Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5BB3BF38CE4811EFA75C3B67762E951A.roa
File: 5BB3BF38CE4811EFA75C3B67762E951A.roa (raw, json)
Hash identifier: n5yy9MO7C4vYFJLw6C8xJqTBtGL1m1H8R2kA/D/VzC4=
Subject key identifier: 62:60:46:9A:D6:2F:85:70:40:4A:13:00:13:06:10:9E:B4:B0:CE:59
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102A7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5BB3BF38CE4811EFA75C3B67762E951A.roa
Signing time: Thu 09 Jan 2025 05:12:44 +0000
ROA not before: Thu 09 Jan 2025 05:12:41 +0000
ROA not after: Fri 09 Jan 2026 05:12:41 +0000
asID: 17561
IP address blocks: 156.238.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66215 (0x102a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 05:12:41 2025 GMT
Not After : Jan 9 05:12:41 2026 GMT
Subject: CN=677f5acc-9654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:31:60:5b:ae:6a:44:f8:f4:b6:a0:a2:2b:1a:
9c:ad:be:2d:cb:5d:d1:2d:40:10:05:e5:73:3a:c3:
6d:5c:04:4b:f1:d1:5f:d6:e0:79:66:d0:a7:a0:ed:
f4:7d:98:58:06:96:6a:7f:29:8e:d0:d5:79:62:4d:
dc:bb:8a:f4:5a:9a:04:62:aa:25:5e:4a:45:7f:5a:
54:fb:4e:6c:92:be:e1:76:cb:59:b5:c3:69:0f:2e:
af:28:3f:a9:b1:63:ef:ce:00:ca:c3:57:7d:5b:3b:
28:25:68:73:86:ca:c6:dd:91:ff:16:42:ff:57:58:
55:a5:bc:e1:2a:ed:ad:19:db:4a:1f:9a:30:97:95:
dc:38:24:c7:f7:ac:dc:8b:8c:7a:4a:fd:cf:0b:3f:
37:01:1a:f2:c8:91:e0:d3:23:4a:0e:ff:bc:39:f0:
4b:ee:d2:6f:c1:ca:c6:6d:57:ae:ab:78:56:91:f3:
c4:a9:c3:8d:92:01:7d:7b:c3:a2:af:bd:72:69:5f:
21:5b:7b:47:aa:24:93:36:73:67:61:16:cb:e7:e5:
09:c5:22:5a:90:a1:0e:ff:a7:c9:6e:f4:7d:82:08:
50:a2:9a:e8:94:59:3d:27:26:8d:7c:41:d4:78:b8:
9e:26:8e:09:ef:ad:53:25:e1:6f:ce:c7:54:20:79:
08:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:60:46:9A:D6:2F:85:70:40:4A:13:00:13:06:10:9E:B4:B0:CE:59
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5BB3BF38CE4811EFA75C3B67762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.39.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:e7:f0:be:5f:4c:5d:48:58:23:ce:d3:a7:e9:77:4e:57:56:
a5:aa:b5:ea:85:e3:2c:bb:35:60:28:0c:c2:03:cd:23:b1:e1:
aa:e3:03:a3:5a:f4:4c:e7:f8:24:78:51:f1:53:81:05:86:a7:
a3:9a:a9:61:59:b7:11:c7:f8:40:dd:f2:bb:34:59:9b:eb:92:
e6:c1:3d:84:20:63:2e:33:62:65:d9:e8:47:41:a5:d3:74:a7:
8d:db:dc:6f:d5:1e:59:0a:62:1c:00:06:62:6b:84:92:06:c3:
af:d9:e5:48:d2:e2:a7:c8:1b:0a:65:4b:d3:47:0d:e5:87:01:
98:f7:b9:05:70:0c:78:aa:93:e5:a9:b0:94:fd:2d:db:22:9d:
95:69:9d:5e:88:f2:5e:c6:bf:fb:30:d6:2a:90:c7:95:52:63:
ff:7a:14:39:e1:31:d6:6b:c3:c0:bf:5e:8c:57:44:e2:b8:15:
81:60:7a:d9:dc:46:b3:1a:b1:ba:17:d0:26:a1:e7:f1:78:2a:
8a:7d:a0:93:d6:3d:a8:01:22:04:9f:8b:2d:23:b6:83:1a:eb:
67:a1:4a:72:f7:ad:42:d4:00:a4:1d:ff:48:fb:4c:c3:30:e3:
a6:18:76:e5:89:80:a1:50:fe:8b:1d:c9:e5:ff:c3:59:82:10:
89:52:c7:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQKnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDUxMjQxWhcNMjYwMTA5MDUxMjQxWjAYMRYw
FAYDVQQDEw02NzdmNWFjYy05NjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0DFgW65qRPj0tqCiKxqcrb4ty13RLUAQBeVzOsNtXARL8dFf1uB5ZtCn
oO30fZhYBpZqfymO0NV5Yk3cu4r0WpoEYqolXkpFf1pU+05skr7hdstZtcNpDy6v
KD+psWPvzgDKw1d9WzsoJWhzhsrG3ZH/FkL/V1hVpbzhKu2tGdtKH5owl5XcOCTH
96zci4x6Sv3PCz83ARryyJHg0yNKDv+8OfBL7tJvwcrGbVeuq3hWkfPEqcONkgF9
e8Oir71yaV8hW3tHqiSTNnNnYRbL5+UJxSJakKEO/6fJbvR9gghQoprolFk9JyaN
fEHUeLieJo4J761TJeFvzsdUIHkIqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGJg
RprWL4VwQEoTABMGEJ60sM5ZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QkIzQkYzOENFNDgxMUVGQTc1QzNCNjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4nMA0GCSqGSIb3DQEBCwUA
A4IBAQCO5/C+X0xdSFgjztOn6XdOV1alqrXqheMsuzVgKAzCA80jseGq4wOjWvRM
5/gkeFHxU4EFhqejmqlhWbcRx/hA3fK7NFmb65LmwT2EIGMuM2Jl2ehHQaXTdKeN
29xv1R5ZCmIcAAZia4SSBsOv2eVI0uKnyBsKZUvTRw3lhwGY97kFcAx4qpPlqbCU
/S3bIp2VaZ1eiPJexr/7MNYqkMeVUmP/ehQ54THWa8PAv16MV0TiuBWBYHrZ3Eaz
GrG6F9AmoefxeCqKfaCT1j2oASIEn4stI7aDGutnoUpy961C1ACkHf9I+0zDMOOm
GHbliYChUP6LHcnl/8NZghCJUseP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:38 2025 by rpki-client