Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38E8F51AD2F111EFA42C036A762E951A.roa
File: 38E8F51AD2F111EFA42C036A762E951A.roa (raw, json)
Hash identifier: MeUrmf66rx3vGyaIJNopao+TtsdFy7JVOK+RFs6Z0fE=
Subject key identifier: 67:2F:67:A3:09:27:95:7E:E3:B6:3E:0D:F5:4D:E6:0E:57:C8:68:02
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010781
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38E8F51AD2F111EFA42C036A762E951A.roa
Signing time: Wed 15 Jan 2025 03:31:36 +0000
ROA not before: Wed 15 Jan 2025 03:31:32 +0000
ROA not after: Sat 03 Jan 2026 03:31:32 +0000
asID: 984
IP address blocks: 156.243.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67457 (0x10781)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 03:31:32 2025 GMT
Not After : Jan 3 03:31:32 2026 GMT
Subject: CN=67872c17-6f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:69:da:4d:85:e9:d4:a1:bf:e5:c5:06:f0:cc:
89:9d:a4:40:11:69:f9:82:8d:8f:7b:b8:ef:66:89:
fa:87:d3:05:af:ac:3f:c3:c8:41:62:2b:fa:15:01:
f7:d2:61:f0:9d:a1:dc:a7:79:49:2f:7e:aa:fc:a6:
15:d0:ec:f6:30:aa:ee:79:1f:40:99:a4:ef:bd:2f:
f6:2d:de:b6:a1:03:91:bc:f9:97:4e:3c:16:15:5c:
66:8c:10:b7:c8:41:80:cd:0e:2b:da:bf:a4:38:36:
c3:b3:12:68:07:c4:9a:58:1d:22:83:85:1b:f9:8f:
43:6d:70:83:cc:bb:9e:db:c6:83:aa:6d:c1:b6:7d:
7c:2c:69:6e:4d:43:01:99:2c:f4:95:1a:0a:26:4b:
76:a5:ec:68:b0:ae:83:6a:05:62:9e:7e:e0:31:6f:
4f:be:66:c5:f5:19:74:f8:fe:5b:58:95:af:98:06:
c3:da:96:be:ee:fe:74:ca:36:01:b6:6e:77:af:75:
e2:92:e3:92:32:79:3e:fa:00:c7:a0:36:a0:bf:60:
0a:63:38:cf:bf:db:44:07:8d:9b:c4:ed:c4:79:6b:
42:54:d2:62:54:d1:04:c1:f9:60:4f:d0:7a:bd:9c:
f8:c8:b0:3f:a3:40:ab:42:87:d4:6a:e7:cf:83:36:
66:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:2F:67:A3:09:27:95:7E:E3:B6:3E:0D:F5:4D:E6:0E:57:C8:68:02
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/38E8F51AD2F111EFA42C036A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.98.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:82:03:bb:54:38:c9:95:11:3a:4d:d4:97:c5:e6:b8:90:1a:
07:51:7a:72:ac:c3:35:d9:c2:64:80:02:dd:90:53:ca:74:bd:
19:03:4f:38:8b:c7:eb:7e:17:af:71:60:f7:cd:2f:fe:5a:a3:
5f:7a:86:4f:fe:7d:ab:df:b4:0a:49:92:28:a5:bb:ba:69:4b:
50:c7:35:a4:3b:4c:d4:52:fe:47:3d:6d:1b:bc:48:bc:44:78:
39:11:0c:08:00:99:bb:01:6f:45:22:3d:c0:d9:11:a7:37:5d:
7d:3d:61:67:bc:ff:45:09:d4:a7:85:c1:a6:44:83:4f:a4:b4:
a9:45:af:23:31:2b:04:ec:04:49:ea:1e:74:1b:6f:f9:46:c1:
81:52:6e:dc:84:ef:20:b9:9b:c0:a0:1d:07:97:0c:6e:a3:21:
f5:13:29:f5:2b:8f:af:71:9f:c8:07:c5:96:fa:c6:02:35:57:
02:71:83:38:06:d8:b0:ad:a7:5d:12:8a:74:33:6b:b6:0c:36:
90:4b:8a:e0:f6:29:c3:0d:62:84:a0:30:5e:5c:59:ec:b4:75:
21:39:93:bc:2f:df:df:23:37:f3:13:33:f9:0d:59:0a:22:6f:
42:7e:42:34:88:5b:75:bf:32:ef:40:8d:33:db:32:a6:23:a8:
ff:f6:a3:b3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQeBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDMzMTMyWhcNMjYwMTAzMDMzMTMyWjAYMRYw
FAYDVQQDEw02Nzg3MmMxNy02Zjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo2naTYXp1KG/5cUG8MyJnaRAEWn5go2Pe7jvZon6h9MFr6w/w8hBYiv6
FQH30mHwnaHcp3lJL36q/KYV0Oz2MKrueR9AmaTvvS/2Ld62oQORvPmXTjwWFVxm
jBC3yEGAzQ4r2r+kODbDsxJoB8SaWB0ig4Ub+Y9DbXCDzLue28aDqm3Btn18LGlu
TUMBmSz0lRoKJkt2pexosK6DagVinn7gMW9PvmbF9Rl0+P5bWJWvmAbD2pa+7v50
yjYBtm53r3XikuOSMnk++gDHoDagv2AKYzjPv9tEB42bxO3EeWtCVNJiVNEEwflg
T9B6vZz4yLA/o0CrQofUaufPgzZmjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGcv
Z6MJJ5V+47Y+DfVN5g5XyGgCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOEU4RjUxQUQyRjExMUVGQTQyQzAzNkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNiMA0GCSqGSIb3DQEBCwUA
A4IBAQC4ggO7VDjJlRE6TdSXxea4kBoHUXpyrMM12cJkgALdkFPKdL0ZA084i8fr
fhevcWD3zS/+WqNfeoZP/n2r37QKSZIopbu6aUtQxzWkO0zUUv5HPW0bvEi8RHg5
EQwIAJm7AW9FIj3A2RGnN119PWFnvP9FCdSnhcGmRINPpLSpRa8jMSsE7ARJ6h50
G2/5RsGBUm7chO8guZvAoB0HlwxuoyH1Eyn1K4+vcZ/IB8WW+sYCNVcCcYM4Btiw
raddEop0M2u2DDaQS4rg9inDDWKEoDBeXFnstHUhOZO8L9/fIzfzEzP5DVkKIm9C
fkI0iFt1vzLvQI0z2zKmI6j/9qOz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:36 2025 by rpki-client