Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48C557DACBD011EF9E4D6A95762E951A.roa
File: 48C557DACBD011EF9E4D6A95762E951A.roa (raw, json)
Hash identifier: N22axEfTEj9qbRtPT+XFZVIdUw02yuFDHRKdtd3W7q0=
Subject key identifier: 48:9B:AA:9F:2A:32:1C:E7:0B:3D:A9:84:E8:E9:FF:CB:D4:50:B2:BD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7C0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48C557DACBD011EF9E4D6A95762E951A.roa
Signing time: Mon 06 Jan 2025 01:48:11 +0000
ROA not before: Mon 06 Jan 2025 01:48:07 +0000
ROA not after: Sun 09 Feb 2025 01:48:07 +0000
asID: 203020
IP address blocks: 156.237.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63424 (0xf7c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 01:48:07 2025 GMT
Not After : Feb 9 01:48:07 2025 GMT
Subject: CN=677b365b-ba73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:bb:da:b1:f8:27:9e:6b:a8:78:97:d9:d7:70:
57:9c:2c:26:43:df:71:2b:a5:25:6b:47:17:a5:05:
59:3b:76:59:c4:54:b2:e3:4b:c2:1e:f0:d5:8f:d0:
02:5e:ad:84:34:36:2d:da:dd:b0:a8:8f:9b:c3:f7:
6f:4a:96:db:65:05:3f:29:26:14:63:ab:be:28:42:
82:63:c6:01:3f:6a:80:67:24:e9:70:eb:1c:a6:53:
60:c9:0a:a9:c0:a4:eb:c9:a1:d2:4e:f2:f7:10:51:
e8:24:33:ea:87:3a:fa:6f:fc:dd:6c:e3:bd:1b:f0:
0a:d6:20:10:4c:a5:a2:7a:b9:75:ec:93:48:cb:9c:
f9:5e:63:88:2a:f2:3b:43:99:57:f6:21:a1:24:a2:
b5:2f:43:46:58:90:62:c6:06:78:59:7b:f1:00:d2:
75:16:f3:3d:9e:c5:19:b7:7b:8a:54:cf:1b:fe:47:
5c:2c:b5:ee:dd:70:a5:df:8e:34:e9:9b:16:cf:45:
b0:4f:e9:fa:e4:f2:8e:32:f4:1a:23:1b:66:52:a5:
a4:44:93:e2:cc:ae:69:15:e9:f6:a1:c3:17:7a:a7:
0e:2c:00:95:10:27:ea:84:35:e9:c2:1c:3f:46:a7:
ff:f6:81:91:9c:bc:cb:05:b4:d4:89:db:d4:52:dd:
9d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9B:AA:9F:2A:32:1C:E7:0B:3D:A9:84:E8:E9:FF:CB:D4:50:B2:BD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48C557DACBD011EF9E4D6A95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.74.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:56:5d:e9:2d:ef:79:fd:55:5b:d7:6f:66:99:8f:52:b2:12:
40:11:78:84:95:4b:2f:1b:77:07:77:3b:58:1c:c5:64:a6:1b:
59:ac:11:58:db:31:bc:78:2d:15:7d:d4:6a:fd:3e:8f:d8:25:
f3:f5:a5:b1:e2:aa:93:55:29:1c:76:5b:39:e1:9a:85:d9:9b:
3f:e3:c7:d3:d9:86:c2:ef:c2:12:44:39:58:49:8c:4e:7c:a9:
87:52:80:c1:14:bc:76:88:74:36:80:d6:77:8e:e2:64:a8:2a:
94:78:4a:d6:f5:32:d4:8f:d6:72:dc:61:fe:e9:c9:56:ae:78:
99:2b:2c:a0:23:e2:7a:3d:5d:29:28:db:e0:a3:90:82:85:0d:
00:14:ae:67:40:0d:3e:da:1b:66:5a:ba:60:91:73:65:d0:77:
53:11:a6:38:ce:56:a2:57:16:46:9b:d5:2c:5d:e2:bc:8c:20:
3b:5c:6c:8a:5f:01:22:2a:f2:62:03:26:92:b1:c6:6d:c1:29:
d5:51:ee:b1:b9:dc:b6:8f:bd:f5:97:76:0c:22:6c:e9:5a:9a:
88:9f:72:e1:84:50:53:f0:67:ad:26:15:33:8d:e7:47:cc:d5:
31:40:ed:ec:13:79:c5:7f:7c:eb:16:d8:3b:7b:5b:e7:d9:14:
38:db:a4:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPfAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDE0ODA3WhcNMjUwMjA5MDE0ODA3WjAYMRYw
FAYDVQQDEw02NzdiMzY1Yi1iYTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3LvasfgnnmuoeJfZ13BXnCwmQ99xK6Ula0cXpQVZO3ZZxFSy40vCHvDV
j9ACXq2ENDYt2t2wqI+bw/dvSpbbZQU/KSYUY6u+KEKCY8YBP2qAZyTpcOscplNg
yQqpwKTryaHSTvL3EFHoJDPqhzr6b/zdbOO9G/AK1iAQTKWierl17JNIy5z5XmOI
KvI7Q5lX9iGhJKK1L0NGWJBixgZ4WXvxANJ1FvM9nsUZt3uKVM8b/kdcLLXu3XCl
34406ZsWz0WwT+n65PKOMvQaIxtmUqWkRJPizK5pFen2ocMXeqcOLACVECfqhDXp
whw/Rqf/9oGRnLzLBbTUidvUUt2duwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEib
qp8qMhznCz2phOjp/8vUULK9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OEM1NTdEQUNCRDAxMUVGOUU0RDZBOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO1KMA0GCSqGSIb3DQEBCwUA
A4IBAQC7Vl3pLe95/VVb129mmY9SshJAEXiElUsvG3cHdztYHMVkphtZrBFY2zG8
eC0VfdRq/T6P2CXz9aWx4qqTVSkcdls54ZqF2Zs/48fT2YbC78ISRDlYSYxOfKmH
UoDBFLx2iHQ2gNZ3juJkqCqUeErW9TLUj9Zy3GH+6clWrniZKyygI+J6PV0pKNvg
o5CChQ0AFK5nQA0+2htmWrpgkXNl0HdTEaY4zlaiVxZGm9UsXeK8jCA7XGyKXwEi
KvJiAyaSscZtwSnVUe6xudy2j731l3YMImzpWpqIn3LhhFBT8GetJhUzjedHzNUx
QO3sE3nFf3zrFtg7e1vn2RQ426TO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:36 2025 by rpki-client