Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3758174ACC2911EFAA066F53762E951A.roa
File: 3758174ACC2911EFAA066F53762E951A.roa (raw, json)
Hash identifier: rYYGov2Yt3ygFP9anJWrgAKGMskuptuev4IAId/6SBI=
Subject key identifier: E5:66:31:40:18:23:31:19:71:E3:E2:53:E3:C2:63:80:4F:3A:14:9C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F8E3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3758174ACC2911EFAA066F53762E951A.roa
Signing time: Mon 06 Jan 2025 12:24:47 +0000
ROA not before: Mon 06 Jan 2025 12:24:43 +0000
ROA not after: Sat 08 Feb 2025 12:24:43 +0000
asID: 39600
IP address blocks: 156.237.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63715 (0xf8e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 12:24:43 2025 GMT
Not After : Feb 8 12:24:43 2025 GMT
Subject: CN=677bcb8e-d420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:75:a0:e0:15:70:ad:cc:76:46:a6:d5:f8:19:
8c:2f:ab:13:fe:64:e7:63:a4:c1:9b:6b:84:0d:46:
61:f4:fc:f9:be:a2:65:25:26:d8:36:d8:cd:97:23:
24:da:4d:29:1e:0b:88:55:e1:23:ce:ff:23:8a:1c:
66:93:ab:92:2d:1b:bc:21:90:fb:7e:bd:58:24:d8:
f1:0f:3c:bf:6e:fc:96:5a:1a:25:69:96:78:81:f4:
a0:55:08:8b:b8:9b:83:56:72:fd:62:d1:62:d2:3b:
a8:90:bd:04:87:15:56:7a:f4:c8:1e:38:3c:25:29:
c3:f2:2f:3b:12:4c:0b:1a:5a:cb:38:f9:f6:e7:61:
11:57:55:48:e2:6d:58:2e:b8:e7:f8:09:8c:3d:74:
eb:af:4b:e8:29:d0:18:08:ed:fd:96:dc:92:e9:1d:
6c:45:5a:31:46:df:37:c1:da:8b:89:22:fe:ea:a3:
ca:55:1a:a7:99:64:de:b2:10:ab:b8:1b:7d:9c:da:
59:01:14:88:52:97:94:78:1d:5e:e8:e6:5a:86:83:
15:52:37:10:b3:d8:63:33:b0:ea:1b:ab:e6:d1:1f:
64:02:c3:cc:49:70:b8:4b:48:1b:e2:d0:6e:db:80:
f3:84:f9:2c:ee:ae:51:00:54:38:4e:b7:3b:bd:d8:
3d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:66:31:40:18:23:31:19:71:E3:E2:53:E3:C2:63:80:4F:3A:14:9C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3758174ACC2911EFAA066F53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.124.0/23
Signature Algorithm: sha256WithRSAEncryption
81:d1:95:fa:a2:c9:d0:a9:c3:ac:64:a9:e4:21:57:fd:22:ad:
d4:9c:24:ea:aa:48:5e:14:ab:be:a9:74:c6:7f:a7:27:38:73:
a6:a3:b9:19:b5:33:74:c6:73:32:47:a2:09:c0:b6:f1:77:2a:
ee:75:47:ae:fd:ba:41:77:84:8b:1f:85:1c:d9:91:cf:dc:a2:
1a:32:f7:1d:e5:82:99:1c:6e:32:8e:eb:2c:74:79:18:b0:ec:
5e:a5:a4:e8:5b:a4:e2:19:db:9d:c8:ae:f8:4e:43:ab:90:1c:
6e:c5:40:4b:28:25:2d:2a:a5:d7:23:67:bc:64:0d:fa:5c:50:
3a:0b:a0:b6:51:6a:39:be:b2:a5:64:15:03:2a:9e:aa:1a:9b:
a9:ad:76:0e:9c:c0:e1:88:56:8b:d5:02:dd:5a:e1:a3:d9:06:
e9:ff:00:df:b1:4d:18:f5:02:66:2d:53:36:0e:72:f1:2f:c8:
17:af:8c:b7:72:ca:60:7c:b3:54:f7:7b:eb:0b:36:ba:e3:2a:
0d:b1:ad:d0:65:45:e8:1b:72:89:ff:bb:2f:df:63:b3:ce:4a:
9f:35:3b:1b:d0:db:da:79:32:96:34:62:4b:3f:11:ae:3f:e7:
3d:f1:1e:3a:38:2a:32:10:d4:88:1d:60:28:24:29:cc:0e:fb:
2f:f3:9f:16
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPjjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MTIyNDQzWhcNMjUwMjA4MTIyNDQzWjAYMRYw
FAYDVQQDEw02NzdiY2I4ZS1kNDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0HWg4BVwrcx2RqbV+BmML6sT/mTnY6TBm2uEDUZh9Pz5vqJlJSbYNtjN
lyMk2k0pHguIVeEjzv8jihxmk6uSLRu8IZD7fr1YJNjxDzy/bvyWWholaZZ4gfSg
VQiLuJuDVnL9YtFi0juokL0EhxVWevTIHjg8JSnD8i87EkwLGlrLOPn252ERV1VI
4m1YLrjn+AmMPXTrr0voKdAYCO39ltyS6R1sRVoxRt83wdqLiSL+6qPKVRqnmWTe
shCruBt9nNpZARSIUpeUeB1e6OZahoMVUjcQs9hjM7DqG6vm0R9kAsPMSXC4S0gb
4tBu24DzhPks7q5RAFQ4Trc7vdg9yQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOVm
MUAYIzEZcePiU+PCY4BPOhScMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNzU4MTc0QUNDMjkxMUVGQUEwNjZGNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO18MA0GCSqGSIb3DQEBCwUA
A4IBAQCB0ZX6osnQqcOsZKnkIVf9Iq3UnCTqqkheFKu+qXTGf6cnOHOmo7kZtTN0
xnMyR6IJwLbxdyrudUeu/bpBd4SLH4Uc2ZHP3KIaMvcd5YKZHG4yjussdHkYsOxe
paToW6TiGdudyK74TkOrkBxuxUBLKCUtKqXXI2e8ZA36XFA6C6C2UWo5vrKlZBUD
Kp6qGpuprXYOnMDhiFaL1QLdWuGj2Qbp/wDfsU0Y9QJmLVM2DnLxL8gXr4y3cspg
fLNU93vrCza64yoNsa3QZUXoG3KJ/7sv32OzzkqfNTsb0NvaeTKWNGJLPxGuP+c9
8R46OCoyENSIHWAoJCnMDvsv858W
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:37 2025 by rpki-client