Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B3743B0CCC011EF8E8BC996762E951A.roa
File: 5B3743B0CCC011EF8E8BC996762E951A.roa (raw, json)
Hash identifier: 1lWvB9eSArgjYuRj5OYBYNOawcEr/SJ36Icwn0Puc+M=
Subject key identifier: 58:0D:09:D8:00:08:A6:64:D1:74:9A:CE:7D:46:E1:D4:D0:8D:BD:F0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA1C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B3743B0CCC011EF8E8BC996762E951A.roa
Signing time: Tue 07 Jan 2025 06:26:41 +0000
ROA not before: Tue 07 Jan 2025 06:26:37 +0000
ROA not after: Sat 13 Dec 2025 06:26:37 +0000
asID: 984
IP address blocks: 156.233.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64028 (0xfa1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 06:26:37 2025 GMT
Not After : Dec 13 06:26:37 2025 GMT
Subject: CN=677cc921-7f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b3:fe:d0:7a:23:74:83:42:85:fb:8e:e4:07:
ac:55:10:29:56:2b:c9:a4:cb:52:58:7f:90:1e:8d:
a1:94:bc:cf:32:ee:17:dd:7d:8a:fe:4a:dd:40:01:
29:82:7f:4b:5c:44:fe:da:5c:c0:a8:5e:2a:34:da:
d2:c8:2f:cb:b2:29:95:94:4d:46:a2:14:dd:57:f8:
7d:07:83:42:e5:b1:f6:4f:d2:29:80:b9:f7:98:b4:
0e:c1:ff:5c:70:9c:87:b0:d6:3b:52:ef:23:0b:e8:
f2:f7:d9:86:ab:40:33:48:4b:14:ae:92:08:ec:97:
bc:82:f6:96:00:99:50:96:76:15:9a:95:b7:8c:c1:
78:f6:8e:00:4d:ef:f3:90:2b:80:fe:9a:24:20:a7:
55:c3:65:53:a6:54:9f:22:2f:1e:01:2b:bf:48:7f:
db:55:c1:ed:4e:ee:39:4a:5d:36:4b:c4:f3:2f:8d:
3b:16:dc:85:0d:f1:ee:9a:45:95:27:f9:db:ad:e3:
96:34:c1:be:21:64:34:04:a6:5f:58:aa:7a:d0:9c:
47:a3:17:38:a8:d1:e2:57:70:4e:ca:c2:25:de:a8:
34:8b:95:83:f7:a8:41:ef:9e:df:66:1b:63:d9:f9:
db:13:76:1b:0e:f6:15:42:25:a4:15:bf:68:db:cb:
32:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:0D:09:D8:00:08:A6:64:D1:74:9A:CE:7D:46:E1:D4:D0:8D:BD:F0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B3743B0CCC011EF8E8BC996762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.37.0/24
Signature Algorithm: sha256WithRSAEncryption
02:f4:5b:6c:1b:af:24:a2:04:4f:40:3c:f6:d8:a3:72:22:8a:
e1:3d:11:36:4b:e9:ea:c1:a9:99:7c:9c:18:85:f4:98:f4:f1:
80:98:fc:63:db:fd:b9:57:66:e8:f5:ae:78:fa:16:ff:fb:42:
85:74:7c:10:23:13:d3:91:32:3d:1c:c5:5d:56:e5:d2:3c:fc:
ca:dd:7d:39:0e:cd:97:46:92:de:f0:dd:39:d5:9c:06:bf:41:
d5:84:bf:5c:58:b8:01:0a:04:4d:fe:bb:5d:12:3f:19:82:74:
1e:23:01:5c:f8:5e:e3:43:cf:6b:02:0f:cf:dc:ff:ae:2d:29:
88:20:63:e0:e0:41:23:cf:bd:23:fb:de:47:cc:92:63:b3:6f:
ad:a5:ce:b1:ca:95:d1:b4:bf:b4:98:a0:84:66:0b:0c:4b:89:
6e:30:8c:50:d3:57:e7:ed:d0:f4:c9:b3:e0:03:66:e9:07:a0:
a6:4a:a1:c9:f0:46:26:af:b8:e2:21:57:84:2d:df:fd:5f:d5:
6d:28:b2:a8:3c:b4:67:a6:27:c8:a3:22:c2:96:38:b8:c2:89:
2f:12:f8:9c:d8:df:e2:8e:f2:51:b6:4c:58:cb:14:04:5b:93:
5c:42:8a:9b:00:aa:e0:be:8a:2d:a0:cc:a5:f3:8f:e2:35:3b:
cd:07:b0:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPocMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDYyNjM3WhcNMjUxMjEzMDYyNjM3WjAYMRYw
FAYDVQQDEw02NzdjYzkyMS03ZjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqrP+0HojdINChfuO5AesVRApVivJpMtSWH+QHo2hlLzPMu4X3X2K/krd
QAEpgn9LXET+2lzAqF4qNNrSyC/LsimVlE1GohTdV/h9B4NC5bH2T9IpgLn3mLQO
wf9ccJyHsNY7Uu8jC+jy99mGq0AzSEsUrpII7Je8gvaWAJlQlnYVmpW3jMF49o4A
Te/zkCuA/pokIKdVw2VTplSfIi8eASu/SH/bVcHtTu45Sl02S8TzL407FtyFDfHu
mkWVJ/nbreOWNMG+IWQ0BKZfWKp60JxHoxc4qNHiV3BOysIl3qg0i5WD96hB757f
Zhtj2fnbE3YbDvYVQiWkFb9o28sy8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFgN
CdgACKZk0XSazn1G4dTQjb3wMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QjM3NDNCMENDQzAxMUVGOEU4QkM5OTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOklMA0GCSqGSIb3DQEBCwUA
A4IBAQAC9FtsG68kogRPQDz22KNyIorhPRE2S+nqwamZfJwYhfSY9PGAmPxj2/25
V2bo9a54+hb/+0KFdHwQIxPTkTI9HMVdVuXSPPzK3X05Ds2XRpLe8N051ZwGv0HV
hL9cWLgBCgRN/rtdEj8ZgnQeIwFc+F7jQ89rAg/P3P+uLSmIIGPg4EEjz70j+95H
zJJjs2+tpc6xypXRtL+0mKCEZgsMS4luMIxQ01fn7dD0ybPgA2bpB6CmSqHJ8EYm
r7jiIVeELd/9X9VtKLKoPLRnpifIoyLClji4wokvEvic2N/ijvJRtkxYyxQEW5Nc
QoqbAKrgvootoMyl84/iNTvNB7CS
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:33 2025 by rpki-client