf
WEIuVMONdxGEAg0t6hdwJV6R3SBSEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMp/
MJqB1NFv0aNlKy7DgdPC9fXRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMkMzRkQ2MEM5ODcxMUVGQjQyRkMzQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkKMA0GCSqGSIb3DQEBCwUA
A4IBAQCeNMg6GsdnizNwpaS34du+59DvThPte3pqtVFaslK2F6wzdJNFRdhBZC4o
mUzG627/18QC8Ck3vYOQ4cqtX/7/XOLQ3ha7lvHBAsz1Mk6D8cDrcCW7zusAotne
0qqkSVXMUmtRRvcul6h7eAtYui+GdzjgW79kfQJwjzh7LMnNKSVHoDDRl9+swrR2
gDxmv3NFgLyfNIiQkmXKVB8v1mYSGSpEinxWQQYmaOE09AAAoYwq3eBnYjKw3MXP
UZV44v5hIIucesc5mrBHfpIdg7pnfs83P1leb8PGSaRqDP2UAfXB9Sp9UqnJcpsJ
CyIgtrwtmqiCs7aHF6Slqr9Ar2m2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:29 2025 by rpki-client