Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37E88C0AD2FD11EF9563CCB6762E951A.roa
File: 37E88C0AD2FD11EF9563CCB6762E951A.roa (raw, json)
Hash identifier: zbohOX3CjgsMFg1mienpdpWjHLqbxpBJeBkKIKgyRiM=
Subject key identifier: 27:B6:AE:12:75:50:F1:75:03:0B:7D:D4:28:45:16:69:7D:22:00:16
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107D3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37E88C0AD2FD11EF9563CCB6762E951A.roa
Signing time: Wed 15 Jan 2025 04:57:28 +0000
ROA not before: Wed 15 Jan 2025 04:57:24 +0000
ROA not after: Mon 03 Jan 2028 04:57:24 +0000
asID: 17561
IP address blocks: 156.254.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67539 (0x107d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:57:24 2025 GMT
Not After : Jan 3 04:57:24 2028 GMT
Subject: CN=67874038-a2c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:27:4d:8e:47:21:1a:6f:38:fc:f8:d6:94:ce:
4b:23:7c:22:e7:83:9b:eb:6f:a6:92:c7:ee:61:3d:
21:0a:e3:82:d9:56:35:da:07:e7:6c:1d:97:97:6f:
93:ec:ab:44:46:23:bf:3e:06:bf:02:11:d9:31:3b:
0d:87:47:2c:c7:2f:e2:79:5c:8c:3b:81:1c:c0:b2:
d3:21:3f:d3:3e:49:98:85:7c:e3:a1:06:56:69:b7:
72:46:08:d3:cd:e9:dd:ef:f6:8b:60:ef:41:d7:fd:
6e:7a:72:3c:bf:ac:02:52:dc:3d:ca:00:31:ed:20:
f6:a5:df:90:f8:9b:99:2f:23:bc:3a:8b:bf:a0:ce:
be:6f:ed:0e:17:7d:49:ab:6f:e4:aa:7b:6b:08:33:
f3:77:6c:55:78:0f:53:2c:cf:76:ee:fa:3b:b2:10:
2b:f9:28:b9:39:f0:3d:ce:10:e0:1f:c6:55:0e:53:
54:69:df:36:d6:1a:3e:79:d0:36:39:46:fb:51:73:
67:d3:7f:1e:b1:26:2b:30:88:3d:e5:93:b8:47:37:
77:86:9b:f8:0e:76:a9:d7:de:f2:e3:3c:31:c6:35:
de:d5:e6:15:3e:ad:cd:81:f2:9c:94:39:83:6e:77:
e5:99:e4:a0:fc:8b:18:d8:09:6e:67:f1:36:4e:00:
99:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B6:AE:12:75:50:F1:75:03:0B:7D:D4:28:45:16:69:7D:22:00:16
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37E88C0AD2FD11EF9563CCB6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.20.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:03:9d:b2:9e:d1:2e:76:89:b2:9c:ef:87:9c:72:5a:d5:5e:
95:ce:32:2d:a7:61:82:b9:ab:43:6a:3b:65:69:1d:9e:58:36:
55:7d:dd:a4:84:93:df:6e:4e:c2:68:29:92:2a:85:98:c0:14:
fa:8f:aa:01:60:73:f7:38:30:0d:7c:0b:0a:bf:58:81:ab:5d:
55:ca:93:df:5b:9c:e2:a8:d5:d5:76:22:30:2e:e9:59:68:18:
64:33:b3:7b:e2:7c:89:30:04:98:87:cf:be:96:fd:63:f1:9d:
7b:09:e2:bd:61:b2:7b:7a:d3:06:22:d1:1a:37:63:b3:b5:70:
a1:34:a2:74:93:33:fc:28:9b:e5:86:62:5b:d9:82:7a:72:42:
cc:fd:fa:ea:8d:f5:d9:9f:d2:3e:1f:ee:7d:a5:54:bb:8b:43:
bb:8a:95:7a:eb:0f:b6:65:e4:86:d9:fb:c4:86:f9:28:4d:dd:
ea:4e:7a:ee:38:9d:62:c1:68:f3:5b:09:00:ca:34:a1:75:05:
ca:22:ec:66:93:6b:68:2d:1b:b0:2c:94:b8:05:e9:dd:cc:8d:
3c:5f:39:fa:7e:98:be:cc:5d:4e:8d:d6:b7:98:5e:b4:bb:1d:
7c:93:3c:3e:88:08:d1:6d:18:a6:1c:4a:88:5e:9a:af:09:04:
94:11:d5:f2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQfTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQ1NzI0WhcNMjgwMTAzMDQ1NzI0WjAYMRYw
FAYDVQQDEw02Nzg3NDAzOC1hMmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqydNjkchGm84/PjWlM5LI3wi54Ob62+mksfuYT0hCuOC2VY12gfnbB2X
l2+T7KtERiO/Pga/AhHZMTsNh0csxy/ieVyMO4EcwLLTIT/TPkmYhXzjoQZWabdy
RgjTzend7/aLYO9B1/1uenI8v6wCUtw9ygAx7SD2pd+Q+JuZLyO8Oou/oM6+b+0O
F31Jq2/kqntrCDPzd2xVeA9TLM927vo7shAr+Si5OfA9zhDgH8ZVDlNUad821ho+
edA2OUb7UXNn038esSYrMIg95ZO4Rzd3hpv4Dnap197y4zwxxjXe1eYVPq3NgfKc
lDmDbnflmeSg/IsY2AluZ/E2TgCZGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCe2
rhJ1UPF1Awt91ChFFml9IgAWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zN0U4OEMwQUQyRkQxMUVGOTU2M0NDQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4UMA0GCSqGSIb3DQEBCwUA
A4IBAQAqA52yntEudomynO+HnHJa1V6VzjItp2GCuatDajtlaR2eWDZVfd2khJPf
bk7CaCmSKoWYwBT6j6oBYHP3ODANfAsKv1iBq11VypPfW5ziqNXVdiIwLulZaBhk
M7N74nyJMASYh8++lv1j8Z17CeK9YbJ7etMGItEaN2OztXChNKJ0kzP8KJvlhmJb
2YJ6ckLM/frqjfXZn9I+H+59pVS7i0O7ipV66w+2ZeSG2fvEhvkoTd3qTnruOJ1i
wWjzWwkAyjShdQXKIuxmk2toLRuwLJS4BendzI08Xzn6fpi+zF1Ojda3mF60ux18
kzw+iAjRbRimHEqIXpqvCQSUEdXy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:40 2025 by rpki-client