Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A195A48BB7B11EF93FE38A9762E951A.roa
File: 3A195A48BB7B11EF93FE38A9762E951A.roa (raw, json)
Hash identifier: 2FUWZuyZg5GJYW3iLZeoar3ToNn1rNYu7iRVPV5G78w=
Subject key identifier: 07:8D:F9:5E:26:F8:06:A7:77:1E:F5:4F:5B:B0:75:80:C8:FB:A9:04
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E420
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A195A48BB7B11EF93FE38A9762E951A.roa
Signing time: Mon 16 Dec 2024 06:59:00 +0000
ROA not before: Mon 16 Dec 2024 06:58:57 +0000
ROA not after: Tue 04 Mar 2025 06:58:57 +0000
asID: 138152
IP address blocks: 156.236.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58400 (0xe420)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 16 06:58:57 2024 GMT
Not After : Mar 4 06:58:57 2025 GMT
Subject: CN=675fcfb4-0757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e9:37:b5:91:15:8b:a2:d9:09:2f:e4:22:db:
1c:80:6f:7b:6e:6d:0e:83:f6:ab:f7:cd:0b:ec:c9:
c5:a0:d7:c9:d7:53:e6:0f:ff:7b:4a:10:dc:6d:fd:
03:ff:b9:74:a0:b2:b2:bf:9a:a3:ab:93:ba:06:1b:
f7:9b:2d:e3:fb:9e:85:b1:42:36:a5:0f:2d:27:64:
07:f1:04:a1:1d:ea:7e:c7:eb:5b:20:a3:a8:40:58:
a6:9f:61:d2:b8:07:99:d7:ce:44:38:6e:08:a5:2a:
74:d4:e3:51:f7:8e:04:59:4a:40:1a:d1:9f:f0:5d:
ed:2a:bb:5d:0a:77:1d:4f:48:fd:5a:fb:c5:9c:66:
e1:6d:c3:07:90:da:c3:9d:da:b2:f3:6f:61:ae:6d:
be:14:71:07:3a:53:e1:50:25:f4:8b:84:cc:76:77:
f3:f2:ed:18:bf:96:ec:61:3b:a8:8e:7c:44:ae:06:
b2:ba:80:6e:97:30:c6:8b:e2:92:3c:c2:89:01:2e:
cb:b3:d1:f5:f8:02:8b:e4:78:58:31:be:37:b0:92:
ee:1c:fa:3c:ca:5f:1f:1b:a8:bb:23:91:4d:d0:07:
7e:b7:ff:ce:e3:88:b4:3e:94:9d:dc:f8:1b:7d:7b:
b3:c8:71:84:87:e8:69:77:da:11:85:f3:21:d0:11:
8a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8D:F9:5E:26:F8:06:A7:77:1E:F5:4F:5B:B0:75:80:C8:FB:A9:04
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A195A48BB7B11EF93FE38A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.72.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:9f:cb:09:db:42:82:b6:9e:ef:62:64:d8:6e:31:eb:4b:d1:
0c:8c:27:2a:76:78:84:1e:ba:5b:d6:52:1e:9a:ac:b1:93:a6:
7b:d7:bf:d7:2c:51:99:db:f0:38:05:27:05:cb:b6:45:31:7f:
c7:48:b2:80:35:60:88:d5:22:b8:ee:fa:df:0f:97:87:28:7e:
1d:92:c1:4d:e1:e8:b6:96:1b:5a:dc:13:75:6c:e4:91:e9:7c:
46:5d:6f:7d:3a:76:d9:0b:20:b1:d0:17:38:26:4f:b3:bc:97:
c0:fe:72:fe:25:38:02:61:18:7c:76:d4:e5:82:2d:63:ed:b7:
bc:4a:29:74:52:d0:52:e3:fa:1f:5e:f0:e9:b7:84:22:5a:4f:
68:88:d6:85:53:0c:46:15:e3:cf:fd:2c:a1:2f:49:ef:3a:e0:
db:28:11:3e:97:97:7c:d2:99:18:c1:a7:f5:9a:2e:4f:97:fb:
bf:1f:20:6e:64:8e:45:dc:e6:a4:0d:ed:f2:10:08:80:50:cb:
7a:99:76:40:12:2b:19:90:de:20:be:ac:86:67:0d:50:20:4b:
ba:aa:69:29:af:a2:6b:7c:da:46:0d:55:36:0e:30:f5:a9:73:
be:f9:cb:ad:e7:ce:e1:19:ef:b9:52:6b:3a:63:a3:56:40:a9:
81:e4:3c:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOQgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjE2MDY1ODU3WhcNMjUwMzA0MDY1ODU3WjAYMRYw
FAYDVQQDEw02NzVmY2ZiNC0wNzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Ok3tZEVi6LZCS/kItscgG97bm0Og/ar980L7MnFoNfJ11PmD/97ShDc
bf0D/7l0oLKyv5qjq5O6Bhv3my3j+56FsUI2pQ8tJ2QH8QShHep+x+tbIKOoQFim
n2HSuAeZ185EOG4IpSp01ONR944EWUpAGtGf8F3tKrtdCncdT0j9WvvFnGbhbcMH
kNrDndqy829hrm2+FHEHOlPhUCX0i4TMdnfz8u0Yv5bsYTuojnxErgayuoBulzDG
i+KSPMKJAS7Ls9H1+AKL5HhYMb43sJLuHPo8yl8fG6i7I5FN0Ad+t//O44i0PpSd
3PgbfXuzyHGEh+hpd9oRhfMh0BGKuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAeN
+V4m+Aandx71T1uwdYDI+6kEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTE5NUE0OEJCN0IxMUVGOTNGRTM4QTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOxIMA0GCSqGSIb3DQEBCwUA
A4IBAQCgn8sJ20KCtp7vYmTYbjHrS9EMjCcqdniEHrpb1lIemqyxk6Z717/XLFGZ
2/A4BScFy7ZFMX/HSLKANWCI1SK47vrfD5eHKH4dksFN4ei2lhta3BN1bOSR6XxG
XW99OnbZCyCx0Bc4Jk+zvJfA/nL+JTgCYRh8dtTlgi1j7be8Sil0UtBS4/ofXvDp
t4QiWk9oiNaFUwxGFePP/SyhL0nvOuDbKBE+l5d80pkYwaf1mi5Pl/u/HyBuZI5F
3OakDe3yEAiAUMt6mXZAEisZkN4gvqyGZw1QIEu6qmkpr6JrfNpGDVU2DjD1qXO+
+cut587hGe+5Ums6Y6NWQKmB5DzE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:25 2025 by rpki-client