Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A3E7A62C34911EFAB1F1170762E951A.roa
File: 5A3E7A62C34911EFAB1F1170762E951A.roa (raw, json)
Hash identifier: 4FEruSvZ2rsmxuN/nvLsoafYj5z/zCLosRsClk+e9Mk=
Subject key identifier: E8:72:F0:89:F6:C2:58:25:51:0E:31:BF:62:85:DA:F0:29:08:FC:0B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC2B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A3E7A62C34911EFAB1F1170762E951A.roa
Signing time: Thu 26 Dec 2024 05:22:09 +0000
ROA not before: Thu 26 Dec 2024 05:22:05 +0000
ROA not after: Wed 10 Dec 2025 05:22:05 +0000
asID: 984
IP address blocks: 156.245.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60459 (0xec2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:22:05 2024 GMT
Not After : Dec 10 05:22:05 2025 GMT
Subject: CN=676ce800-aa70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a5:30:fd:1b:f7:f1:7a:09:cb:ed:66:40:a4:
e3:0b:42:9e:fa:09:e7:74:8c:fe:c7:3b:05:ba:20:
fc:4d:e5:55:be:99:ba:fe:77:7a:fb:dd:37:74:41:
18:7e:98:f2:5b:3e:30:ec:63:67:96:0e:f6:dc:24:
ca:00:a5:df:46:d6:ae:7a:c6:47:97:d4:d2:f3:bc:
99:4d:d4:60:1e:41:46:09:92:c7:ed:c3:26:ac:00:
c6:30:ce:28:4d:dd:f7:43:d8:dc:56:85:fc:89:ad:
0f:5e:41:7b:3a:c7:cc:15:c7:e3:eb:cc:a2:e3:2a:
1c:33:a4:e7:85:f1:9e:d0:a3:16:83:16:9e:a6:72:
d1:fa:a7:55:7d:03:d9:41:61:d9:a7:c0:62:8c:20:
bd:b3:d4:43:a7:9d:2f:b8:34:6d:89:7d:0c:76:68:
ef:a5:4c:1e:4c:96:e5:21:34:7d:89:d5:01:60:a4:
5b:93:1f:c5:05:33:53:11:20:75:03:1e:15:47:d0:
e6:74:6a:8a:17:8e:c0:a2:9a:4a:b1:73:15:81:e8:
90:75:fa:1a:7a:12:ce:43:17:7b:5f:f6:4a:3d:f1:
2e:c8:58:b7:ee:73:e4:f1:21:14:e3:5a:60:47:8f:
0b:a5:8e:d9:48:14:90:eb:20:53:c9:e4:d9:da:e6:
f3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:72:F0:89:F6:C2:58:25:51:0E:31:BF:62:85:DA:F0:29:08:FC:0B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A3E7A62C34911EFAB1F1170762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.212.0/24
Signature Algorithm: sha256WithRSAEncryption
34:3a:fe:30:68:a2:5a:4f:f8:29:f5:d1:bc:d0:b8:f3:25:3c:
54:41:bc:0a:30:b1:04:44:ee:11:d7:9e:8f:b6:92:46:a3:de:
00:5e:ea:f4:a2:db:69:7b:ae:25:d9:b0:b7:d8:00:f5:4c:2f:
36:48:f4:7a:65:2a:27:0f:e8:f0:a5:bb:1f:a9:e4:cd:24:44:
0b:57:a9:34:6f:40:4d:f9:ec:f1:68:d1:58:81:32:1f:59:32:
85:bf:ac:62:15:5a:05:ff:f4:97:f8:e2:58:9f:9d:ab:1c:f1:
17:c8:94:dd:be:19:4f:ef:07:90:6f:50:43:a9:44:6f:0a:96:
bf:ca:f7:8c:16:6f:3a:3b:c5:a2:82:d5:b9:4b:2c:81:f8:0e:
36:a2:c0:80:63:9d:21:d5:97:0d:58:e3:56:e7:3c:c2:9a:01:
f7:94:0f:74:8f:29:45:4d:50:bf:44:66:ff:73:6f:d9:6c:c4:
17:96:cd:d0:12:65:b5:e4:ae:73:f0:17:21:77:58:1a:de:f8:
14:da:d8:7e:1b:be:da:5b:9b:c5:45:98:8b:5e:ec:99:c6:c3:
3a:c0:40:be:5b:ea:fe:3c:dc:b9:19:f5:36:27:42:f1:8f:fb:
27:94:b6:6c:b5:d9:6a:15:c3:16:b9:9f:e0:e8:5b:d4:80:ff:
5e:9a:ec:93
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOwrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUyMjA1WhcNMjUxMjEwMDUyMjA1WjAYMRYw
FAYDVQQDEw02NzZjZTgwMC1hYTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw6Uw/Rv38XoJy+1mQKTjC0Ke+gnndIz+xzsFuiD8TeVVvpm6/nd6+903
dEEYfpjyWz4w7GNnlg723CTKAKXfRtauesZHl9TS87yZTdRgHkFGCZLH7cMmrADG
MM4oTd33Q9jcVoX8ia0PXkF7OsfMFcfj68yi4yocM6TnhfGe0KMWgxaepnLR+qdV
fQPZQWHZp8BijCC9s9RDp50vuDRtiX0MdmjvpUweTJblITR9idUBYKRbkx/FBTNT
ESB1Ax4VR9DmdGqKF47AoppKsXMVgeiQdfoaehLOQxd7X/ZKPfEuyFi37nPk8SEU
41pgR48LpY7ZSBSQ6yBTyeTZ2ubzSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOhy
8In2wlglUQ4xv2KF2vApCPwLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTNFN0E2MkMzNDkxMUVGQUIxRjExNzA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPXUMA0GCSqGSIb3DQEBCwUA
A4IBAQA0Ov4waKJaT/gp9dG80LjzJTxUQbwKMLEERO4R156PtpJGo94AXur0ottp
e64l2bC32AD1TC82SPR6ZSonD+jwpbsfqeTNJEQLV6k0b0BN+ezxaNFYgTIfWTKF
v6xiFVoF//SX+OJYn52rHPEXyJTdvhlP7weQb1BDqURvCpa/yveMFm86O8WigtW5
SyyB+A42osCAY50h1ZcNWONW5zzCmgH3lA90jylFTVC/RGb/c2/ZbMQXls3QEmW1
5K5z8Bchd1ga3vgU2th+G77aW5vFRZiLXuyZxsM6wEC+W+r+PNy5GfU2J0Lxj/sn
lLZstdlqFcMWuZ/g6FvUgP9emuyT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:02 2025 by rpki-client