Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/36F7B7DEC34011EFBC9D57B6762E951A.roa
File: 36F7B7DEC34011EFBC9D57B6762E951A.roa (raw, json)
Hash identifier: 31GATA0H6y2GG+BoIzuPIMkEBz8FV9sAFEITkDACvMA=
Subject key identifier: 5E:DA:3B:18:0C:3E:3C:A8:17:66:3C:C3:26:37:D4:38:41:B9:33:E6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBC1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/36F7B7DEC34011EFBC9D57B6762E951A.roa
Signing time: Thu 26 Dec 2024 04:16:44 +0000
ROA not before: Thu 26 Dec 2024 04:16:41 +0000
ROA not after: Wed 10 Dec 2025 04:16:41 +0000
asID: 984
IP address blocks: 156.244.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60353 (0xebc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:16:41 2024 GMT
Not After : Dec 10 04:16:41 2025 GMT
Subject: CN=676cd8ac-3745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8c:ef:eb:df:94:a3:ad:8d:6b:8d:f8:59:9b:
dc:43:4c:9c:3b:0b:90:5a:82:25:bf:df:69:5f:46:
48:e8:97:cb:8e:85:d8:fe:7b:34:38:bd:56:6b:da:
37:02:e5:14:9b:dc:d1:04:3a:82:7a:d6:1b:e6:91:
50:d9:9f:da:06:ee:98:32:70:6d:2e:28:fb:f1:18:
26:c4:7f:14:ce:24:34:da:8b:bf:70:99:ee:34:05:
32:08:f8:34:e7:fe:a0:4f:0f:1c:72:bb:22:4d:44:
86:06:84:b2:9a:6d:69:7a:94:5e:28:a0:bd:e8:fc:
26:60:b9:45:7f:45:71:e2:72:88:00:89:53:dd:bc:
97:a7:19:bd:e8:8b:8f:e6:08:26:34:89:20:5e:79:
32:5f:ec:21:62:fe:c4:b5:3d:20:5a:5c:49:a3:23:
e9:97:48:24:6e:a9:ca:44:94:a0:b2:a8:c3:a1:f4:
93:e6:c8:b1:fc:ee:27:4f:0c:d9:6d:1e:15:67:a9:
9b:ac:98:da:b3:9a:22:25:a1:bf:33:8c:be:7c:c8:
b7:d6:a4:53:9f:df:de:1e:07:24:a4:71:dd:00:91:
47:46:8f:1b:73:e6:a1:63:51:e0:0b:b7:47:a6:03:
ba:45:7a:f7:68:87:c8:91:ca:1c:e9:79:43:92:b0:
16:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:DA:3B:18:0C:3E:3C:A8:17:66:3C:C3:26:37:D4:38:41:B9:33:E6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/36F7B7DEC34011EFBC9D57B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.220.0/24
Signature Algorithm: sha256WithRSAEncryption
25:23:f8:b5:76:85:20:20:e1:6b:4b:be:45:70:93:bc:05:17:
1e:17:16:bc:2c:1f:9a:dc:be:39:69:f0:47:5c:8f:4a:d0:f9:
2b:6e:b1:a1:3a:c2:98:e2:2d:52:cc:30:9f:7f:7b:61:74:f1:
d5:9c:49:67:bc:56:19:a0:1f:cc:d7:8a:59:7d:c6:f4:95:87:
01:d8:79:ad:d3:c0:74:22:da:6c:48:b6:c3:19:db:8d:3d:d2:
31:1d:13:bd:8d:df:bb:c3:ad:aa:d4:ea:42:14:36:c6:f6:bd:
cc:f0:27:5e:0e:5b:2e:39:07:17:dd:4f:fc:ca:8a:6b:d5:19:
1f:c8:f9:43:99:b0:db:08:56:fb:e0:29:28:be:cc:70:0b:00:
a2:d9:44:b9:56:e4:89:fc:1f:15:a4:1a:92:46:3b:f2:1d:4b:
9f:b5:e0:fc:fb:eb:49:b9:96:28:14:04:f8:82:48:22:d4:bc:
f8:b4:99:16:b6:d9:90:fc:11:f5:3a:9d:d0:90:b0:47:64:dd:
c6:2d:99:ef:eb:21:0e:b8:bb:b4:1d:20:97:61:3d:6b:49:36:
f3:8d:74:07:db:90:db:ec:60:dc:e1:b2:87:42:76:0b:61:f6:
7b:bb:94:5d:fe:20:fa:4b:84:bc:c4:4b:98:b5:ae:2f:ab:6c:
71:bf:a7:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQxNjQxWhcNMjUxMjEwMDQxNjQxWjAYMRYw
FAYDVQQDEw02NzZjZDhhYy0zNzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqYzv69+Uo62Na434WZvcQ0ycOwuQWoIlv99pX0ZI6JfLjoXY/ns0OL1W
a9o3AuUUm9zRBDqCetYb5pFQ2Z/aBu6YMnBtLij78RgmxH8UziQ02ou/cJnuNAUy
CPg05/6gTw8ccrsiTUSGBoSymm1pepReKKC96PwmYLlFf0Vx4nKIAIlT3byXpxm9
6IuP5ggmNIkgXnkyX+whYv7EtT0gWlxJoyPpl0gkbqnKRJSgsqjDofST5six/O4n
TwzZbR4VZ6mbrJjas5oiJaG/M4y+fMi31qRTn9/eHgckpHHdAJFHRo8bc+ahY1Hg
C7dHpgO6RXr3aIfIkcoc6XlDkrAW1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF7a
OxgMPjyoF2Y8wyY31DhBuTPmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNkY3QjdERUMzNDAxMUVGQkM5RDU3QjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTcMA0GCSqGSIb3DQEBCwUA
A4IBAQAlI/i1doUgIOFrS75FcJO8BRceFxa8LB+a3L45afBHXI9K0PkrbrGhOsKY
4i1SzDCff3thdPHVnElnvFYZoB/M14pZfcb0lYcB2Hmt08B0ItpsSLbDGduNPdIx
HRO9jd+7w62q1OpCFDbG9r3M8CdeDlsuOQcX3U/8yopr1RkfyPlDmbDbCFb74Cko
vsxwCwCi2US5VuSJ/B8VpBqSRjvyHUufteD8++tJuZYoFAT4gkgi1Lz4tJkWttmQ
/BH1Op3QkLBHZN3GLZnv6yEOuLu0HSCXYT1rSTbzjXQH25Db7GDc4bKHQnYLYfZ7
u5Rd/iD6S4S8xEuYta4vq2xxv6fG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:10 2025 by rpki-client