Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A372CD9EC32D11EF858768B5762E951A.roa
File: A372CD9EC32D11EF858768B5762E951A.roa (raw, json)
Hash identifier: wywDnEFj0z/c0Uab7vIz0qzr4+3NQqKT8sp7L38hKes=
Subject key identifier: 97:43:D6:DF:3F:1A:29:0C:DC:5C:0B:BA:26:E3:8E:38:D8:0D:29:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAE5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A372CD9EC32D11EF858768B5762E951A.roa
Signing time: Thu 26 Dec 2024 02:03:45 +0000
ROA not before: Thu 26 Dec 2024 02:03:42 +0000
ROA not after: Wed 10 Dec 2025 02:03:42 +0000
asID: 984
IP address blocks: 156.243.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60133 (0xeae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:03:42 2024 GMT
Not After : Dec 10 02:03:42 2025 GMT
Subject: CN=676cb981-60fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:09:65:91:1b:5a:93:04:09:0b:23:02:44:a9:
1d:e4:db:f2:17:22:b2:d3:43:b7:b0:2d:eb:b6:a6:
f2:4e:a9:f3:b0:a5:b2:8e:6c:f1:e8:0b:55:1b:60:
70:61:15:14:c6:e5:70:8c:48:30:8b:ee:7b:88:de:
42:54:e7:c0:ff:b0:b7:fa:5c:a0:b2:02:4e:f8:18:
dc:c1:93:09:07:f1:3d:14:5f:0f:a9:87:01:20:38:
3e:70:0f:bb:48:bb:fa:be:9b:5d:d8:d7:a3:5a:ea:
25:1e:94:b2:2e:bc:76:92:d3:2c:b8:0d:4f:46:0e:
74:b4:8a:15:91:f9:47:46:b0:65:e6:00:f1:66:9d:
4a:da:16:39:88:20:0b:ba:e3:a3:70:91:8a:e1:a9:
53:58:cc:2e:77:07:23:ed:4f:33:82:4b:ff:82:8f:
fa:07:e7:93:c4:e7:2b:5f:4a:33:22:41:c3:c9:9f:
7f:e6:cb:16:55:5c:24:dc:9d:49:40:cc:0d:39:a6:
d3:6f:4a:e2:b8:32:c9:6a:60:94:43:71:02:07:6c:
81:2c:f7:b0:25:ed:cf:d7:86:52:ad:f1:97:4f:39:
69:22:5b:55:e2:71:dc:0d:53:a0:33:f4:26:64:39:
b5:b5:dc:0d:2a:98:8e:94:94:8f:20:75:45:85:c7:
bd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:43:D6:DF:3F:1A:29:0C:DC:5C:0B:BA:26:E3:8E:38:D8:0D:29:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A372CD9EC32D11EF858768B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.211.0/24
Signature Algorithm: sha256WithRSAEncryption
69:59:10:40:6a:4e:ef:14:99:c8:c9:94:0d:31:6b:30:70:d9:
5c:53:5e:67:2f:cb:f0:b1:92:b9:3f:85:f0:f4:cb:1f:a9:c9:
0e:8b:6a:4e:0e:cd:da:b9:d0:29:a9:c5:cc:70:c9:9c:ee:8d:
07:d3:b3:af:f6:51:ad:7f:96:63:dd:79:12:2c:30:37:97:e9:
f3:1c:38:b7:8c:2c:19:14:4d:09:a9:ae:53:24:fc:29:3f:a3:
ee:ed:0b:ce:d7:47:e5:20:31:c1:07:8a:98:80:7d:4c:cc:00:
2a:cd:b7:08:3a:fc:dd:46:11:e5:82:43:d0:c1:66:36:0f:62:
33:d3:05:06:63:9d:d4:51:7c:b0:7f:92:61:f1:98:ef:7b:fa:
d1:73:9b:cb:84:3e:ee:a6:74:01:04:99:c5:1c:50:3d:e4:2b:
bb:ab:d4:01:4d:33:a2:c2:f5:39:8c:0b:79:b3:2c:50:86:41:
87:78:d4:00:cc:08:65:14:85:f4:bd:7e:f9:8c:cd:06:c6:47:
aa:5f:a6:e5:c2:65:f2:ac:dc:6e:70:6f:63:0b:c2:62:52:34:
a6:81:72:64:b5:50:79:ed:53:58:0a:8c:c6:ac:d8:df:40:d0:
5f:2e:b5:24:9f:f2:d7:f9:13:7d:b9:bf:13:da:b8:3f:1c:5f:
7c:f2:ee:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIwMzQyWhcNMjUxMjEwMDIwMzQyWjAYMRYw
FAYDVQQDEw02NzZjYjk4MS02MGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArgllkRtakwQJCyMCRKkd5NvyFyKy00O3sC3rtqbyTqnzsKWyjmzx6AtV
G2BwYRUUxuVwjEgwi+57iN5CVOfA/7C3+lygsgJO+BjcwZMJB/E9FF8PqYcBIDg+
cA+7SLv6vptd2NejWuolHpSyLrx2ktMsuA1PRg50tIoVkflHRrBl5gDxZp1K2hY5
iCALuuOjcJGK4alTWMwudwcj7U8zgkv/go/6B+eTxOcrX0ozIkHDyZ9/5ssWVVwk
3J1JQMwNOabTb0riuDLJamCUQ3ECB2yBLPewJe3P14ZSrfGXTzlpIltV4nHcDVOg
M/QmZDm1tdwNKpiOlJSPIHVFhce9cQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJdD
1t8/GikM3FwLuibjjjjYDSlwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMzcyQ0Q5RUMzMkQxMUVGODU4NzY4QjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPTMA0GCSqGSIb3DQEBCwUA
A4IBAQBpWRBAak7vFJnIyZQNMWswcNlcU15nL8vwsZK5P4Xw9MsfqckOi2pODs3a
udApqcXMcMmc7o0H07Ov9lGtf5Zj3XkSLDA3l+nzHDi3jCwZFE0Jqa5TJPwpP6Pu
7QvO10flIDHBB4qYgH1MzAAqzbcIOvzdRhHlgkPQwWY2D2Iz0wUGY53UUXywf5Jh
8Zjve/rRc5vLhD7upnQBBJnFHFA95Cu7q9QBTTOiwvU5jAt5syxQhkGHeNQAzAhl
FIX0vX75jM0GxkeqX6blwmXyrNxucG9jC8JiUjSmgXJktVB57VNYCozGrNjfQNBf
LrUkn/LX+RN9ub8T2rg/HF988u7l
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:01 2025 by rpki-client