Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37372738CD0F11EF861C2088762E951A.roa
File: 37372738CD0F11EF861C2088762E951A.roa (raw, json)
Hash identifier: Jct6KWXJp3tJYGOaD0hc9eBwDxurlntREftZ4vZcDHA=
Subject key identifier: 7F:C4:00:62:28:E4:CE:DA:E2:80:5D:52:D4:AD:97:58:33:86:05:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCE3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37372738CD0F11EF861C2088762E951A.roa
Signing time: Tue 07 Jan 2025 15:51:11 +0000
ROA not before: Tue 07 Jan 2025 15:51:07 +0000
ROA not after: Mon 13 Dec 2027 15:51:07 +0000
asID: 17561
IP address blocks: 156.239.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64739 (0xfce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:51:07 2025 GMT
Not After : Dec 13 15:51:07 2027 GMT
Subject: CN=677d4d6e-7982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b5:42:95:e3:4e:f7:96:78:ff:58:8d:a3:67:
e2:f8:7a:ab:99:7a:47:d9:84:d7:e2:91:20:0f:93:
38:5f:cb:af:db:82:8b:3c:3d:77:34:f9:f9:1e:02:
b8:55:a5:54:e4:70:dc:c4:cd:1a:93:96:29:02:5b:
2e:65:73:43:f1:7a:82:83:76:01:62:83:18:b5:b9:
7e:ac:59:2a:12:5c:e5:09:da:fb:cb:46:e9:30:82:
78:20:3b:45:dd:c8:64:9f:c2:5e:e2:7f:d2:0a:ca:
69:31:25:21:92:2d:80:72:61:11:31:ed:fa:3e:a8:
fc:2d:87:5c:8c:c8:d2:24:79:67:53:e3:ce:ad:2f:
37:00:29:47:34:55:17:b3:e7:79:d9:eb:f2:56:54:
fd:56:bc:d0:85:b3:df:d0:bc:39:d2:9e:cc:86:f2:
b5:f7:28:c3:2a:12:5e:6e:d5:1d:6a:45:c4:81:65:
34:66:99:ee:7c:0b:d2:26:e0:66:1d:65:92:55:6f:
6b:f6:9c:e6:ea:c2:35:58:c0:30:0b:2b:0b:b3:51:
fd:53:3b:7d:78:83:5d:17:de:59:fb:1e:8e:dd:b7:
d4:99:c1:9b:d2:f0:c6:bb:33:ba:41:6f:5c:57:b4:
6d:ce:57:d8:f9:98:92:58:0b:17:56:26:99:61:e0:
af:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C4:00:62:28:E4:CE:DA:E2:80:5D:52:D4:AD:97:58:33:86:05:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37372738CD0F11EF861C2088762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.148.0/24
Signature Algorithm: sha256WithRSAEncryption
96:fc:ff:b2:2d:1b:2b:38:40:37:9e:17:69:0d:43:2e:ab:29:
c5:54:c3:fa:6b:46:e2:0a:b7:76:1e:cf:89:9b:92:61:c7:ce:
9d:8c:2f:b2:9e:c2:37:8b:06:57:b8:23:c2:fc:f3:24:60:f6:
f2:42:91:72:de:6f:0c:f9:15:e2:18:92:4e:60:13:af:22:ff:
20:30:a3:bc:94:c9:e3:6e:cc:97:13:ad:ea:7a:40:7a:44:b3:
d8:ec:c9:7b:6f:d0:d1:58:6e:03:1c:b6:29:45:22:ef:74:c6:
1d:ba:4e:01:09:8e:99:e6:78:ea:f6:d4:94:2e:b3:92:29:10:
76:bc:98:b8:16:95:31:01:15:51:85:06:18:9d:4d:5f:81:27:
e7:c0:f2:4a:2d:88:36:60:ea:4d:13:8e:cd:ac:ba:4f:a6:ef:
7a:c8:41:0b:59:2d:c9:d1:63:37:e3:b4:bd:52:c1:72:09:32:
a1:70:17:41:b7:1f:dc:66:d3:05:48:ae:0b:eb:d9:7e:5e:16:
f9:c0:c1:80:d3:29:7b:8d:14:d8:3e:69:cb:79:ca:f9:c7:50:
10:ab:56:0a:b9:f1:d5:e5:bd:71:e9:79:30:ea:00:20:c3:c6:
40:c2:9f:88:79:73:d9:90:92:a1:23:4f:a3:45:6d:ee:09:cf:
55:8b:a7:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPzjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTU1MTA3WhcNMjcxMjEzMTU1MTA3WjAYMRYw
FAYDVQQDEw02NzdkNGQ2ZS03OTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8LVCleNO95Z4/1iNo2fi+HqrmXpH2YTX4pEgD5M4X8uv24KLPD13NPn5
HgK4VaVU5HDcxM0ak5YpAlsuZXND8XqCg3YBYoMYtbl+rFkqElzlCdr7y0bpMIJ4
IDtF3chkn8Je4n/SCsppMSUhki2AcmERMe36Pqj8LYdcjMjSJHlnU+POrS83AClH
NFUXs+d52evyVlT9VrzQhbPf0Lw50p7MhvK19yjDKhJebtUdakXEgWU0ZpnufAvS
JuBmHWWSVW9r9pzm6sI1WMAwCysLs1H9Uzt9eINdF95Z+x6O3bfUmcGb0vDGuzO6
QW9cV7RtzlfY+ZiSWAsXViaZYeCvRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH/E
AGIo5M7a4oBdUtStl1gzhgV/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNzM3MjczOENEMEYxMUVGODYxQzIwODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+UMA0GCSqGSIb3DQEBCwUA
A4IBAQCW/P+yLRsrOEA3nhdpDUMuqynFVMP6a0biCrd2Hs+Jm5Jhx86djC+ynsI3
iwZXuCPC/PMkYPbyQpFy3m8M+RXiGJJOYBOvIv8gMKO8lMnjbsyXE63qekB6RLPY
7Ml7b9DRWG4DHLYpRSLvdMYduk4BCY6Z5njq9tSULrOSKRB2vJi4FpUxARVRhQYY
nU1fgSfnwPJKLYg2YOpNE47NrLpPpu96yEELWS3J0WM347S9UsFyCTKhcBdBtx/c
ZtMFSK4L69l+Xhb5wMGA0yl7jRTYPmnLecr5x1AQq1YKufHV5b1x6Xkw6gAgw8ZA
wp+IeXPZkJKhI0+jRW3uCc9Vi6er
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:11 2025 by rpki-client