Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FD37F50C32211EF87FD9263762E951A.roa
File: 8FD37F50C32211EF87FD9263762E951A.roa (raw, json)
Hash identifier: VJmY8x3uC+JEOe/bVAdKjUtVqVAS1YQWLOPO36TKSXI=
Subject key identifier: 58:87:79:E5:BD:CB:DC:87:E6:30:2E:CD:FD:44:9E:F8:18:0C:CB:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA35
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FD37F50C32211EF87FD9263762E951A.roa
Signing time: Thu 26 Dec 2024 00:44:28 +0000
ROA not before: Thu 26 Dec 2024 00:00:25 +0000
ROA not after: Wed 10 Dec 2025 00:00:25 +0000
asID: 984
IP address blocks: 156.228.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59957 (0xea35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:25 2024 GMT
Not After : Dec 10 00:00:25 2025 GMT
Subject: CN=676ca6ec-8c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:83:4c:46:d6:c2:0d:fa:38:5b:1c:f8:0d:d6:
d4:5f:60:78:1a:75:23:ea:7b:44:94:22:db:59:13:
94:91:73:39:d2:4f:a6:3b:f4:72:61:76:16:b3:e4:
a1:ab:1f:95:a2:cc:1e:4a:39:1c:b6:93:32:28:dd:
97:82:48:ec:58:c1:a0:8f:3d:1c:0c:72:0a:4f:87:
b4:76:a3:29:3c:9d:9b:a2:1f:2a:bd:c7:32:09:58:
cb:0f:68:ee:9f:bc:1e:b3:1d:71:f5:71:3d:85:4d:
95:41:00:2c:ec:e0:d9:c8:64:6d:9b:e1:53:ac:84:
84:44:4e:3e:4c:6b:73:c8:53:d5:9f:6d:7b:83:35:
a9:1c:5a:c4:56:b4:14:60:4b:69:68:54:92:13:a0:
fe:f9:b1:30:e6:86:44:74:45:f2:e7:32:22:1c:b0:
c2:c0:74:8d:15:04:07:1e:5a:14:05:52:b1:13:8b:
8e:fc:e0:ce:f7:78:ad:5c:40:92:85:8f:4a:34:8f:
91:a0:60:4c:3f:7e:eb:7c:f6:17:32:45:7e:65:2c:
6b:d8:25:0d:53:c1:33:ea:ee:c6:f0:4e:69:6c:6d:
d5:81:9c:1f:e0:d2:f9:5d:f9:13:eb:e2:c3:d9:1c:
e4:99:66:f4:e8:89:e6:c2:e3:59:49:0c:33:9a:ea:
05:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:87:79:E5:BD:CB:DC:87:E6:30:2E:CD:FD:44:9E:F8:18:0C:CB:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FD37F50C32211EF87FD9263762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.234.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:19:ae:78:1a:18:cb:96:58:46:b5:b5:65:88:a5:73:eb:19:
fc:71:e6:b6:76:ea:5a:b6:6d:2c:0a:c0:ea:6c:38:31:06:e5:
27:d8:b6:46:93:7a:01:c5:98:b8:a9:53:a6:40:0b:6b:99:7c:
f5:07:d1:b4:11:d3:8e:37:a5:e7:b3:01:39:4a:f9:85:91:a5:
f5:fe:ad:42:23:65:c8:c8:e8:b7:10:6e:e9:1b:94:67:0e:8c:
c8:7e:9d:7b:68:51:1b:c0:56:d8:f6:c2:b3:9d:a4:41:9f:83:
3b:04:9b:f5:6d:dd:79:5e:c4:ac:97:79:80:5d:be:67:8b:d4:
f9:e2:ed:de:7f:0c:51:8b:e6:14:38:fe:36:ce:94:da:d0:27:
8e:32:cf:9b:9f:25:6b:e6:83:9b:64:ca:8b:9c:cc:cf:c3:10:
2c:95:86:cf:f0:75:77:37:0d:26:74:d3:d9:b6:e3:7c:0a:8c:
16:fe:28:38:7a:4b:f0:82:7f:1a:e6:4f:98:78:5b:c3:dc:57:
e1:6f:be:0d:a9:d3:83:53:fa:a0:af:08:39:7d:ad:a5:ea:09:
8e:0d:93:77:8b:08:23:8e:f8:20:7e:fc:68:16:e9:f5:f1:ef:
63:b9:f0:89:18:61:20:da:c9:07:a5:9a:99:ec:22:e9:be:f6:
23:db:e7:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOo1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDI1WhcNMjUxMjEwMDAwMDI1WjAYMRYw
FAYDVQQDEw02NzZjYTZlYy04YzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwYNMRtbCDfo4Wxz4DdbUX2B4GnUj6ntElCLbWROUkXM50k+mO/RyYXYW
s+Shqx+VosweSjkctpMyKN2XgkjsWMGgjz0cDHIKT4e0dqMpPJ2boh8qvccyCVjL
D2jun7wesx1x9XE9hU2VQQAs7ODZyGRtm+FTrISERE4+TGtzyFPVn217gzWpHFrE
VrQUYEtpaFSSE6D++bEw5oZEdEXy5zIiHLDCwHSNFQQHHloUBVKxE4uO/ODO93it
XECShY9KNI+RoGBMP37rfPYXMkV+ZSxr2CUNU8Ez6u7G8E5pbG3VgZwf4NL5XfkT
6+LD2RzkmWb06InmwuNZSQwzmuoFBwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFiH
eeW9y9yH5jAuzf1EnvgYDMt/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RkQzN0Y1MEMzMjIxMUVGODdGRDkyNjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTqMA0GCSqGSIb3DQEBCwUA
A4IBAQCzGa54GhjLllhGtbVliKVz6xn8cea2dupatm0sCsDqbDgxBuUn2LZGk3oB
xZi4qVOmQAtrmXz1B9G0EdOON6XnswE5SvmFkaX1/q1CI2XIyOi3EG7pG5RnDozI
fp17aFEbwFbY9sKznaRBn4M7BJv1bd15XsSsl3mAXb5ni9T54u3efwxRi+YUOP42
zpTa0CeOMs+bnyVr5oObZMqLnMzPwxAslYbP8HV3Nw0mdNPZtuN8CowW/ig4ekvw
gn8a5k+YeFvD3Ffhb74NqdODU/qgrwg5fa2l6gmODZN3iwgjjvggfvxoFun18e9j
ufCJGGEg2skHpZqZ7CLpvvYj2+cy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:01 2025 by rpki-client