Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/365F27E8D17E11EFAEB7BAB4762E951A.roa
File: 365F27E8D17E11EFAEB7BAB4762E951A.roa (raw, json)
Hash identifier: dZuvUKSV5qTes0KNgEwFUbOCDnzIpqHhPLlnQ+7v5+Q=
Subject key identifier: 35:3C:33:53:84:DA:1F:7D:5C:6C:58:D8:A1:A1:A2:E9:22:8D:34:9C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01068A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/365F27E8D17E11EFAEB7BAB4762E951A.roa
Signing time: Mon 13 Jan 2025 07:15:48 +0000
ROA not before: Mon 13 Jan 2025 07:15:44 +0000
ROA not after: Thu 20 Feb 2025 07:15:44 +0000
asID: 64457
IP address blocks: 156.253.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67210 (0x1068a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 07:15:44 2025 GMT
Not After : Feb 20 07:15:44 2025 GMT
Subject: CN=6784bda4-6d75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b2:75:7b:6d:b1:c1:bc:6f:cb:91:68:0c:68:
73:2d:82:27:36:a8:e4:c5:fd:0a:b7:6f:7d:c1:4c:
17:1f:19:ea:a5:39:c5:0f:d7:02:4f:82:0d:63:f7:
4b:c1:39:1f:d0:8b:64:76:a7:2d:39:ae:6e:0d:53:
86:8a:46:c4:4b:e1:16:3b:c1:16:f9:3e:c0:c1:40:
79:60:b1:3a:9b:f0:c8:b6:b6:78:6c:a8:16:7f:0c:
cf:d6:3b:74:6b:84:5c:e8:3d:cd:eb:ce:a6:65:ff:
c5:e5:17:1a:de:66:41:5c:af:f8:e0:56:c7:40:1d:
75:fa:1f:7c:b9:a8:5c:d8:1f:e9:e4:39:21:18:b2:
af:54:61:19:94:c5:02:d4:eb:61:65:a9:cd:f9:87:
91:6e:19:74:3e:95:75:b4:6e:30:c4:4c:c9:4c:26:
93:04:8d:5e:99:ef:37:5d:c9:01:49:9b:7e:65:fa:
6e:ef:9d:21:ad:ff:05:8f:ff:49:3c:86:7b:e2:ac:
10:6a:67:17:33:eb:d1:ad:50:80:3c:74:54:1c:e9:
e1:18:a1:09:5e:45:86:3c:3a:55:04:59:1d:43:1c:
df:ae:c4:33:7d:c3:8f:fb:d1:b8:ec:aa:4b:50:c5:
16:0f:2e:ae:02:b0:26:05:cb:85:d7:48:cc:f1:89:
7e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3C:33:53:84:DA:1F:7D:5C:6C:58:D8:A1:A1:A2:E9:22:8D:34:9C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/365F27E8D17E11EFAEB7BAB4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:8b:ec:6b:3d:7c:c7:8a:c5:d9:68:47:e0:f1:d1:14:55:72:
0d:76:38:fc:aa:f9:46:20:85:55:cf:d8:79:7a:5a:0c:63:67:
5a:88:52:fd:b5:9e:00:3c:a7:e9:ef:ec:c3:77:a7:30:89:a0:
89:49:55:54:33:b8:4a:af:f0:6e:37:fa:85:ee:22:aa:0e:53:
b8:15:87:34:15:e8:57:25:89:b0:7c:5c:47:4b:7a:d7:e1:35:
51:e6:d9:9f:f3:5f:0f:7a:eb:ea:fb:4e:fd:48:7d:b4:6b:19:
c7:28:3f:64:c4:b8:f8:5c:8a:ca:cf:a5:35:98:18:04:ad:10:
2c:bd:da:f5:0d:1e:b0:fd:ae:70:1f:15:53:21:c5:8b:18:1c:
f2:df:d0:2e:2e:df:aa:42:fe:b4:c1:f3:66:0a:d2:84:d6:c1:
2b:83:5e:83:d6:b0:54:65:7d:f8:2d:c8:fa:d1:ed:a0:b2:03:
19:b2:fe:03:c1:aa:a0:97:db:4a:59:e8:c3:1b:59:26:70:ac:
4f:64:ae:a1:cb:0e:32:17:d1:a6:f5:ad:fc:30:95:2b:54:e7:
2f:b7:e3:5a:a1:1b:f0:cd:77:7e:ff:4b:6c:f6:5c:aa:b2:09:
50:57:64:e1:93:fb:db:f2:bf:d1:67:79:37:8e:9f:d1:31:27:
e1:14:cc:b2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQaKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDcxNTQ0WhcNMjUwMjIwMDcxNTQ0WjAYMRYw
FAYDVQQDEw02Nzg0YmRhNC02ZDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7rJ1e22xwbxvy5FoDGhzLYInNqjkxf0Kt299wUwXHxnqpTnFD9cCT4IN
Y/dLwTkf0ItkdqctOa5uDVOGikbES+EWO8EW+T7AwUB5YLE6m/DItrZ4bKgWfwzP
1jt0a4Rc6D3N686mZf/F5Rca3mZBXK/44FbHQB11+h98uahc2B/p5DkhGLKvVGEZ
lMUC1OthZanN+YeRbhl0PpV1tG4wxEzJTCaTBI1eme83XckBSZt+Zfpu750hrf8F
j/9JPIZ74qwQamcXM+vRrVCAPHRUHOnhGKEJXkWGPDpVBFkdQxzfrsQzfcOP+9G4
7KpLUMUWDy6uArAmBcuF10jM8Yl+iQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDU8
M1OE2h99XGxY2KGhoukijTScMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNjVGMjdFOEQxN0UxMUVGQUVCN0JBQjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP34MA0GCSqGSIb3DQEBCwUA
A4IBAQCNi+xrPXzHisXZaEfg8dEUVXINdjj8qvlGIIVVz9h5eloMY2daiFL9tZ4A
PKfp7+zDd6cwiaCJSVVUM7hKr/BuN/qF7iKqDlO4FYc0FehXJYmwfFxHS3rX4TVR
5tmf818Peuvq+079SH20axnHKD9kxLj4XIrKz6U1mBgErRAsvdr1DR6w/a5wHxVT
IcWLGBzy39AuLt+qQv60wfNmCtKE1sErg16D1rBUZX34Lcj60e2gsgMZsv4Dwaqg
l9tKWejDG1kmcKxPZK6hyw4yF9Gm9a38MJUrVOcvt+NaoRvwzXd+/0ts9lyqsglQ
V2Thk/vb8r/RZ3k3jp/RMSfhFMyy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:28 2025 by rpki-client