Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3850F5E0CDA511EFBDBA8D51762E951A.roa
File: 3850F5E0CDA511EFBDBA8D51762E951A.roa (raw, json)
Hash identifier: t/2zPxWhc0FCju1hhw7PdhXvuNQmML+GhHi3OGhObUA=
Subject key identifier: 1E:DB:D8:EA:4D:B3:2A:A9:57:9E:45:15:F9:BA:1A:E0:B8:84:DB:16
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01011D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3850F5E0CDA511EFBDBA8D51762E951A.roa
Signing time: Wed 08 Jan 2025 09:44:57 +0000
ROA not before: Wed 08 Jan 2025 09:44:53 +0000
ROA not after: Sat 13 Dec 2025 09:44:53 +0000
asID: 984
IP address blocks: 156.253.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65821 (0x1011d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:44:53 2025 GMT
Not After : Dec 13 09:44:53 2025 GMT
Subject: CN=677e4919-eff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f8:d4:96:fb:d9:7a:92:1a:e8:12:6b:44:e3:
b8:f7:55:3d:72:10:ff:5a:08:9b:a0:cf:52:25:65:
7e:ec:d4:da:51:07:b8:13:2b:03:71:5e:01:96:fd:
d2:f3:dc:21:aa:ea:28:78:bc:f6:71:70:56:4f:9b:
4c:3b:55:43:63:2f:2a:5b:68:a5:15:23:c9:c1:6d:
46:a6:82:3f:7d:ee:19:a2:bd:ce:be:2f:f5:37:02:
64:97:e8:64:55:d7:77:83:5d:de:48:c7:4d:7c:b4:
e1:aa:35:22:d3:f2:b8:e5:8b:e6:ab:97:99:21:79:
6a:c4:29:27:77:de:53:fa:cf:7f:f3:48:ac:80:15:
ea:d0:bb:69:32:e6:ba:86:85:79:8f:a2:8d:42:d1:
f1:a5:14:fa:c0:18:04:9c:09:e6:fe:87:b9:35:45:
ea:20:22:85:57:b8:8e:92:a4:05:cf:d2:16:24:1c:
31:16:b7:e6:7f:8c:bd:a4:23:ba:b1:38:1f:f4:fc:
00:33:57:42:3e:32:1b:27:d7:e3:0b:12:86:9f:63:
d5:95:ce:a6:fd:26:28:05:2d:26:72:03:58:6c:90:
8e:ab:9a:00:b3:60:9a:80:ff:2b:ca:a0:4c:37:6b:
2d:88:dc:69:f0:02:2d:e6:81:0c:cb:ca:64:fd:bd:
af:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DB:D8:EA:4D:B3:2A:A9:57:9E:45:15:F9:BA:1A:E0:B8:84:DB:16
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3850F5E0CDA511EFBDBA8D51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.57.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:97:b9:98:08:53:41:21:f7:8d:17:c6:b7:97:ad:ba:e9:53:
09:05:74:af:39:23:a5:85:1e:ce:44:b0:09:39:09:3c:3b:7c:
05:87:f7:7f:71:33:39:bd:98:48:67:9f:91:fa:0a:5b:2d:23:
95:de:d1:98:68:26:76:77:34:90:0f:9f:35:1f:73:d2:a3:88:
7a:9f:1d:a0:a2:95:71:ae:02:6a:43:5c:47:1d:52:80:f7:4e:
70:cf:15:71:f3:e0:46:5e:23:30:a4:5a:1f:4d:74:b8:10:39:
f9:14:76:90:b3:7e:6d:89:46:8a:8a:0d:68:31:bd:74:0e:5e:
9c:00:18:9c:aa:ab:95:2a:8c:96:0d:92:51:41:46:12:4c:08:
25:e1:2e:e2:0f:2c:99:63:1e:bd:8e:c4:dc:57:e5:bd:b7:40:
22:4e:7f:07:ee:44:a6:f2:3f:4f:27:b4:16:cd:02:b1:b8:12:
52:91:a3:c1:30:63:7f:b6:ea:e7:a1:96:0d:ce:33:38:7e:8d:
9d:92:17:aa:ef:02:52:d8:97:52:ca:b2:e5:bf:15:aa:8f:e2:
54:3d:5d:c7:f0:00:df:ec:4b:c8:3e:8b:67:11:a8:5f:2f:9f:
bd:95:f1:39:b2:ce:b0:32:1f:7a:c5:6e:ab:68:1b:87:61:f9:
97:00:86:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQEdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDk0NDUzWhcNMjUxMjEzMDk0NDUzWjAYMRYw
FAYDVQQDEw02NzdlNDkxOS1lZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp/jUlvvZepIa6BJrROO491U9chD/WgiboM9SJWV+7NTaUQe4EysDcV4B
lv3S89whquooeLz2cXBWT5tMO1VDYy8qW2ilFSPJwW1GpoI/fe4Zor3Ovi/1NwJk
l+hkVdd3g13eSMdNfLThqjUi0/K45Yvmq5eZIXlqxCknd95T+s9/80isgBXq0Ltp
Mua6hoV5j6KNQtHxpRT6wBgEnAnm/oe5NUXqICKFV7iOkqQFz9IWJBwxFrfmf4y9
pCO6sTgf9PwAM1dCPjIbJ9fjCxKGn2PVlc6m/SYoBS0mcgNYbJCOq5oAs2CagP8r
yqBMN2stiNxp8AIt5oEMy8pk/b2vSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB7b
2OpNsyqpV55FFfm6GuC4hNsWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zODUwRjVFMENEQTUxMUVGQkRCQThENTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP05MA0GCSqGSIb3DQEBCwUA
A4IBAQAel7mYCFNBIfeNF8a3l6266VMJBXSvOSOlhR7ORLAJOQk8O3wFh/d/cTM5
vZhIZ5+R+gpbLSOV3tGYaCZ2dzSQD581H3PSo4h6nx2gopVxrgJqQ1xHHVKA905w
zxVx8+BGXiMwpFofTXS4EDn5FHaQs35tiUaKig1oMb10Dl6cABicqquVKoyWDZJR
QUYSTAgl4S7iDyyZYx69jsTcV+W9t0AiTn8H7kSm8j9PJ7QWzQKxuBJSkaPBMGN/
turnoZYNzjM4fo2dkheq7wJS2JdSyrLlvxWqj+JUPV3H8ADf7EvIPotnEahfL5+9
lfE5ss6wMh96xW6raBuHYfmXAIYw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:39 2025 by rpki-client