Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32ED6948CDA611EF85487856762E951A.roa
File: 32ED6948CDA611EF85487856762E951A.roa (raw, json)
Hash identifier: dDW6AKLjnrMe9aRKDBourEceS7YUgnFa5JMnX4sS+bE=
Subject key identifier: CE:D5:19:1C:E0:EA:C3:04:59:13:9C:26:6A:42:61:95:21:09:D4:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010129
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32ED6948CDA611EF85487856762E951A.roa
Signing time: Wed 08 Jan 2025 09:51:57 +0000
ROA not before: Wed 08 Jan 2025 09:51:54 +0000
ROA not after: Sat 13 Dec 2025 09:51:54 +0000
asID: 984
IP address blocks: 156.253.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65833 (0x10129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:51:54 2025 GMT
Not After : Dec 13 09:51:54 2025 GMT
Subject: CN=677e4abd-3f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:36:3e:e2:b8:4b:7e:f7:79:58:8f:47:da:c3:
af:2c:db:36:f0:d0:22:aa:51:28:f1:cd:89:77:5a:
be:a6:99:b7:df:ad:b7:0c:ea:0e:95:57:56:cf:9d:
b0:03:dd:60:69:f2:bf:ad:7d:30:4d:78:7d:4c:98:
99:10:ff:39:ac:ab:1c:ed:b6:56:51:c7:b7:bc:25:
9f:55:b1:99:6c:ab:99:36:fd:de:47:db:b8:09:fb:
39:07:f8:51:8b:d0:8f:b8:df:65:88:b1:ed:98:4b:
09:78:97:b7:78:a4:9c:a7:38:d1:61:15:86:d1:63:
6d:c0:8b:40:61:64:ab:fa:19:ca:42:3a:ef:c9:61:
9a:95:0e:ab:b7:7b:50:37:11:6e:48:38:7c:ca:9a:
c8:d1:21:b3:cf:f1:90:bd:a6:58:8c:b8:16:4e:f3:
a6:57:aa:48:35:ec:a1:9d:aa:8f:30:cb:09:8d:25:
5b:14:fc:8d:64:8b:15:1e:de:7a:fe:7b:6e:d9:6b:
2c:ee:0a:68:1c:5d:68:e1:4c:9a:2c:41:6f:9b:de:
5d:a3:c5:18:aa:07:83:01:cc:67:fa:6e:65:87:a3:
59:43:98:55:65:5a:6f:2b:4b:26:d2:e3:94:d4:c9:
df:d1:bc:a9:14:9c:9f:99:a5:1e:3f:15:97:ed:a5:
f4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D5:19:1C:E0:EA:C3:04:59:13:9C:26:6A:42:61:95:21:09:D4:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32ED6948CDA611EF85487856762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.61.0/24
Signature Algorithm: sha256WithRSAEncryption
43:e8:98:76:55:0a:9c:2c:8e:af:a9:0a:de:43:d6:db:1a:3a:
be:d9:85:c1:c2:f0:15:94:1a:72:24:64:60:08:23:4d:3a:78:
14:c4:90:17:92:5e:57:34:5d:94:fd:5b:07:99:10:f4:02:9d:
3f:a2:45:62:98:8e:3d:2e:8b:a9:54:5b:d8:a3:8a:92:3d:26:
a8:17:58:8f:d2:e6:37:0b:08:68:da:fa:c7:44:6d:35:79:23:
ea:f1:6b:21:53:de:8b:c7:8d:57:56:a5:9b:64:ad:fb:64:94:
4e:84:72:cb:ed:7c:c4:2c:3f:b8:bc:3b:5a:e7:c9:c9:43:82:
18:6e:5d:1e:e3:7f:08:62:90:43:ee:61:29:75:f7:16:fd:d7:
2c:4b:d9:0b:10:58:0e:44:f6:4e:ee:4b:61:30:ed:72:11:5f:
31:e9:d9:6b:9e:92:97:e3:ce:57:ef:55:a2:09:d1:ff:d9:7c:
52:ec:44:96:64:ca:3d:8d:a5:2c:04:06:c8:c7:0d:0e:4a:51:
0c:5a:2f:b2:69:fa:69:5d:1f:45:b2:cc:68:1c:39:29:eb:a9:
84:f2:ec:ab:6e:7a:e2:ca:08:d3:f0:fe:45:91:4c:ba:62:e1:
bc:01:f1:c2:03:ab:09:2c:05:8d:aa:05:45:14:25:58:55:66:
af:6a:2b:df
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQEpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDk1MTU0WhcNMjUxMjEzMDk1MTU0WjAYMRYw
FAYDVQQDEw02NzdlNGFiZC0zZjFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnzY+4rhLfvd5WI9H2sOvLNs28NAiqlEo8c2Jd1q+ppm33623DOoOlVdW
z52wA91gafK/rX0wTXh9TJiZEP85rKsc7bZWUce3vCWfVbGZbKuZNv3eR9u4Cfs5
B/hRi9CPuN9liLHtmEsJeJe3eKScpzjRYRWG0WNtwItAYWSr+hnKQjrvyWGalQ6r
t3tQNxFuSDh8yprI0SGzz/GQvaZYjLgWTvOmV6pINeyhnaqPMMsJjSVbFPyNZIsV
Ht56/ntu2Wss7gpoHF1o4UyaLEFvm95do8UYqgeDAcxn+m5lh6NZQ5hVZVpvK0sm
0uOU1Mnf0bypFJyfmaUePxWX7aX0FwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM7V
GRzg6sMEWROcJmpCYZUhCdRFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMkVENjk0OENEQTYxMUVGODU0ODc4NTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP09MA0GCSqGSIb3DQEBCwUA
A4IBAQBD6Jh2VQqcLI6vqQreQ9bbGjq+2YXBwvAVlBpyJGRgCCNNOngUxJAXkl5X
NF2U/VsHmRD0Ap0/okVimI49LoupVFvYo4qSPSaoF1iP0uY3Cwho2vrHRG01eSPq
8WshU96Lx41XVqWbZK37ZJROhHLL7XzELD+4vDta58nJQ4IYbl0e438IYpBD7mEp
dfcW/dcsS9kLEFgORPZO7kthMO1yEV8x6dlrnpKX485X71WiCdH/2XxS7ESWZMo9
jaUsBAbIxw0OSlEMWi+yafppXR9FssxoHDkp66mE8uyrbnriygjT8P5FkUy6YuG8
AfHCA6sJLAWNqgVFFCVYVWavaivf
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:17 2025 by rpki-client