Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3795C124B60511EFBE94B64F762E951A.roa
File: 3795C124B60511EFBE94B64F762E951A.roa (raw, json)
Hash identifier: gbZFYZOmY6fBtm974E32/2LinVytdo4s2BZzOg1YvBE=
Subject key identifier: 8F:F3:94:1A:A1:D5:7C:E4:56:AC:E8:A8:60:74:19:A9:8B:E0:C0:68
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E184
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3795C124B60511EFBE94B64F762E951A.roa
Signing time: Mon 09 Dec 2024 08:11:41 +0000
ROA not before: Mon 09 Dec 2024 08:11:30 +0000
ROA not after: Thu 06 Feb 2025 08:11:30 +0000
asID: 150706
IP address blocks: 156.236.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 08:11:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57732 (0xe184)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 08:11:30 2024 GMT
Not After : Feb 6 08:11:30 2025 GMT
Subject: CN=6756a63d-6d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:89:23:78:12:fb:af:67:d6:e4:72:a0:14:e5:
db:26:98:92:b4:3e:ac:cf:73:5f:30:bb:02:fa:84:
22:40:a3:af:85:36:9a:0c:a1:62:cc:29:d2:83:c2:
9e:c1:48:f2:d0:41:40:dc:c6:16:2b:c9:d2:92:50:
ce:e4:e4:28:16:6c:10:91:26:f2:69:31:71:44:fd:
54:25:83:4b:b5:ce:39:49:de:8f:64:27:f7:00:ca:
f7:87:ff:77:29:01:cf:2a:59:59:8d:fd:5f:0a:62:
5c:bd:80:43:8e:59:9f:ad:8c:d8:60:d4:25:28:b2:
be:74:c2:c9:cf:26:95:8d:b7:49:6f:8d:49:57:85:
cf:d2:3e:4d:16:03:0b:af:3f:b1:bd:1d:46:37:2a:
d2:7c:c3:dd:29:c6:3e:66:83:1c:80:2e:69:96:2c:
41:70:00:b5:8d:96:b4:da:6d:e3:6e:3e:b6:a1:5c:
92:25:97:af:41:00:b1:48:e0:a9:f1:d7:d4:cb:0d:
67:60:db:95:a6:c3:4c:d1:43:72:d5:da:46:9a:e1:
17:75:71:61:88:71:0e:55:e7:f9:a7:dc:d6:a7:af:
59:27:45:ad:4c:f0:1a:6b:29:1b:be:c5:86:31:3f:
2d:45:0b:e0:45:c7:31:e1:2c:8b:e0:d5:38:c0:4d:
f6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F3:94:1A:A1:D5:7C:E4:56:AC:E8:A8:60:74:19:A9:8B:E0:C0:68
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3795C124B60511EFBE94B64F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.108.0/22
Signature Algorithm: sha256WithRSAEncryption
32:5d:a1:b5:fa:33:5e:e7:f5:83:1b:92:1e:5c:c6:99:5b:95:
09:03:0c:d1:e9:f2:2d:2d:5a:c2:03:14:db:9c:96:a4:4b:fb:
7f:f8:ad:bb:4d:b6:ef:0f:26:c5:b2:34:10:23:81:71:c9:fe:
04:3f:63:ac:2b:7c:1d:4f:10:3f:bc:50:46:c2:2f:67:78:48:
1e:22:7d:b3:59:d8:6b:35:e3:a0:24:73:96:b1:53:24:63:dc:
9e:f5:6f:35:42:e8:75:66:2f:3e:f7:c6:b1:7e:c4:ae:a0:e3:
3e:aa:47:e9:df:fe:52:7a:76:40:b4:30:1e:7c:4d:85:f3:a7:
c1:8f:67:5d:1b:b2:15:37:94:cd:b2:22:ad:02:85:77:b7:47:
e0:6c:c9:65:bb:2e:19:a2:ab:b4:cd:36:81:e6:8a:f9:b5:4c:
ad:03:95:a1:1c:69:62:b2:e3:4e:bd:07:18:e2:f5:31:c5:b9:
4b:27:c1:28:11:ef:a3:93:8f:cd:7c:85:e4:76:41:2d:01:4c:
a4:85:cd:84:3e:a6:f7:53:85:b3:fd:77:e8:9c:c7:e4:3a:ff:
6a:83:a3:d2:1b:ff:6e:43:52:e5:74:f9:3b:20:01:b6:5f:40:
f8:ad:cf:da:51:f6:6a:3b:41:07:b8:31:aa:d1:29:be:c6:e2:
33:c3:5f:f9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOGEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDgxMTMwWhcNMjUwMjA2MDgxMTMwWjAYMRYw
FAYDVQQDEw02NzU2YTYzZC02ZDRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+4kjeBL7r2fW5HKgFOXbJpiStD6sz3NfMLsC+oQiQKOvhTaaDKFizCnS
g8KewUjy0EFA3MYWK8nSklDO5OQoFmwQkSbyaTFxRP1UJYNLtc45Sd6PZCf3AMr3
h/93KQHPKllZjf1fCmJcvYBDjlmfrYzYYNQlKLK+dMLJzyaVjbdJb41JV4XP0j5N
FgMLrz+xvR1GNyrSfMPdKcY+ZoMcgC5plixBcAC1jZa02m3jbj62oVySJZevQQCx
SOCp8dfUyw1nYNuVpsNM0UNy1dpGmuEXdXFhiHEOVef5p9zWp69ZJ0WtTPAaaykb
vsWGMT8tRQvgRccx4SyL4NU4wE32nwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI/z
lBqh1XzkVqzoqGB0GamL4MBoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNzk1QzEyNEI2MDUxMUVGQkU5NEI2NEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOxsMA0GCSqGSIb3DQEBCwUA
A4IBAQAyXaG1+jNe5/WDG5IeXMaZW5UJAwzR6fItLVrCAxTbnJakS/t/+K27Tbbv
DybFsjQQI4Fxyf4EP2OsK3wdTxA/vFBGwi9neEgeIn2zWdhrNeOgJHOWsVMkY9ye
9W81Quh1Zi8+98axfsSuoOM+qkfp3/5SenZAtDAefE2F86fBj2ddG7IVN5TNsiKt
AoV3t0fgbMlluy4Zoqu0zTaB5or5tUytA5WhHGlisuNOvQcY4vUxxblLJ8EoEe+j
k4/NfIXkdkEtAUykhc2EPqb3U4Wz/XfonMfkOv9qg6PSG/9uQ1LldPk7IAG2X0D4
rc/aUfZqO0EHuDGq0Sm+xuIzw1/5
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:17 2025 by rpki-client