Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/352803C6CBD511EFA089B5B8762E951A.roa
File: 352803C6CBD511EFA089B5B8762E951A.roa (raw, json)
Hash identifier: prI3X9Do6+mt8rpjDJXvvq3LycDTShveTAaR2L1GtmU=
Subject key identifier: 57:03:7E:5C:7B:3B:5C:50:91:1F:D4:35:7D:03:4F:6E:C9:8A:DA:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7D4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/352803C6CBD511EFA089B5B8762E951A.roa
Signing time: Mon 06 Jan 2025 02:23:25 +0000
ROA not before: Mon 06 Jan 2025 02:23:22 +0000
ROA not after: Sun 09 Feb 2025 02:23:22 +0000
asID: 203020
IP address blocks: 156.237.64.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63444 (0xf7d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 02:23:22 2025 GMT
Not After : Feb 9 02:23:22 2025 GMT
Subject: CN=677b3e9d-be63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:96:e0:81:9a:31:e5:02:d1:b8:52:74:d8:9e:
9e:a0:29:6f:33:73:f4:54:12:f3:f2:cd:36:70:ff:
63:d3:6c:e2:02:0d:67:7f:51:4e:f0:2e:66:47:f4:
0a:e8:f3:6d:71:c5:2c:1a:eb:79:6d:8c:0e:b8:76:
95:f1:cc:c0:40:ec:a2:a2:2b:d3:e3:03:33:2f:e5:
84:a6:8c:68:cb:9c:56:f9:22:d1:54:80:a0:29:42:
40:e8:81:83:5b:0a:2a:9a:85:91:ec:b6:31:d0:e6:
7b:31:d1:1c:a4:46:a5:be:0c:94:ac:30:3c:e5:a6:
96:ac:49:1d:cf:8f:9e:13:b1:f4:e7:c3:7a:47:7d:
0e:24:0f:b1:b8:cc:ce:96:6f:d6:b6:fc:7e:97:a6:
10:4c:3e:17:30:b4:2e:ce:7a:2f:94:76:e3:10:a4:
05:6c:db:c7:20:6c:38:f1:99:2d:71:3a:f0:cd:e2:
d4:62:2e:bc:e9:2a:5e:9b:43:eb:f4:fe:a0:9c:e6:
a6:2d:34:a9:28:63:0b:d6:bf:de:80:fb:3e:02:15:
b5:50:5d:aa:88:67:ef:fb:a4:63:da:aa:db:cd:cc:
a0:a3:8c:20:67:ae:1d:53:80:39:f7:c6:39:57:33:
7a:57:4d:08:4b:65:d0:a0:fe:8c:8a:15:ec:e0:70:
4b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:03:7E:5C:7B:3B:5C:50:91:1F:D4:35:7D:03:4F:6E:C9:8A:DA:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/352803C6CBD511EFA089B5B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.64.0/23
Signature Algorithm: sha256WithRSAEncryption
52:4f:76:cf:1b:f6:79:fe:44:35:20:95:7e:69:08:4e:c5:22:
67:9e:dd:4b:6d:bc:f9:83:1f:45:24:cd:ae:22:de:f4:4d:07:
91:d2:04:17:35:a2:22:44:b8:23:bb:a1:3c:9d:3c:38:4a:72:
66:e1:85:5c:c6:ac:e4:f5:97:8a:d3:9f:1a:aa:d2:0d:a8:66:
a8:41:48:1c:74:ee:1e:06:2c:05:21:97:31:9a:93:13:a5:87:
26:a9:6d:b7:e6:08:d0:bf:01:86:b7:62:3e:67:7d:37:04:f1:
00:1b:c0:6b:f7:78:77:da:bc:84:49:76:b8:d8:e0:6b:69:f5:
f5:d6:72:0c:eb:45:3a:02:c3:0d:15:fc:ce:b5:a6:4d:ef:b2:
12:0b:04:0c:ae:b7:49:ac:8c:33:8a:c6:dc:bc:a4:5e:ac:27:
1f:94:c7:d6:25:66:1e:a2:22:88:e4:c7:03:b9:b6:6c:9b:61:
3b:4b:2f:ed:f8:99:a5:86:f7:ca:04:79:d2:62:d8:bf:39:c8:
dc:e1:4c:ac:0b:6b:8b:4e:ff:8f:71:03:c3:77:29:e8:12:a4:
b8:6f:c6:04:d7:4c:d2:26:67:50:49:48:1d:44:96:18:b4:40:
02:44:f1:4c:18:b7:5a:04:09:1a:c2:21:aa:74:d0:5c:95:e3:
48:e7:98:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPfUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDIyMzIyWhcNMjUwMjA5MDIyMzIyWjAYMRYw
FAYDVQQDEw02NzdiM2U5ZC1iZTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsZbggZox5QLRuFJ02J6eoClvM3P0VBLz8s02cP9j02ziAg1nf1FO8C5m
R/QK6PNtccUsGut5bYwOuHaV8czAQOyioivT4wMzL+WEpoxoy5xW+SLRVICgKUJA
6IGDWwoqmoWR7LYx0OZ7MdEcpEalvgyUrDA85aaWrEkdz4+eE7H058N6R30OJA+x
uMzOlm/Wtvx+l6YQTD4XMLQuznovlHbjEKQFbNvHIGw48ZktcTrwzeLUYi686Spe
m0Pr9P6gnOamLTSpKGML1r/egPs+AhW1UF2qiGfv+6Rj2qrbzcygo4wgZ64dU4A5
98Y5VzN6V00IS2XQoP6MihXs4HBLHQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFcD
flx7O1xQkR/UNX0DT27JitpSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNTI4MDNDNkNCRDUxMUVGQTA4OUI1Qjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO1AMA0GCSqGSIb3DQEBCwUA
A4IBAQBST3bPG/Z5/kQ1IJV+aQhOxSJnnt1Lbbz5gx9FJM2uIt70TQeR0gQXNaIi
RLgju6E8nTw4SnJm4YVcxqzk9ZeK058aqtINqGaoQUgcdO4eBiwFIZcxmpMTpYcm
qW235gjQvwGGt2I+Z303BPEAG8Br93h32ryESXa42OBrafX11nIM60U6AsMNFfzO
taZN77ISCwQMrrdJrIwzisbcvKRerCcflMfWJWYeoiKI5McDubZsm2E7Sy/t+Jml
hvfKBHnSYti/Ocjc4UysC2uLTv+PcQPDdynoEqS4b8YE10zSJmdQSUgdRJYYtEAC
RPFMGLdaBAkawiGqdNBcleNI55ga
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:07 2025 by rpki-client