Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37A27732CC9111EF8CE61E57762E951A.roa
File: 37A27732CC9111EF8CE61E57762E951A.roa (raw, json)
Hash identifier: cy+dzX6DXEmSrTck7qANSVIZwFvtevaIZ5DOQH3WcTY=
Subject key identifier: 7E:5C:45:C9:AC:2F:01:79:C4:3B:D6:87:0A:A0:BD:1E:A7:59:4A:1D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F90B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37A27732CC9111EF8CE61E57762E951A.roa
Signing time: Tue 07 Jan 2025 00:49:15 +0000
ROA not before: Tue 07 Jan 2025 00:00:11 +0000
ROA not after: Sat 13 Dec 2025 00:00:11 +0000
asID: 984
IP address blocks: 156.226.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63755 (0xf90b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 00:00:11 2025 GMT
Not After : Dec 13 00:00:11 2025 GMT
Subject: CN=677c7a0b-ad89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:15:30:63:d4:1f:2a:2a:2d:be:87:26:de:b7:
9a:58:84:f2:7a:d7:36:6d:60:d2:39:a5:f1:df:d5:
f7:d9:62:81:61:b2:a8:c2:7f:d5:a1:59:10:e5:5a:
f0:ce:86:1c:89:a2:ea:7b:ff:4a:cd:f7:fc:07:d7:
64:1e:1e:8f:a1:d6:18:b5:5d:52:a6:d2:2c:23:8d:
d0:a7:40:78:3b:7a:f7:94:39:f9:25:94:a3:e0:57:
34:d9:3f:cf:80:26:25:17:7b:f8:20:84:6e:c6:64:
b8:12:fd:59:36:b6:a9:e1:3d:23:ac:7c:ce:1d:71:
94:1a:24:3c:c7:e8:37:7b:22:14:81:ec:1f:ef:f7:
92:70:f6:00:27:e1:82:a6:45:9b:0b:15:69:e1:ff:
84:d2:0f:c6:6d:80:55:58:78:70:af:45:53:69:b8:
08:8d:cf:6b:1e:20:5b:f4:fa:8b:8f:8e:ab:76:07:
57:36:c9:b9:65:db:e7:7a:f4:66:45:7b:e3:b3:62:
d6:df:a0:22:f2:a7:a2:5f:6a:dc:df:b3:69:b5:78:
c1:c7:0b:b5:bd:18:4f:27:f3:83:76:b8:a8:ad:f5:
d6:22:f3:05:eb:bb:0f:24:a8:c0:55:2d:58:e8:d9:
1b:13:33:7f:8f:67:84:8c:e1:62:60:f6:27:17:ee:
66:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:5C:45:C9:AC:2F:01:79:C4:3B:D6:87:0A:A0:BD:1E:A7:59:4A:1D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37A27732CC9111EF8CE61E57762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:8b:b9:d5:df:d6:31:48:78:b0:b8:6a:d9:b4:a5:aa:b3:80:
59:39:a5:46:3c:ac:4e:f5:93:bd:e0:ed:ca:49:df:8d:97:ee:
37:86:f9:c7:41:49:8e:c4:50:9a:f7:ce:bb:b1:78:75:32:18:
25:e2:7f:c2:07:ff:9c:34:7b:e3:5d:95:c5:76:5c:7e:19:1a:
1a:81:d3:8a:7b:7d:ca:29:37:91:78:9d:3d:16:fe:67:55:6a:
f7:16:b4:dc:4a:5f:83:36:9d:62:94:83:4c:89:63:b2:1b:44:
b1:b2:1e:63:15:73:c6:99:64:cf:3b:79:1e:ed:fe:00:70:9c:
49:96:c0:ab:9c:c6:34:6f:4b:f7:27:fa:a1:db:35:2a:f9:f9:
33:20:3f:c7:24:9d:cc:43:74:e8:8d:e2:c0:f6:b3:b0:89:50:
4e:49:c5:ff:08:96:ab:04:37:74:f9:95:0a:3d:61:a8:b8:8a:
ea:41:df:5e:c5:32:dd:15:0b:2b:35:eb:8e:40:46:0c:55:90:
08:88:b3:a7:0e:46:6b:07:81:6b:60:73:c9:f6:c2:1b:4a:c3:
04:89:5c:19:2f:35:6e:32:b5:4d:5a:bf:ce:08:a7:08:ae:7b:
8c:68:36:12:35:b0:54:62:7c:3f:fb:f4:21:76:7d:e5:39:fa:
c4:f9:3c:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPkLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDAwMDExWhcNMjUxMjEzMDAwMDExWjAYMRYw
FAYDVQQDEw02NzdjN2EwYi1hZDg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtBUwY9QfKiotvocm3reaWITyetc2bWDSOaXx39X32WKBYbKown/VoVkQ
5VrwzoYciaLqe/9Kzff8B9dkHh6PodYYtV1SptIsI43Qp0B4O3r3lDn5JZSj4Fc0
2T/PgCYlF3v4IIRuxmS4Ev1ZNrap4T0jrHzOHXGUGiQ8x+g3eyIUgewf7/eScPYA
J+GCpkWbCxVp4f+E0g/GbYBVWHhwr0VTabgIjc9rHiBb9PqLj46rdgdXNsm5Zdvn
evRmRXvjs2LW36Ai8qeiX2rc37NptXjBxwu1vRhPJ/ODdriorfXWIvMF67sPJKjA
VS1Y6NkbEzN/j2eEjOFiYPYnF+5muwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH5c
RcmsLwF5xDvWhwqgvR6nWUodMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zN0EyNzczMkNDOTExMUVGOENFNjFFNTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOL8MA0GCSqGSIb3DQEBCwUA
A4IBAQCoi7nV39YxSHiwuGrZtKWqs4BZOaVGPKxO9ZO94O3KSd+Nl+43hvnHQUmO
xFCa9867sXh1Mhgl4n/CB/+cNHvjXZXFdlx+GRoagdOKe33KKTeReJ09Fv5nVWr3
FrTcSl+DNp1ilINMiWOyG0Sxsh5jFXPGmWTPO3ke7f4AcJxJlsCrnMY0b0v3J/qh
2zUq+fkzID/HJJ3MQ3TojeLA9rOwiVBOScX/CJarBDd0+ZUKPWGouIrqQd9exTLd
FQsrNeuOQEYMVZAIiLOnDkZrB4FrYHPJ9sIbSsMEiVwZLzVuMrVNWr/OCKcIrnuM
aDYSNbBUYnw/+/Qhdn3lOfrE+TxV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:47 2025 by rpki-client