Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEF3A52ECBD011EF88853198762E951A.roa
File: BEF3A52ECBD011EF88853198762E951A.roa (raw, json)
Hash identifier: +niVR7/HL8DtXx2CpxZc/HTxrFt+hckBKPpevyJ3WmA=
Subject key identifier: EB:37:8E:76:72:5B:6C:AE:30:EA:A8:25:64:84:8C:36:39:96:CE:56
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F7C2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEF3A52ECBD011EF88853198762E951A.roa
Signing time: Mon 06 Jan 2025 01:51:29 +0000
ROA not before: Mon 06 Jan 2025 01:51:25 +0000
ROA not after: Sun 09 Feb 2025 01:51:25 +0000
asID: 203020
IP address blocks: 156.237.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63426 (0xf7c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 01:51:25 2025 GMT
Not After : Feb 9 01:51:25 2025 GMT
Subject: CN=677b3721-6fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8f:07:a3:5d:ad:08:10:d0:9d:75:14:8b:43:
8e:99:b8:d0:f4:a9:43:34:8e:94:53:2e:39:55:52:
b2:52:58:93:8e:c8:0a:ae:dd:a9:f4:09:6c:af:68:
e4:87:da:b8:f7:50:25:9b:23:1c:e6:77:8a:05:56:
6a:54:a0:a0:1c:b2:90:50:d3:53:39:df:05:65:cb:
d3:0c:e3:87:7c:d8:a7:9f:5c:03:33:90:7e:45:00:
f2:74:f4:94:13:8c:48:cf:ae:cc:4c:f1:5a:75:96:
50:c0:51:61:95:cc:36:55:07:cc:dd:a0:d1:d0:65:
b9:fe:e5:45:94:df:0c:bc:2a:59:5d:70:1b:48:63:
6d:44:cd:18:ab:9a:ab:46:0d:76:08:9b:99:ee:6f:
8a:6e:db:0e:82:2a:cd:97:5f:b0:6a:f4:0c:7e:ef:
ea:10:65:86:72:68:19:99:3e:a8:7b:66:3d:9e:26:
bb:15:37:f1:a8:e4:53:c2:04:4d:1c:31:27:24:72:
a9:17:0e:c8:52:c4:7b:00:ec:46:43:fd:5c:b4:a0:
dd:f1:b9:c5:52:cb:71:bb:e8:e2:a7:ec:16:25:45:
f8:22:b7:2a:8e:5e:75:18:5b:9c:3a:21:09:cf:6f:
c7:d3:e0:27:8b:7e:2d:fc:2c:fa:32:9b:8b:3e:18:
a2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:37:8E:76:72:5B:6C:AE:30:EA:A8:25:64:84:8C:36:39:96:CE:56
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEF3A52ECBD011EF88853198762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:c8:20:3c:48:5e:09:e1:6b:fd:39:c9:e3:27:13:1c:99:c7:
ea:d6:00:b9:0c:7a:7a:fa:e2:73:02:4c:19:42:a4:55:56:f5:
ef:c5:bd:4f:a6:f8:9a:17:f2:a4:c1:b1:f2:5d:4f:13:23:ba:
a0:20:78:c2:d4:09:4d:50:92:24:09:1b:4f:31:c3:c7:dd:fb:
6c:fa:b7:e9:6a:df:44:e1:88:e1:e2:01:7e:f7:c1:17:da:1c:
dd:47:a0:a4:58:2b:74:65:10:0b:0f:e6:9e:df:98:be:47:ea:
f9:fc:0a:35:a3:05:a5:0f:31:64:22:68:e8:f9:0f:33:4f:25:
54:b3:35:15:31:86:dc:39:f0:c6:aa:7b:8a:15:28:8e:b3:9a:
16:93:44:65:4a:dc:49:ca:51:d9:e5:b6:9e:a4:f6:9d:69:de:
df:23:16:44:d1:37:d5:22:e0:89:44:9d:34:5f:d2:34:d4:79:
d5:1e:a4:56:de:94:b5:6f:c6:5b:31:f5:66:32:df:2f:d6:df:
2b:9a:37:56:04:b4:75:4b:00:cd:69:da:06:29:be:92:d8:31:
3a:7c:37:ae:9b:e7:b6:d1:57:26:7b:48:05:18:e5:6e:5e:de:
0e:d3:43:c2:e3:7d:6f:9e:65:b3:cb:29:82:a2:3a:1b:35:90:
82:e3:da:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPfCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDE1MTI1WhcNMjUwMjA5MDE1MTI1WjAYMRYw
FAYDVQQDEw02NzdiMzcyMS02ZmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvo8Ho12tCBDQnXUUi0OOmbjQ9KlDNI6UUy45VVKyUliTjsgKrt2p9Als
r2jkh9q491AlmyMc5neKBVZqVKCgHLKQUNNTOd8FZcvTDOOHfNinn1wDM5B+RQDy
dPSUE4xIz67MTPFadZZQwFFhlcw2VQfM3aDR0GW5/uVFlN8MvCpZXXAbSGNtRM0Y
q5qrRg12CJuZ7m+KbtsOgirNl1+wavQMfu/qEGWGcmgZmT6oe2Y9nia7FTfxqORT
wgRNHDEnJHKpFw7IUsR7AOxGQ/1ctKDd8bnFUstxu+jip+wWJUX4Ircqjl51GFuc
OiEJz2/H0+Ani34t/Cz6MpuLPhiimwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOs3
jnZyW2yuMOqoJWSEjDY5ls5WMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRUYzQTUyRUNCRDAxMUVGODg4NTMxOTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO1cMA0GCSqGSIb3DQEBCwUA
A4IBAQCOyCA8SF4J4Wv9OcnjJxMcmcfq1gC5DHp6+uJzAkwZQqRVVvXvxb1Ppvia
F/KkwbHyXU8TI7qgIHjC1AlNUJIkCRtPMcPH3fts+rfpat9E4Yjh4gF+98EX2hzd
R6CkWCt0ZRALD+ae35i+R+r5/Ao1owWlDzFkImjo+Q8zTyVUszUVMYbcOfDGqnuK
FSiOs5oWk0RlStxJylHZ5baepPadad7fIxZE0TfVIuCJRJ00X9I01HnVHqRW3pS1
b8ZbMfVmMt8v1t8rmjdWBLR1SwDNadoGKb6S2DE6fDeum+e20Vcme0gFGOVuXt4O
00PC431vnmWzyymCojobNZCC49p/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:38 2025 by rpki-client