Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B311FF4D2F011EFBE8DB065762E951A.roa
File: 5B311FF4D2F011EFBE8DB065762E951A.roa (raw, json)
Hash identifier: rsGVWANXUdL/U4RBTqaQ1V2c53HWAOPkasZiBtjYGI0=
Subject key identifier: 22:B8:17:4F:14:96:A3:79:5B:07:BF:D4:70:0B:42:B9:7D:77:F7:FC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01077B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B311FF4D2F011EFBE8DB065762E951A.roa
Signing time: Wed 15 Jan 2025 03:25:24 +0000
ROA not before: Wed 15 Jan 2025 03:25:20 +0000
ROA not after: Mon 03 Jan 2028 03:25:20 +0000
asID: 17561
IP address blocks: 156.241.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67451 (0x1077b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 03:25:20 2025 GMT
Not After : Jan 3 03:25:20 2028 GMT
Subject: CN=67872aa3-6c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:77:cb:c0:fb:84:1c:c8:f4:bb:ce:8d:f0:f0:
c3:dd:9e:7f:e4:8d:6f:96:f8:49:72:33:8f:29:30:
3b:6f:99:7a:3e:ea:bf:75:13:38:bf:5e:ba:c6:9a:
27:8f:d0:b1:92:7e:d9:62:3c:3b:60:da:96:7d:40:
2e:c0:72:36:e9:94:28:1c:8d:d8:dc:4c:24:c7:a9:
69:49:71:d3:d6:93:10:af:c5:eb:91:ea:85:ee:92:
bb:b7:d7:d3:fb:f9:3b:43:9b:fc:37:b1:d2:67:93:
2f:45:64:ea:47:0c:b1:ec:4b:c5:cc:7f:5e:46:7c:
4f:00:fd:b6:ac:f2:e1:40:f6:1d:94:c3:83:d7:76:
2f:6d:6e:c2:db:57:ce:3d:d0:1d:a6:20:b8:70:c3:
36:52:2b:61:fb:8a:f5:ce:ff:f4:ca:c3:4f:14:c5:
81:a2:85:73:bc:c3:33:72:3f:6c:6e:bd:65:f8:87:
6c:09:9d:51:9c:21:b5:1f:54:a4:0b:d2:21:fa:ca:
90:4b:f7:d4:f4:8c:3e:23:bc:84:df:f5:64:0c:46:
e9:26:c4:e3:a6:c5:f0:c0:cc:ab:f7:26:d8:ef:08:
8f:04:50:96:f6:30:64:2f:90:d6:4e:91:99:5a:68:
b7:c2:a9:e4:8c:b3:7a:78:2f:4a:a3:b9:1f:6e:88:
6f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B8:17:4F:14:96:A3:79:5B:07:BF:D4:70:0B:42:B9:7D:77:F7:FC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B311FF4D2F011EFBE8DB065762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.237.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:e3:0c:5f:2f:41:a9:5b:96:ca:f6:b9:cf:c2:27:57:c5:b6:
f9:db:d8:d5:fa:d3:3e:78:46:eb:ca:8b:49:f4:da:f1:fb:5d:
6c:7a:c6:12:80:0c:9d:77:e2:fe:ce:20:48:13:7c:e8:38:13:
9d:5d:ed:0c:71:17:77:31:2e:28:15:92:1e:26:01:46:90:7f:
b1:e4:15:b0:bc:62:3f:a4:45:9e:b0:bb:e1:f1:e7:59:a1:d4:
60:46:65:1c:74:fa:03:e9:aa:f9:c2:9a:40:b1:be:ee:6f:8b:
67:fb:26:f0:2b:8a:68:9f:0f:d9:16:96:96:4c:de:a3:29:54:
b2:ca:8b:a7:40:26:f1:d0:d7:29:0d:92:1f:ed:8e:6b:c3:a7:
80:b5:04:72:0a:c1:5e:4a:56:88:2d:c9:f5:61:a1:b0:e2:72:
06:a8:f3:31:52:d2:2e:ad:c7:88:9c:10:96:96:f7:56:e6:bd:
15:31:35:e9:55:8b:ee:2d:1c:6a:c2:81:11:57:43:95:22:ca:
d7:26:5c:81:71:c2:ba:f1:ce:97:7d:3a:28:c5:b5:01:19:34:
ba:99:5b:12:f2:c1:4f:1d:9b:d9:33:fa:c7:e4:04:f7:f7:0a:
fd:f3:6a:fe:83:9c:3c:be:4b:ec:a4:02:9d:c5:96:62:f1:66:
00:5a:20:a8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQd7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDMyNTIwWhcNMjgwMTAzMDMyNTIwWjAYMRYw
FAYDVQQDEw02Nzg3MmFhMy02YzFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqXfLwPuEHMj0u86N8PDD3Z5/5I1vlvhJcjOPKTA7b5l6Puq/dRM4v166
xponj9Cxkn7ZYjw7YNqWfUAuwHI26ZQoHI3Y3Ewkx6lpSXHT1pMQr8XrkeqF7pK7
t9fT+/k7Q5v8N7HSZ5MvRWTqRwyx7EvFzH9eRnxPAP22rPLhQPYdlMOD13YvbW7C
21fOPdAdpiC4cMM2Uith+4r1zv/0ysNPFMWBooVzvMMzcj9sbr1l+IdsCZ1RnCG1
H1SkC9Ih+sqQS/fU9Iw+I7yE3/VkDEbpJsTjpsXwwMyr9ybY7wiPBFCW9jBkL5DW
TpGZWmi3wqnkjLN6eC9Ko7kfbohvlQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCK4
F08UlqN5Wwe/1HALQrl9d/f8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QjMxMUZGNEQyRjAxMUVGQkU4REIwNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPHtMA0GCSqGSIb3DQEBCwUA
A4IBAQBP4wxfL0GpW5bK9rnPwidXxbb529jV+tM+eEbryotJ9Nrx+11sesYSgAyd
d+L+ziBIE3zoOBOdXe0McRd3MS4oFZIeJgFGkH+x5BWwvGI/pEWesLvh8edZodRg
RmUcdPoD6ar5wppAsb7ub4tn+ybwK4ponw/ZFpaWTN6jKVSyyounQCbx0NcpDZIf
7Y5rw6eAtQRyCsFeSlaILcn1YaGw4nIGqPMxUtIurceInBCWlvdW5r0VMTXpVYvu
LRxqwoERV0OVIsrXJlyBccK68c6XfTooxbUBGTS6mVsS8sFPHZvZM/rH5AT39wr9
82r+g5w8vkvspAKdxZZi8WYAWiCo
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:01 2025 by rpki-client