Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72D36C36C33011EFB6C9B14B762E951A.roa
File: 72D36C36C33011EFB6C9B14B762E951A.roa (raw, json)
Hash identifier: 1eIijh47/GewCU4pakwCDHgn/6jqC0sDEWuWsP+y8d8=
Subject key identifier: 11:41:E0:86:C6:A6:A6:A9:DB:2F:43:69:0B:BB:2E:83:10:24:25:E3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB07
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72D36C36C33011EFB6C9B14B762E951A.roa
Signing time: Thu 26 Dec 2024 02:23:52 +0000
ROA not before: Thu 26 Dec 2024 02:23:49 +0000
ROA not after: Wed 10 Dec 2025 02:23:49 +0000
asID: 984
IP address blocks: 156.243.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60167 (0xeb07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:23:49 2024 GMT
Not After : Dec 10 02:23:49 2025 GMT
Subject: CN=676cbe38-3c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:fa:69:32:ba:0a:47:7b:da:d4:63:8e:32:2f:
bf:ae:65:25:26:54:e8:e7:03:51:e4:40:7f:88:2a:
4f:ce:33:7f:ee:dd:b3:2a:79:12:a9:e7:85:57:3f:
36:c1:a2:aa:34:18:26:8c:b7:9b:44:0c:c3:cc:ca:
61:c5:21:bb:43:9e:1b:21:44:57:d1:bc:69:f6:f7:
5c:0b:ef:aa:19:e8:69:8f:15:c7:40:ba:2e:ca:14:
e4:34:2f:0f:1e:c7:e1:38:d9:ce:5b:2c:52:28:b1:
8c:2d:2f:13:b9:8d:fd:57:89:51:f2:d5:71:2c:8b:
24:d8:1f:59:5d:e0:1c:47:b0:a7:4f:02:ce:b8:bc:
90:b6:34:6c:11:8e:e0:3e:b3:a8:93:86:6d:2c:24:
5d:28:56:f1:b8:ac:f4:30:ce:7f:03:2a:fe:65:81:
c0:4d:f2:b1:5a:c0:c7:dc:6e:df:78:67:49:d7:fd:
71:19:21:97:22:81:56:a4:77:73:1f:65:0d:1f:98:
16:bb:f1:eb:a2:5d:da:0e:36:4f:2d:5e:03:f7:a8:
e4:7d:77:35:64:1d:67:80:96:a5:6f:8d:99:4c:0e:
d2:cb:89:41:ed:ba:88:b2:3c:fe:3f:94:24:16:9d:
ab:2f:55:c5:ea:b7:a8:d5:5b:09:9d:93:a8:d7:f2:
95:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:41:E0:86:C6:A6:A6:A9:DB:2F:43:69:0B:BB:2E:83:10:24:25:E3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/72D36C36C33011EFB6C9B14B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.240.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:3e:47:d5:f6:99:51:18:7e:85:eb:ad:f7:ba:94:90:01:31:
f5:f7:04:51:0f:ee:be:f2:b9:c4:bc:5a:87:d7:57:65:68:d2:
c7:30:12:31:4f:6e:af:52:41:7e:91:ec:1c:4f:34:95:dc:32:
76:9b:7f:eb:3c:67:1b:d1:50:0b:69:ac:5c:43:64:6e:c4:90:
de:72:f2:5f:53:5c:86:86:55:b7:1d:4a:01:40:44:79:dd:2b:
cf:c6:8a:a2:01:9f:d7:7b:2f:e1:cb:d9:5f:8a:8e:09:d2:26:
99:5d:df:42:03:42:19:6c:db:7c:f6:25:3e:c1:e2:36:41:1b:
d8:f4:49:33:49:72:65:19:93:3a:19:db:2b:f8:c1:d0:7b:b5:
88:7f:19:1e:3b:5a:2a:36:9a:2b:12:18:1b:c6:2e:96:86:aa:
14:4b:12:49:d3:fe:13:fc:28:69:8a:de:69:67:7b:ea:0a:1f:
14:f6:0e:72:0d:68:cb:68:78:48:0d:16:da:5c:b3:30:f4:8a:
05:c3:6a:b1:17:5f:07:12:82:45:36:fc:23:81:6f:f5:5b:2c:
6b:e8:e3:82:f0:7b:af:22:75:ed:f3:1b:87:0e:77:82:a4:31:
28:a4:c4:59:09:e5:99:b4:59:97:ff:84:34:1d:7a:83:cf:09:
77:0f:ad:16
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOsHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIyMzQ5WhcNMjUxMjEwMDIyMzQ5WjAYMRYw
FAYDVQQDEw02NzZjYmUzOC0zYzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9fppMroKR3va1GOOMi+/rmUlJlTo5wNR5EB/iCpPzjN/7t2zKnkSqeeF
Vz82waKqNBgmjLebRAzDzMphxSG7Q54bIURX0bxp9vdcC++qGehpjxXHQLouyhTk
NC8PHsfhONnOWyxSKLGMLS8TuY39V4lR8tVxLIsk2B9ZXeAcR7CnTwLOuLyQtjRs
EY7gPrOok4ZtLCRdKFbxuKz0MM5/Ayr+ZYHATfKxWsDH3G7feGdJ1/1xGSGXIoFW
pHdzH2UNH5gWu/Hrol3aDjZPLV4D96jkfXc1ZB1ngJalb42ZTA7Sy4lB7bqIsjz+
P5QkFp2rL1XF6reo1VsJnZOo1/KVuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBFB
4IbGpqap2y9DaQu7LoMQJCXjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MkQzNkMzNkMzMzAxMUVGQjZDOUIxNEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPwMA0GCSqGSIb3DQEBCwUA
A4IBAQA+PkfV9plRGH6F6633upSQATH19wRRD+6+8rnEvFqH11dlaNLHMBIxT26v
UkF+kewcTzSV3DJ2m3/rPGcb0VALaaxcQ2RuxJDecvJfU1yGhlW3HUoBQER53SvP
xoqiAZ/Xey/hy9lfio4J0iaZXd9CA0IZbNt89iU+weI2QRvY9EkzSXJlGZM6Gdsr
+MHQe7WIfxkeO1oqNporEhgbxi6WhqoUSxJJ0/4T/Chpit5pZ3vqCh8U9g5yDWjL
aHhIDRbaXLMw9IoFw2qxF18HEoJFNvwjgW/1Wyxr6OOC8HuvInXt8xuHDneCpDEo
pMRZCeWZtFmX/4Q0HXqDzwl3D60W
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:20 2025 by rpki-client