Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74739402CD8611EF88470F8E762E951A.roa
File: 74739402CD8611EF88470F8E762E951A.roa (raw, json)
Hash identifier: NMyOnhWClWsRzvBoapE7DpsKl47bzkt/1WOOtzyggzY=
Subject key identifier: E4:E0:74:43:1F:61:3F:CF:4C:A8:C9:CB:EE:29:58:98:F4:9F:71:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01002D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74739402CD8611EF88470F8E762E951A.roa
Signing time: Wed 08 Jan 2025 06:04:43 +0000
ROA not before: Wed 08 Jan 2025 06:04:40 +0000
ROA not after: Sat 13 Dec 2025 06:04:40 +0000
asID: 984
IP address blocks: 156.252.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65581 (0x1002d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 06:04:40 2025 GMT
Not After : Dec 13 06:04:40 2025 GMT
Subject: CN=677e157b-c7b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:53:5d:fc:df:82:f8:11:85:4d:74:06:5d:34:
f0:d8:f5:f0:30:30:04:37:65:84:d8:c6:bd:e5:25:
a1:87:ee:0d:e6:38:78:81:d6:da:35:12:ad:3f:89:
4c:a8:6a:98:a3:b4:c4:ce:fc:15:59:91:e7:6c:40:
70:d0:31:56:e7:98:cc:82:74:44:34:0d:d1:c0:86:
f7:08:d7:0d:53:f4:3f:46:42:13:94:3b:ca:69:cf:
c3:ec:a4:0c:35:24:67:62:fa:55:1c:8a:7d:c2:2a:
01:29:e9:1c:42:a0:f1:21:ed:72:3f:eb:04:3a:69:
91:ab:b4:5c:77:4a:b3:62:c3:cb:35:b0:2d:fb:78:
13:ec:f7:9f:87:fd:dc:e8:c1:5e:7f:c1:d5:93:5e:
60:2d:06:c0:7b:f0:5c:85:1b:7f:bb:38:be:bf:09:
bd:5e:ec:1c:aa:ea:d1:43:f0:b0:ba:d3:58:88:42:
1c:26:e1:50:73:59:82:d2:66:c7:53:45:b7:74:7c:
7e:6e:33:b3:80:7e:ab:7d:2f:4b:30:dd:67:d8:7c:
f3:22:29:d6:5a:fd:94:24:0e:96:07:f0:60:13:a0:
f8:a0:e1:7a:17:e1:c2:5f:93:04:55:79:26:40:12:
42:87:da:cc:85:17:ce:94:a2:38:9e:25:9b:29:2a:
6d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E0:74:43:1F:61:3F:CF:4C:A8:C9:CB:EE:29:58:98:F4:9F:71:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74739402CD8611EF88470F8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.34.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ae:39:f8:3a:65:99:c4:47:4f:2a:25:d8:0b:7a:db:3b:3d:
41:2f:d6:df:fb:53:b5:ef:af:74:52:7b:ce:2a:db:3b:d5:38:
11:16:b9:7c:95:71:9d:ad:33:70:b3:9d:28:2e:52:01:c4:aa:
ff:1a:2c:df:a0:71:9a:04:54:20:58:79:64:df:db:70:d5:ba:
bd:8d:32:4f:aa:65:60:a5:28:03:39:d4:f8:9e:2a:fc:c6:87:
bb:7b:25:54:81:64:4a:1a:b5:a4:bc:6f:30:9c:7b:9c:a3:3c:
f3:3f:38:70:a6:9b:02:2a:fc:c0:c5:bc:44:88:9d:b9:6a:8a:
de:45:aa:d2:35:5d:20:2a:78:a4:ab:7e:6f:0d:de:ba:83:b0:
7e:a6:b6:4d:b2:1d:7a:b9:6b:e6:21:38:eb:89:1c:da:e9:81:
10:c0:2a:d5:02:ae:a1:fc:ca:7d:74:6b:17:f9:b0:49:6d:ae:
8e:e7:34:f0:14:a5:0d:2e:35:0b:dd:c2:2d:5a:cc:63:55:3f:
28:12:12:13:e0:94:a7:6a:ce:2d:f5:c2:2a:61:5e:12:30:5d:
4d:26:a4:df:fe:35:81:28:6e:35:c6:52:f4:39:84:f9:e6:90:
ee:bd:82:37:e7:e5:d2:f5:e1:33:86:4c:74:b2:46:6e:75:6e:
0d:89:ae:a3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQAtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDYwNDQwWhcNMjUxMjEzMDYwNDQwWjAYMRYw
FAYDVQQDEw02NzdlMTU3Yi1jN2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3lNd/N+C+BGFTXQGXTTw2PXwMDAEN2WE2Ma95SWhh+4N5jh4gdbaNRKt
P4lMqGqYo7TEzvwVWZHnbEBw0DFW55jMgnRENA3RwIb3CNcNU/Q/RkITlDvKac/D
7KQMNSRnYvpVHIp9wioBKekcQqDxIe1yP+sEOmmRq7Rcd0qzYsPLNbAt+3gT7Pef
h/3c6MFef8HVk15gLQbAe/BchRt/uzi+vwm9XuwcqurRQ/CwutNYiEIcJuFQc1mC
0mbHU0W3dHx+bjOzgH6rfS9LMN1n2HzzIinWWv2UJA6WB/BgE6D4oOF6F+HCX5ME
VXkmQBJCh9rMhRfOlKI4niWbKSptAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOTg
dEMfYT/PTKjJy+4pWJj0n3GLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NDczOTQwMkNEODYxMUVGODg0NzBGOEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwiMA0GCSqGSIb3DQEBCwUA
A4IBAQBWrjn4OmWZxEdPKiXYC3rbOz1BL9bf+1O17690UnvOKts71TgRFrl8lXGd
rTNws50oLlIBxKr/GizfoHGaBFQgWHlk39tw1bq9jTJPqmVgpSgDOdT4nir8xoe7
eyVUgWRKGrWkvG8wnHucozzzPzhwppsCKvzAxbxEiJ25aoreRarSNV0gKnikq35v
Dd66g7B+prZNsh16uWvmITjriRza6YEQwCrVAq6h/Mp9dGsX+bBJba6O5zTwFKUN
LjUL3cItWsxjVT8oEhIT4JSnas4t9cIqYV4SMF1NJqTf/jWBKG41xlL0OYT55pDu
vYI35+XS9eEzhkx0skZudW4Nia6j
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:53:08 2025 by rpki-client