Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C72E97AC9C111EF92078994762E951A.roa
File: 5C72E97AC9C111EF92078994762E951A.roa (raw, json)
Hash identifier: /UESCfaeH0of6Eobb/AOwR5jajTBgYkDGvRrZUQ92T4=
Subject key identifier: 45:5B:51:14:CC:4A:DA:E5:3D:86:9C:4D:39:8B:3F:92:A4:7F:02:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F6E3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C72E97AC9C111EF92078994762E951A.roa
Signing time: Fri 03 Jan 2025 10:56:19 +0000
ROA not before: Fri 03 Jan 2025 10:56:15 +0000
ROA not after: Wed 09 Apr 2025 10:56:15 +0000
asID: 272018
IP address blocks: 156.235.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63203 (0xf6e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 10:56:15 2025 GMT
Not After : Apr 9 10:56:15 2025 GMT
Subject: CN=6777c253-24fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:37:73:63:a5:10:4b:c6:70:44:4c:f9:ac:2e:
e9:5f:2c:62:31:d0:28:f8:d2:b9:1d:ce:e7:de:69:
f1:f8:f3:32:7d:26:04:66:2c:7f:ff:a0:92:cd:94:
7b:fc:dd:ca:13:c7:16:27:72:b1:b0:b6:88:18:54:
be:cf:92:ba:2d:79:12:71:f5:96:f2:e4:58:8d:2c:
4c:c0:e5:36:da:64:98:52:a7:6f:5f:c9:a8:e1:d7:
30:c7:03:85:14:ad:5d:f2:46:e0:e5:56:0a:8c:78:
75:fe:18:d1:f9:68:9e:a2:c4:71:f4:94:3a:a2:d2:
73:68:9d:a8:e9:e2:26:5f:71:c7:cc:1b:3b:a3:09:
9c:ec:c7:2d:e7:ff:2b:e0:44:3d:b5:97:10:5d:c4:
6c:ba:55:e1:be:a2:3b:e3:07:f6:26:07:ca:1d:38:
76:cb:0d:7d:8c:ce:a9:d6:57:00:c0:c6:db:2e:a8:
90:d9:3e:c3:79:5a:58:13:fe:90:9c:ef:d5:c4:de:
00:e9:ff:9f:37:4f:d1:0e:f5:14:04:77:1d:98:82:
d6:20:7a:58:b3:7a:15:aa:65:17:3d:fa:a4:4b:ae:
4e:7c:40:03:d0:f3:3a:45:0e:3a:a2:bc:3a:e5:09:
dd:bb:bc:bb:f1:2d:35:81:62:b3:e4:87:42:d8:79:
0b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:5B:51:14:CC:4A:DA:E5:3D:86:9C:4D:39:8B:3F:92:A4:7F:02:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5C72E97AC9C111EF92078994762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.90.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ea:b1:06:c5:76:b1:4a:53:9c:ba:82:06:b9:45:82:77:12:
2d:c3:c8:c1:07:1f:40:f9:01:87:a9:59:a1:c0:a0:fc:ed:46:
c8:81:aa:99:90:68:a3:d0:b6:d2:ca:70:2a:e0:0c:75:34:31:
51:98:d5:89:b0:62:a3:99:25:a8:b4:b9:c1:b0:23:e7:ea:4b:
20:76:ab:48:86:07:bd:b1:1b:4e:8d:1c:9a:91:e6:ec:b1:77:
a4:05:b6:8f:94:ac:8d:32:4b:65:90:95:77:20:66:6c:3b:5e:
2c:66:ab:d6:74:d0:98:dc:ea:0a:43:fb:4a:45:b7:ce:b7:9f:
73:41:be:9d:83:db:7b:74:a9:4c:cb:7b:d8:48:89:db:30:b6:
4b:26:b7:a2:0e:6b:da:c8:0b:df:1b:06:5c:d5:fb:a1:a2:92:
36:30:3b:1c:09:f8:12:ae:6b:8a:de:1d:ce:45:6c:e3:21:3e:
fd:7f:45:7e:1e:0d:49:96:56:c8:06:93:d0:a9:9c:83:14:ba:
86:07:9e:c6:ce:2b:e1:73:70:6e:a3:d3:78:79:71:bf:69:30:
eb:48:19:81:e4:ec:39:98:d7:51:cb:50:f6:4d:92:bd:24:2d:
c7:14:ec:02:8d:76:24:4a:45:fe:6f:a8:a0:7f:f5:76:d5:1c:
6b:a3:ad:8e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPbjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMTA1NjE1WhcNMjUwNDA5MTA1NjE1WjAYMRYw
FAYDVQQDEw02Nzc3YzI1My0yNGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6zdzY6UQS8ZwREz5rC7pXyxiMdAo+NK5Hc7n3mnx+PMyfSYEZix//6CS
zZR7/N3KE8cWJ3KxsLaIGFS+z5K6LXkScfWW8uRYjSxMwOU22mSYUqdvX8mo4dcw
xwOFFK1d8kbg5VYKjHh1/hjR+WieosRx9JQ6otJzaJ2o6eImX3HHzBs7owmc7Mct
5/8r4EQ9tZcQXcRsulXhvqI74wf2JgfKHTh2yw19jM6p1lcAwMbbLqiQ2T7DeVpY
E/6QnO/VxN4A6f+fN0/RDvUUBHcdmILWIHpYs3oVqmUXPfqkS65OfEAD0PM6RQ46
orw65Qndu7y78S01gWKz5IdC2HkLPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEVb
URTMStrlPYacTTmLP5KkfwLuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QzcyRTk3QUM5QzExMUVGOTIwNzg5OTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOtaMA0GCSqGSIb3DQEBCwUA
A4IBAQAK6rEGxXaxSlOcuoIGuUWCdxItw8jBBx9A+QGHqVmhwKD87UbIgaqZkGij
0LbSynAq4Ax1NDFRmNWJsGKjmSWotLnBsCPn6ksgdqtIhge9sRtOjRyakebssXek
BbaPlKyNMktlkJV3IGZsO14sZqvWdNCY3OoKQ/tKRbfOt59zQb6dg9t7dKlMy3vY
SInbMLZLJreiDmvayAvfGwZc1fuhopI2MDscCfgSrmuK3h3ORWzjIT79f0V+Hg1J
llbIBpPQqZyDFLqGB57Gzivhc3Buo9N4eXG/aTDrSBmB5Ow5mNdRy1D2TZK9JC3H
FOwCjXYkSkX+b6igf/V21Rxro62O
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:20 2025 by rpki-client