Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/732BF68ED24511EFADB380A3762E951A.roa
File: 732BF68ED24511EFADB380A3762E951A.roa (raw, json)
Hash identifier: xyOOiBsKbC74L6E97nYISgntDLHn629L/B+C4lqjeh0=
Subject key identifier: 6E:40:AF:4C:83:EE:C3:4F:43:EF:71:33:9F:8A:EC:4C:AA:48:59:E6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0106CC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/732BF68ED24511EFADB380A3762E951A.roa
Signing time: Tue 14 Jan 2025 07:02:00 +0000
ROA not before: Tue 14 Jan 2025 07:01:56 +0000
ROA not after: Thu 15 May 2025 07:01:56 +0000
asID: 137951
IP address blocks: 156.224.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67276 (0x106cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 14 07:01:56 2025 GMT
Not After : May 15 07:01:56 2025 GMT
Subject: CN=67860be8-bc7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c6:03:8c:cb:73:13:a4:8a:2e:f4:84:77:71:
53:0a:fa:25:3f:c5:a6:cf:15:1b:af:06:55:f7:2f:
38:2c:43:7d:c1:9a:7d:8f:8e:30:6f:8e:80:f2:00:
4f:57:6b:be:3f:28:23:55:1d:0c:20:91:84:4e:24:
78:23:2b:4e:e6:75:f4:f1:eb:1f:a4:ea:57:32:a6:
a5:0e:7a:15:23:40:e4:a3:7a:ee:d0:0a:eb:ee:a9:
08:a3:94:ea:63:14:36:7d:e4:48:37:11:21:26:2a:
2c:2c:d3:c0:02:aa:fc:46:3d:c8:02:08:5f:03:d7:
3d:d3:44:09:14:2d:a2:d2:f0:1d:b9:d3:83:1b:ea:
78:f3:38:2a:0d:cc:96:65:ff:3e:d3:5b:d4:8b:69:
82:d5:a1:47:37:70:01:75:37:d2:97:2f:d6:5d:91:
61:d3:37:a7:6d:bf:2d:09:d8:83:19:24:55:6c:35:
72:a2:ed:96:99:63:40:d3:19:1f:6d:c3:cf:61:e2:
12:43:8a:84:4a:3c:73:b4:40:d1:cb:a7:4e:88:bb:
d8:1f:48:86:ed:d2:ec:99:dd:f8:0b:d8:7b:3b:b5:
cc:b9:33:52:38:8f:2a:5d:99:29:fa:f6:b1:ed:db:
98:f5:08:0e:95:9b:bc:b0:e9:55:d1:e2:70:7a:5f:
51:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:40:AF:4C:83:EE:C3:4F:43:EF:71:33:9F:8A:EC:4C:AA:48:59:E6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/732BF68ED24511EFADB380A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.32.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:46:e8:88:1b:85:26:fc:ab:9c:c7:5c:f6:3e:c3:ce:57:58:
e9:c5:1d:04:3e:da:44:a6:c2:70:c9:f9:20:0b:b6:98:6d:f2:
e2:0e:dc:f0:11:9b:ea:5e:91:01:df:dc:ea:83:3e:e9:9c:66:
8b:30:e1:0a:5b:00:18:52:e3:76:f1:0a:cf:d2:7b:7b:79:db:
f2:9a:39:1f:2f:e1:10:e5:68:20:41:39:3f:95:97:8e:f9:c2:
dc:b4:59:01:a4:c1:22:ce:b1:5f:11:ac:03:44:ef:43:f5:85:
46:62:14:db:99:d6:a0:ab:da:41:2b:91:bc:5f:e2:ed:de:02:
97:76:fd:1a:3d:52:4a:88:03:92:e4:e5:43:eb:46:1a:b0:9c:
ec:6c:33:74:26:d8:fa:85:d0:bb:a6:74:39:b7:92:6c:14:ac:
a1:96:6e:10:af:45:1d:5e:a3:68:28:8f:c6:09:2d:8f:10:a1:
89:60:c5:7f:f0:63:e1:29:ae:6f:5c:32:94:4f:94:62:c5:6f:
ec:21:42:26:25:ac:9f:72:a1:5b:d7:20:30:ab:6c:6d:90:85:
9c:f0:6b:42:8a:ba:de:8f:84:de:68:6b:d4:37:c0:eb:4b:28:
d4:f9:14:28:74:12:94:25:27:83:b9:6b:69:e9:dd:e4:2e:d4:
e5:a5:9a:2e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQbMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE0MDcwMTU2WhcNMjUwNTE1MDcwMTU2WjAYMRYw
FAYDVQQDEw02Nzg2MGJlOC1iYzdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr8YDjMtzE6SKLvSEd3FTCvolP8WmzxUbrwZV9y84LEN9wZp9j44wb46A
8gBPV2u+PygjVR0MIJGETiR4IytO5nX08esfpOpXMqalDnoVI0Dko3ru0Arr7qkI
o5TqYxQ2feRINxEhJiosLNPAAqr8Rj3IAghfA9c900QJFC2i0vAdudODG+p48zgq
DcyWZf8+01vUi2mC1aFHN3ABdTfSly/WXZFh0zenbb8tCdiDGSRVbDVyou2WmWNA
0xkfbcPPYeISQ4qESjxztEDRy6dOiLvYH0iG7dLsmd34C9h7O7XMuTNSOI8qXZkp
+vax7duY9QgOlZu8sOlV0eJwel9RZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG5A
r0yD7sNPQ+9xM5+K7EyqSFnmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MzJCRjY4RUQyNDUxMUVGQURCMzgwQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnOAgMA0GCSqGSIb3DQEBCwUA
A4IBAQAsRuiIG4Um/Kucx1z2PsPOV1jpxR0EPtpEpsJwyfkgC7aYbfLiDtzwEZvq
XpEB39zqgz7pnGaLMOEKWwAYUuN28QrP0nt7edvymjkfL+EQ5WggQTk/lZeO+cLc
tFkBpMEizrFfEawDRO9D9YVGYhTbmdagq9pBK5G8X+Lt3gKXdv0aPVJKiAOS5OVD
60YasJzsbDN0Jtj6hdC7pnQ5t5JsFKyhlm4Qr0UdXqNoKI/GCS2PEKGJYMV/8GPh
Ka5vXDKUT5RixW/sIUImJayfcqFb1yAwq2xtkIWc8GtCirrej4TeaGvUN8DrSyjU
+RQodBKUJSeDuWtp6d3kLtTlpZou
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:27 2025 by rpki-client