Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78B57CB8CE4611EFAA155C5A762E951A.roa
File: 78B57CB8CE4611EFAA155C5A762E951A.roa (raw, json)
Hash identifier: ORb39rEE7Dtb2xUPj3uZgWOUb3Rte2p2BIZqAlEuNKM=
Subject key identifier: 96:FE:D2:AD:4A:48:E2:86:68:32:40:91:BE:E9:50:35:51:6A:63:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010299
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78B57CB8CE4611EFAA155C5A762E951A.roa
Signing time: Thu 09 Jan 2025 04:59:14 +0000
ROA not before: Thu 09 Jan 2025 04:59:10 +0000
ROA not after: Fri 09 Jan 2026 04:59:10 +0000
asID: 17561
IP address blocks: 156.238.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66201 (0x10299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 04:59:10 2025 GMT
Not After : Jan 9 04:59:10 2026 GMT
Subject: CN=677f57a2-8a1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ed:4b:90:8c:1d:ce:95:70:84:7a:e2:72:7a:
65:da:7e:38:a1:66:8e:20:9b:ba:e5:cc:62:5c:3f:
13:ac:83:e0:3a:17:60:13:60:00:71:d0:fa:ea:62:
a8:56:fb:13:08:7a:42:f0:ac:df:6f:70:75:e1:20:
98:01:f2:0b:b3:65:de:a0:c2:a0:41:09:ec:66:90:
47:95:03:33:bb:0e:fa:39:bc:29:c9:4f:8d:0a:c4:
b1:b5:94:05:5f:7e:ea:a0:b5:e6:d7:7b:cb:fa:cb:
d3:0c:b2:fa:3c:52:0c:1b:20:6e:9b:c1:a6:5b:7d:
6e:d9:4e:5f:a5:34:c7:84:a9:63:02:e4:b0:bb:e4:
5e:9e:ba:cc:3c:69:52:50:54:0c:bb:74:5c:80:32:
b3:8d:06:6f:2c:09:27:a6:30:59:62:ae:ab:80:87:
cc:0d:af:9b:9c:62:9f:d4:96:5d:20:3f:aa:b9:f3:
7f:59:13:b6:d8:46:c6:22:a1:66:b7:a0:4e:68:49:
37:ab:63:e6:c4:54:e5:1b:98:29:b1:48:c1:5b:40:
61:c4:03:76:38:de:31:f1:33:76:e1:65:71:2e:80:
c7:7e:38:91:0e:45:8b:d5:5b:0f:21:a4:97:92:4e:
90:06:58:25:07:4c:d4:8b:43:e2:76:69:96:90:f8:
09:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:FE:D2:AD:4A:48:E2:86:68:32:40:91:BE:E9:50:35:51:6A:63:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78B57CB8CE4611EFAA155C5A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.32.0/24
Signature Algorithm: sha256WithRSAEncryption
41:9a:37:18:7e:5d:e6:e5:e7:77:0a:9c:f4:12:e1:03:37:04:
b7:0c:4a:41:5b:c3:69:48:8c:c4:fd:4e:af:4f:ab:d4:eb:2b:
62:76:ee:d1:8f:23:8e:4f:f6:32:d7:1e:d0:e9:41:0d:5c:b3:
24:e9:ac:6e:75:26:1d:bb:0c:73:91:f1:d2:8d:46:1f:51:b2:
5f:79:87:fe:56:04:59:5c:06:c8:36:fc:22:23:b1:16:9d:d6:
93:23:d0:76:1c:4d:96:5d:fd:d8:67:8a:3a:57:02:55:08:29:
fe:89:f2:6e:5c:dc:5d:76:92:f1:99:92:56:a4:d6:b9:2a:2a:
a6:ce:0c:ee:de:a6:e1:44:38:6f:80:a5:d4:43:b6:f3:42:ec:
6c:c5:a3:36:c3:0f:44:e1:55:3a:e3:ea:25:77:93:eb:59:d9:
23:2e:67:50:39:91:87:0f:8c:6b:35:b5:8b:60:00:cd:9c:2a:
16:3e:d8:16:c8:41:9f:d7:10:89:35:0f:bd:df:a7:01:e0:33:
17:35:bf:33:31:c8:38:53:42:e7:fc:fb:30:c2:09:da:d3:5d:
49:55:0c:c0:fb:9d:e3:36:d0:23:09:00:ac:89:0d:40:81:58:
3c:f5:d5:a3:41:dd:d2:9b:e0:9f:07:bc:3a:41:ca:ce:d4:4f:
02:1f:66:4a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQKZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDQ1OTEwWhcNMjYwMTA5MDQ1OTEwWjAYMRYw
FAYDVQQDEw02NzdmNTdhMi04YTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwu1LkIwdzpVwhHricnpl2n44oWaOIJu65cxiXD8TrIPgOhdgE2AAcdD6
6mKoVvsTCHpC8Kzfb3B14SCYAfILs2XeoMKgQQnsZpBHlQMzuw76ObwpyU+NCsSx
tZQFX37qoLXm13vL+svTDLL6PFIMGyBum8GmW31u2U5fpTTHhKljAuSwu+RenrrM
PGlSUFQMu3RcgDKzjQZvLAknpjBZYq6rgIfMDa+bnGKf1JZdID+qufN/WRO22EbG
IqFmt6BOaEk3q2PmxFTlG5gpsUjBW0BhxAN2ON4x8TN24WVxLoDHfjiRDkWL1VsP
IaSXkk6QBlglB0zUi0PidmmWkPgJlwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJb+
0q1KSOKGaDJAkb7pUDVRamOoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OEI1N0NCOENFNDYxMUVGQUExNTVDNUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4gMA0GCSqGSIb3DQEBCwUA
A4IBAQBBmjcYfl3m5ed3Cpz0EuEDNwS3DEpBW8NpSIzE/U6vT6vU6ytidu7RjyOO
T/Yy1x7Q6UENXLMk6axudSYduwxzkfHSjUYfUbJfeYf+VgRZXAbINvwiI7EWndaT
I9B2HE2WXf3YZ4o6VwJVCCn+ifJuXNxddpLxmZJWpNa5Kiqmzgzu3qbhRDhvgKXU
Q7bzQuxsxaM2ww9E4VU64+old5PrWdkjLmdQOZGHD4xrNbWLYADNnCoWPtgWyEGf
1xCJNQ+936cB4DMXNb8zMcg4U0Ln/Pswwgna011JVQzA+53jNtAjCQCsiQ1AgVg8
9dWjQd3Sm+CfB7w6QcrO1E8CH2ZK
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:35 2025 by rpki-client