Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C038C33AC32211EFA767DA65762E951A.roa
File: C038C33AC32211EFA767DA65762E951A.roa (raw, json)
Hash identifier: CXRD7frAcc0HtsSt7DrFIqDPsKob0XYVqvyjab+pql0=
Subject key identifier: 65:6F:8B:A4:43:E7:BD:84:94:00:29:37:4B:77:1F:92:4E:B8:F7:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA3B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C038C33AC32211EFA767DA65762E951A.roa
Signing time: Thu 26 Dec 2024 00:45:49 +0000
ROA not before: Thu 26 Dec 2024 00:00:46 +0000
ROA not after: Sat 01 Mar 2025 00:00:46 +0000
asID: 984
IP address blocks: 156.231.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59963 (0xea3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:46 2024 GMT
Not After : Mar 1 00:00:46 2025 GMT
Subject: CN=676ca73d-8057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6c:c5:4a:d8:fa:8c:ac:21:a5:0a:fa:2f:8e:
25:ca:c3:cc:76:dc:e6:13:8e:57:eb:c8:8e:68:a7:
09:22:df:9d:43:b0:41:7d:89:93:94:c2:dd:de:a8:
20:e8:78:64:fe:0f:0a:91:3a:13:a1:b1:f8:2a:cd:
2b:39:c8:9c:7c:39:2f:26:56:80:db:b2:1c:71:91:
82:3d:bf:a9:64:fa:9b:b8:cc:e4:1f:dc:52:b8:bc:
96:60:47:21:2b:0e:62:5f:ba:dd:66:a2:08:bd:53:
42:a7:3b:c4:b2:3d:58:d6:c8:37:e9:e7:4f:68:8a:
26:ae:83:97:c0:62:62:00:2a:5a:1d:e8:88:3f:f3:
a5:26:ac:02:98:73:45:15:dc:2f:80:f1:e5:a6:1e:
5d:e6:12:46:16:eb:25:61:2d:6b:4b:64:b2:a7:0c:
d8:87:ef:91:1d:3d:84:4b:9b:39:55:14:85:4b:ab:
dc:0a:c8:c0:f9:e0:e1:1f:94:c3:eb:25:04:d7:d5:
4c:8c:7f:c1:80:be:50:ed:f8:c8:2a:2a:a3:ed:3e:
a1:e2:bf:6f:ba:c0:fc:c7:ba:cc:1d:99:e0:ee:20:
90:98:c7:b7:d8:ca:9c:c6:7b:ef:90:d7:f1:fa:e3:
f4:71:22:15:14:33:d2:3c:ff:7d:1a:98:ba:03:e7:
23:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6F:8B:A4:43:E7:BD:84:94:00:29:37:4B:77:1F:92:4E:B8:F7:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C038C33AC32211EFA767DA65762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:7b:93:2c:4e:df:4f:2e:2a:16:3d:7f:70:ad:f0:50:87:d4:
71:53:d5:44:a1:63:39:20:d8:e6:e9:53:e2:91:c9:fc:61:9e:
fc:01:cb:02:de:78:3e:70:88:98:8c:be:68:e9:5c:93:fe:6c:
f5:37:c3:e4:6b:5c:cc:02:4a:83:8e:55:ad:bd:ed:6c:29:54:
e0:23:9e:a1:3b:08:89:89:ea:34:f1:98:4d:de:ee:4b:14:92:
29:09:26:6c:69:87:81:63:b4:32:e2:07:e3:2a:43:fe:47:19:
21:53:39:b1:0a:ca:68:79:23:76:cf:da:8e:a1:9a:58:94:96:
c0:83:b6:d7:50:0f:eb:28:37:29:3c:46:66:dc:6c:4a:14:e7:
41:f5:95:06:ce:97:a7:20:af:01:4b:e5:65:cd:d8:ee:cc:fb:
05:da:c4:e4:5e:04:aa:d9:b2:b5:bc:fb:8a:eb:3c:c9:33:45:
e0:a3:55:ad:b4:23:56:25:97:54:97:1c:95:c9:fa:d0:d3:b0:
e5:cd:4e:88:ee:4e:3f:e2:75:2f:ff:25:f3:51:88:8a:fd:99:
88:65:ae:c4:c1:81:26:5a:dc:be:ba:33:81:b0:17:ce:35:a3:
6e:00:2f:66:1b:f9:24:fa:8a:9b:9f:f8:a0:31:37:07:05:d5:
e4:71:27:54
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAOo7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDQ2WhcNMjUwMzAxMDAwMDQ2WjAYMRYw
FAYDVQQDEw02NzZjYTczZC04MDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0mzFStj6jKwhpQr6L44lysPMdtzmE45X68iOaKcJIt+dQ7BBfYmTlMLd
3qgg6Hhk/g8KkToTobH4Ks0rOcicfDkvJlaA27IccZGCPb+pZPqbuMzkH9xSuLyW
YEchKw5iX7rdZqIIvVNCpzvEsj1Y1sg36edPaIomroOXwGJiACpaHeiIP/OlJqwC
mHNFFdwvgPHlph5d5hJGFuslYS1rS2SypwzYh++RHT2ES5s5VRSFS6vcCsjA+eDh
H5TD6yUE19VMjH/BgL5Q7fjIKiqj7T6h4r9vusD8x7rMHZng7iCQmMe32Mqcxnvv
kNfx+uP0cSIVFDPSPP99Gpi6A+cjSQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGVv
i6RD572ElAApN0t3H5JOuPevMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMDM4QzMzQUMzMjIxMUVGQTc2N0RBNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOcwDQYJKoZIhvcNAQELBQAD
ggEBAAh7kyxO308uKhY9f3Ct8FCH1HFT1UShYzkg2ObpU+KRyfxhnvwBywLeeD5w
iJiMvmjpXJP+bPU3w+RrXMwCSoOOVa297WwpVOAjnqE7CImJ6jTxmE3e7ksUkikJ
Jmxph4FjtDLiB+MqQ/5HGSFTObEKymh5I3bP2o6hmliUlsCDttdQD+soNyk8Rmbc
bEoU50H1lQbOl6cgrwFL5WXN2O7M+wXaxOReBKrZsrW8+4rrPMkzReCjVa20I1Yl
l1SXHJXJ+tDTsOXNTojuTj/idS//JfNRiIr9mYhlrsTBgSZa3L66M4GwF841o24A
L2Yb+ST6ipuf+KAxNwcF1eRxJ1Q=
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:27 2025 by rpki-client