Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/376F61D0CCA011EFAAD77F46762E951A.roa
File: 376F61D0CCA011EFAAD77F46762E951A.roa (raw, json)
Hash identifier: 8GJe7igvxTWsfpyZnt4foujd7e7jyIr6QE7HNdKq56s=
Subject key identifier: 40:C1:12:49:4F:65:58:79:55:EF:1A:E4:C0:32:1F:C0:ED:6E:2F:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F98C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/376F61D0CCA011EFAAD77F46762E951A.roa
Signing time: Tue 07 Jan 2025 02:36:37 +0000
ROA not before: Tue 07 Jan 2025 02:36:33 +0000
ROA not after: Mon 13 Dec 2027 02:36:33 +0000
asID: 17561
IP address blocks: 156.227.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63884 (0xf98c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:36:33 2025 GMT
Not After : Dec 13 02:36:33 2027 GMT
Subject: CN=677c9335-d606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c6:7c:9d:1a:47:ee:b7:9f:34:ff:46:17:f7:
90:b2:cd:df:b6:20:f9:90:1b:7f:25:91:5d:42:f9:
f3:15:70:2e:d5:90:bc:72:fb:ee:52:84:fa:66:a3:
d0:de:52:7a:2a:53:46:8b:f8:e3:bd:9e:cd:e5:b8:
3d:b2:42:4e:77:4b:22:5c:ea:3a:4a:dc:e0:cc:bb:
85:a4:66:5e:f1:1d:7b:47:91:26:fe:c6:64:05:83:
08:91:2d:3c:51:0c:55:6d:57:2f:a8:bb:f3:30:f1:
a8:31:04:a6:3a:f4:30:ba:61:8b:1b:8d:31:6a:d1:
84:00:4b:db:3c:11:d2:a1:19:1e:3b:0a:c1:14:c5:
e1:42:1b:5e:63:5f:9b:a9:3c:46:8d:71:79:b0:3a:
ac:fa:8f:f7:8c:dc:7b:91:d1:cb:23:00:a5:ea:81:
cf:37:4a:9c:35:41:aa:46:06:ca:af:48:2f:a7:d0:
f8:31:42:a1:59:e9:46:20:28:d3:0b:36:e2:09:3e:
16:1d:24:35:3b:5b:4b:9f:75:d2:95:60:7c:fc:df:
a5:34:78:f3:16:f0:8e:26:b0:92:93:ce:db:aa:68:
40:49:b4:4a:5b:b6:17:37:e0:8b:cd:06:d1:be:c2:
e5:64:4f:8f:ea:2f:b7:bc:a6:04:17:1a:38:24:e8:
49:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C1:12:49:4F:65:58:79:55:EF:1A:E4:C0:32:1F:C0:ED:6E:2F:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/376F61D0CCA011EFAAD77F46762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.124.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:08:36:7b:62:f8:c2:75:44:0b:fa:52:78:bf:a5:6a:be:03:
70:4c:3e:94:11:49:bc:df:44:2d:b4:e1:ad:17:06:60:c2:7d:
b3:95:3b:6c:ea:ea:19:2e:46:ef:98:e2:49:da:8f:ba:22:e5:
dd:81:c4:86:b6:72:84:c5:bc:2e:1b:48:7a:fd:13:26:d7:30:
c8:96:b2:d3:cb:10:73:8b:e2:18:79:cc:6a:01:16:fb:f0:9b:
99:71:32:ac:a9:ec:6e:9f:89:35:5d:da:62:12:a9:61:65:31:
3b:1b:f7:23:6c:4c:7f:95:cb:65:4f:33:18:63:c6:6a:04:08:
3a:c7:8b:67:93:cb:0d:75:c3:0c:04:11:23:1f:9c:0a:01:d4:
79:2e:50:34:37:77:89:2d:b3:fd:7f:90:3c:28:e7:7c:2c:29:
d4:90:93:56:14:84:f7:32:e1:ec:2f:45:a8:f9:97:ba:17:66:
98:99:d5:0f:70:a6:ad:c9:43:39:9b:96:a8:71:68:08:02:77:
55:a2:d5:19:e7:b9:e6:37:fe:9b:58:08:b8:e6:95:d5:91:c1:
e5:79:72:98:d3:52:19:20:10:46:e3:96:9b:a7:e1:90:1d:d4:
19:4b:31:5d:a7:d6:3b:67:34:ac:11:30:2d:ac:18:57:31:6a:
c9:bb:99:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPmMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDIzNjMzWhcNMjcxMjEzMDIzNjMzWjAYMRYw
FAYDVQQDEw02NzdjOTMzNS1kNjA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArcZ8nRpH7refNP9GF/eQss3ftiD5kBt/JZFdQvnzFXAu1ZC8cvvuUoT6
ZqPQ3lJ6KlNGi/jjvZ7N5bg9skJOd0siXOo6StzgzLuFpGZe8R17R5Em/sZkBYMI
kS08UQxVbVcvqLvzMPGoMQSmOvQwumGLG40xatGEAEvbPBHSoRkeOwrBFMXhQhte
Y1+bqTxGjXF5sDqs+o/3jNx7kdHLIwCl6oHPN0qcNUGqRgbKr0gvp9D4MUKhWelG
ICjTCzbiCT4WHSQ1O1tLn3XSlWB8/N+lNHjzFvCOJrCSk87bqmhASbRKW7YXN+CL
zQbRvsLlZE+P6i+3vKYEFxo4JOhJfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEDB
EklPZVh5Ve8a5MAyH8Dtbi8aMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNzZGNjFEMENDQTAxMUVGQUFENzdGNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnON8MA0GCSqGSIb3DQEBCwUA
A4IBAQCqCDZ7YvjCdUQL+lJ4v6VqvgNwTD6UEUm830QttOGtFwZgwn2zlTts6uoZ
LkbvmOJJ2o+6IuXdgcSGtnKExbwuG0h6/RMm1zDIlrLTyxBzi+IYecxqARb78JuZ
cTKsqexun4k1XdpiEqlhZTE7G/cjbEx/lctlTzMYY8ZqBAg6x4tnk8sNdcMMBBEj
H5wKAdR5LlA0N3eJLbP9f5A8KOd8LCnUkJNWFIT3MuHsL0Wo+Ze6F2aYmdUPcKat
yUM5m5aocWgIAndVotUZ57nmN/6bWAi45pXVkcHleXKY01IZIBBG45abp+GQHdQZ
SzFdp9Y7ZzSsETAtrBhXMWrJu5lS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:31 2025 by rpki-client