Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/36931CC8C33811EFA2BF6681762E951A.roa
File: 36931CC8C33811EFA2BF6681762E951A.roa (raw, json)
Hash identifier: KJ39ntyMNO67ry71PKJPsCOCpXVrhrbB5TynngsiRl0=
Subject key identifier: 7B:A6:00:0B:76:F4:4D:EA:70:A9:CC:C2:85:1B:4C:0D:9F:71:22:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB63
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/36931CC8C33811EFA2BF6681762E951A.roa
Signing time: Thu 26 Dec 2024 03:19:27 +0000
ROA not before: Thu 26 Dec 2024 03:19:24 +0000
ROA not after: Wed 10 Dec 2025 03:19:24 +0000
asID: 984
IP address blocks: 156.244.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60259 (0xeb63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:19:24 2024 GMT
Not After : Dec 10 03:19:24 2025 GMT
Subject: CN=676ccb3f-5c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:be:3b:d6:6a:c5:e8:2c:7b:42:39:c2:74:74:
56:5f:bb:bc:ae:3e:a3:c4:a9:a1:39:85:6e:12:ba:
15:97:49:cc:e1:fc:84:9f:bc:a3:9a:f0:09:1c:ce:
10:b9:a2:1c:de:08:73:2c:5f:89:18:53:e9:bf:3a:
83:7f:ce:e0:a7:00:86:5d:c2:a5:f7:78:df:a1:e3:
ab:35:4b:d5:d8:74:bb:26:50:3b:f4:db:b9:0b:0a:
36:27:18:c1:2c:09:2e:7d:6e:d3:0f:62:20:5b:41:
59:f4:8d:fe:4f:13:94:fe:cc:21:52:9e:99:65:dc:
a4:36:de:c0:da:3e:a3:70:9c:53:fd:37:a9:ac:e8:
43:80:52:05:47:ca:5d:09:17:9d:18:4d:8a:00:d7:
77:16:e1:5e:c1:94:e7:c9:da:e3:b7:81:35:8b:7a:
01:0a:05:20:29:b3:42:46:18:f2:5a:1f:42:31:d8:
d7:3d:b3:10:2b:ce:36:2a:b5:48:f0:7b:83:19:46:
c8:c8:34:ce:d3:dd:a0:28:1e:c9:75:b5:ee:3e:eb:
2a:65:77:e9:94:32:8a:9c:55:c3:22:48:b8:7f:d5:
2d:9d:f8:ad:c1:57:7f:99:dc:77:5f:95:b2:99:ce:
e4:04:e3:a1:e2:88:de:24:e5:ad:88:5f:f5:68:cd:
1c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A6:00:0B:76:F4:4D:EA:70:A9:CC:C2:85:1B:4C:0D:9F:71:22:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/36931CC8C33811EFA2BF6681762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.173.0/24
Signature Algorithm: sha256WithRSAEncryption
86:09:b4:d6:86:e5:3f:a0:a8:ec:83:98:f6:e4:be:02:e5:fa:
d9:1f:8d:06:8a:3b:18:b9:93:e9:39:74:b7:27:8e:33:82:1a:
80:87:b8:5e:25:bd:e9:eb:66:0b:e3:08:b0:1c:a8:bb:d9:49:
31:f8:85:12:a5:09:6f:77:f0:ab:7d:fd:bc:64:d2:0f:c9:6f:
6c:91:d5:f2:ce:60:a1:c1:06:4d:6e:c5:04:8a:4c:50:60:5c:
02:51:ff:6e:c8:0d:32:4a:75:74:4e:b1:f9:6c:4b:e2:52:b1:
ac:c3:77:2d:ce:c0:77:6e:e3:06:1a:08:eb:80:eb:32:f6:30:
3c:54:d9:12:72:03:5e:85:d5:b2:35:38:f6:e1:95:ad:30:6b:
8c:01:e1:6a:3e:4e:60:0e:02:5e:2a:4b:29:b8:72:92:26:b0:
a4:7f:1d:c3:fa:65:33:69:d6:05:18:1f:02:3a:0d:0d:9d:e3:
30:77:d5:9d:c4:c2:d5:5c:67:de:51:8e:95:bf:7c:20:04:0a:
f1:e6:a0:7a:62:81:5d:ea:d7:be:91:fd:39:05:a9:7b:4b:fb:
1c:6a:8d:88:6c:b7:5f:6f:7f:33:96:58:be:5b:95:81:93:3a:
13:63:20:c1:42:3e:54:7c:cc:dd:48:0f:cd:9e:b5:4e:96:10:
ac:f1:23:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOtjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDMxOTI0WhcNMjUxMjEwMDMxOTI0WjAYMRYw
FAYDVQQDEw02NzZjY2IzZi01Yzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt7471mrF6Cx7QjnCdHRWX7u8rj6jxKmhOYVuEroVl0nM4fyEn7yjmvAJ
HM4QuaIc3ghzLF+JGFPpvzqDf87gpwCGXcKl93jfoeOrNUvV2HS7JlA79Nu5Cwo2
JxjBLAkufW7TD2IgW0FZ9I3+TxOU/swhUp6ZZdykNt7A2j6jcJxT/TeprOhDgFIF
R8pdCRedGE2KANd3FuFewZTnydrjt4E1i3oBCgUgKbNCRhjyWh9CMdjXPbMQK842
KrVI8HuDGUbIyDTO092gKB7JdbXuPusqZXfplDKKnFXDIki4f9UtnfitwVd/mdx3
X5Wymc7kBOOh4ojeJOWtiF/1aM0cbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHum
AAt29E3qcKnMwoUbTA2fcSJ0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNjkzMUNDOEMzMzgxMUVGQTJCRjY2ODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPStMA0GCSqGSIb3DQEBCwUA
A4IBAQCGCbTWhuU/oKjsg5j25L4C5frZH40GijsYuZPpOXS3J44zghqAh7heJb3p
62YL4wiwHKi72Ukx+IUSpQlvd/Crff28ZNIPyW9skdXyzmChwQZNbsUEikxQYFwC
Uf9uyA0ySnV0TrH5bEviUrGsw3ctzsB3buMGGgjrgOsy9jA8VNkScgNehdWyNTj2
4ZWtMGuMAeFqPk5gDgJeKkspuHKSJrCkfx3D+mUzadYFGB8COg0NneMwd9WdxMLV
XGfeUY6Vv3wgBArx5qB6YoFd6te+kf05Bal7S/scao2IbLdfb38zlli+W5WBkzoT
YyDBQj5UfMzdSA/NnrVOlhCs8SNI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:57 2025 by rpki-client