Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/73A33BB8C98F11EF95B45F5C762E951A.roa
File: 73A33BB8C98F11EF95B45F5C762E951A.roa (raw, json)
Hash identifier: gKc5Rul+p0o3WAszDB6c861J4jJBbbF9kfGZSFTcC9Y=
Subject key identifier: B6:C7:9A:0D:FB:E0:76:CB:E7:36:BE:0C:9C:A0:41:39:D4:7A:5C:73
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5D5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/73A33BB8C98F11EF95B45F5C762E951A.roa
Signing time: Fri 03 Jan 2025 04:59:03 +0000
ROA not before: Fri 03 Jan 2025 04:58:59 +0000
ROA not after: Sat 13 Dec 2025 04:58:59 +0000
asID: 984
IP address blocks: 156.233.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62933 (0xf5d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:58:59 2025 GMT
Not After : Dec 13 04:58:59 2025 GMT
Subject: CN=67776e97-bf7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:23:67:dd:48:5f:78:c3:cc:ea:a0:3d:fd:41:
9b:4e:30:67:0c:7d:e3:d8:0e:c0:5e:c0:01:4d:28:
47:16:63:46:3c:95:13:6f:f0:0d:57:f6:ec:68:e2:
de:fb:4f:a5:6d:d3:f3:2e:a3:67:7d:00:06:31:fc:
3b:2e:7a:2a:a8:cb:a6:a0:b0:49:b6:ec:63:d8:0e:
3d:66:36:08:f0:6e:e2:98:96:8d:4f:16:6a:3d:51:
20:ab:31:aa:77:68:9a:bf:5c:d0:6d:3e:07:78:63:
6d:9b:ac:5e:f4:7d:3c:52:08:85:b8:2c:a0:0b:36:
f8:eb:41:3e:0a:71:0d:14:5a:56:24:43:81:d3:1b:
a9:2f:a4:bd:5f:f2:07:0e:66:f6:5e:46:4a:d8:8b:
95:cf:6a:cd:8e:2e:7a:b3:9c:b2:50:27:97:01:a6:
77:2b:ff:34:81:7f:dc:a4:f9:31:9b:18:96:65:37:
ee:1c:09:04:f1:7f:3c:20:63:7f:3d:a8:fa:fd:b7:
ef:24:1a:84:c0:29:82:89:77:e3:31:cc:61:37:0e:
4b:bb:bd:5d:1f:a2:36:de:ae:6a:b3:a9:e9:7e:7b:
f7:a5:44:aa:58:d8:3b:29:22:8e:a6:0e:47:f2:d5:
c0:b7:27:df:e3:93:10:13:bf:74:49:04:7f:79:36:
dc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C7:9A:0D:FB:E0:76:CB:E7:36:BE:0C:9C:A0:41:39:D4:7A:5C:73
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/73A33BB8C98F11EF95B45F5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.76.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:62:61:a7:af:ca:be:02:08:d0:9a:87:59:d9:ea:c5:c7:82:
2b:2b:99:69:6b:d9:ac:23:37:90:9b:bf:63:34:7a:2c:2f:a5:
10:69:56:68:26:63:e6:3a:72:ed:82:80:82:0b:d2:e3:50:44:
09:54:a0:a9:5a:b2:d3:c6:90:a8:cb:91:f6:1a:f9:e5:c5:fb:
4a:fb:3e:61:cd:d5:45:f4:3b:5a:10:2c:23:bb:04:e8:e3:c4:
50:6f:0c:90:08:68:40:87:e3:12:3b:1c:6f:71:52:03:0a:19:
ea:4e:d4:94:3e:63:7b:f5:95:a6:bf:83:90:54:c0:fd:f8:8a:
60:27:dd:1c:b1:45:47:b4:6f:f8:1e:7e:8b:3c:11:99:bb:f0:
fb:f7:b3:49:5d:c8:91:9e:a4:86:40:78:92:6f:80:16:1a:90:
bc:41:68:8d:14:44:21:f8:1e:5b:cf:db:26:22:ac:8c:f2:61:
5e:9e:bb:a9:22:11:5b:ad:4e:32:34:fb:6a:d3:54:ba:fa:5a:
f0:66:c2:7c:46:b6:dc:75:9b:2d:9c:44:2b:3f:49:96:ea:c1:
0a:c2:2e:bd:bb:ec:bc:6b:a8:76:98:ce:38:1f:33:de:a2:c3:
d3:93:62:19:b9:a6:9b:27:b1:dd:58:da:14:ef:fb:d1:29:e5:
81:d5:08:b9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPXVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQ1ODU5WhcNMjUxMjEzMDQ1ODU5WjAYMRYw
FAYDVQQDEw02Nzc3NmU5Ny1iZjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4yNn3UhfeMPM6qA9/UGbTjBnDH3j2A7AXsABTShHFmNGPJUTb/ANV/bs
aOLe+0+lbdPzLqNnfQAGMfw7LnoqqMumoLBJtuxj2A49ZjYI8G7imJaNTxZqPVEg
qzGqd2iav1zQbT4HeGNtm6xe9H08UgiFuCygCzb460E+CnENFFpWJEOB0xupL6S9
X/IHDmb2XkZK2IuVz2rNji56s5yyUCeXAaZ3K/80gX/cpPkxmxiWZTfuHAkE8X88
IGN/Paj6/bfvJBqEwCmCiXfjMcxhNw5Lu71dH6I23q5qs6npfnv3pUSqWNg7KSKO
pg5H8tXAtyff45MQE790SQR/eTbcMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLbH
mg374HbL5za+DJygQTnUelxzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83M0EzM0JCOEM5OEYxMUVGOTVCNDVGNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlMMA0GCSqGSIb3DQEBCwUA
A4IBAQC5YmGnr8q+AgjQmodZ2erFx4IrK5lpa9msIzeQm79jNHosL6UQaVZoJmPm
OnLtgoCCC9LjUEQJVKCpWrLTxpCoy5H2GvnlxftK+z5hzdVF9DtaECwjuwTo48RQ
bwyQCGhAh+MSOxxvcVIDChnqTtSUPmN79ZWmv4OQVMD9+IpgJ90csUVHtG/4Hn6L
PBGZu/D797NJXciRnqSGQHiSb4AWGpC8QWiNFEQh+B5bz9smIqyM8mFenrupIhFb
rU4yNPtq01S6+lrwZsJ8RrbcdZstnEQrP0mW6sEKwi69u+y8a6h2mM44HzPeosPT
k2IZuaabJ7HdWNoU7/vRKeWB1Qi5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:45 2025 by rpki-client