Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C271883CCD0711EF9788F85A762E951A.roa
File: C271883CCD0711EF9788F85A762E951A.roa (raw, json)
Hash identifier: gOK4MsDEyRUOXk+Wmo1L/Gh7Uo1I6b6Yr5j/biJiEtg=
Subject key identifier: 37:45:9E:99:9F:0E:A9:9A:7F:D9:54:E2:87:11:3D:A7:07:BE:82:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCA7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C271883CCD0711EF9788F85A762E951A.roa
Signing time: Tue 07 Jan 2025 14:57:48 +0000
ROA not before: Tue 07 Jan 2025 14:57:45 +0000
ROA not after: Mon 13 Dec 2027 14:57:45 +0000
asID: 17561
IP address blocks: 156.239.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64679 (0xfca7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:57:45 2025 GMT
Not After : Dec 13 14:57:45 2027 GMT
Subject: CN=677d40ec-4c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:dc:c2:a6:54:91:9a:13:6b:d0:b1:77:50:a2:
81:9f:28:c7:2d:37:93:c7:b6:d6:de:62:4d:28:5e:
9c:ec:fe:52:67:81:95:80:e1:98:32:41:ef:18:60:
4c:81:a5:6f:cc:3c:ef:3e:1e:e1:63:35:05:1a:2d:
cf:9c:ce:8e:2f:7a:f7:7d:60:38:14:79:38:87:ef:
51:65:3d:f2:dc:c2:a9:87:cf:89:7c:28:77:57:64:
41:ee:0f:18:16:c6:39:6a:29:55:83:e8:1f:ee:16:
5f:ac:44:d9:99:f6:aa:63:12:74:a5:e0:d6:f0:26:
82:73:ff:3f:4a:d1:b6:7c:a9:55:2d:e4:d0:f0:39:
d2:a7:89:be:1f:ae:3e:f9:ab:da:bb:5c:5b:b0:a7:
95:88:e7:66:e9:aa:ef:9c:e5:f1:61:92:d5:15:04:
b5:e0:22:fe:78:9d:64:55:67:a4:28:7b:7a:e9:30:
f3:81:e4:86:ad:47:0e:96:97:f9:9f:6a:6a:0d:47:
58:72:c6:ee:43:a3:1a:98:4f:24:d3:de:b8:72:11:
96:9d:22:55:9d:ce:9f:dd:54:93:0c:cd:aa:1c:cf:
e4:46:3e:8a:37:ce:94:eb:79:17:44:83:ec:62:44:
fe:6a:cf:1f:de:34:6e:7d:d6:77:37:6e:eb:bb:de:
5e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:45:9E:99:9F:0E:A9:9A:7F:D9:54:E2:87:11:3D:A7:07:BE:82:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C271883CCD0711EF9788F85A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.37.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:02:dd:02:b1:79:3f:30:32:1e:5c:39:f4:3d:72:69:28:98:
39:15:6a:e1:0c:42:50:e9:88:84:64:71:6f:f8:1d:fa:5b:89:
24:15:c5:fc:3a:31:1c:f4:09:3d:5b:b1:5d:77:30:1d:9b:6c:
bd:2b:66:0f:c9:0e:5a:4f:d7:0a:36:28:65:64:95:f6:99:bb:
12:08:f2:3c:5c:80:9d:33:91:8d:42:cc:16:5f:a3:3c:cf:c3:
da:17:3b:2f:26:98:32:d2:4a:90:20:a0:1d:99:fc:b0:57:91:
23:40:17:7d:9f:6e:45:74:b2:a8:66:5d:34:df:4a:1f:8a:8f:
f7:2b:d2:f4:83:87:46:12:4d:b5:0c:4e:0e:4e:4b:27:b8:e1:
09:6d:43:6c:54:bb:01:7f:c7:42:db:d1:19:5e:03:fd:6b:7b:
fe:d1:e8:d0:d3:f6:1f:a6:b3:c0:a4:dc:a3:e0:34:95:d3:33:
22:f0:1b:bf:6c:67:ed:5e:a0:39:98:28:b3:9d:5d:46:96:0c:
b9:3f:3f:c0:ee:53:75:45:50:fc:7d:1b:ba:78:c9:1c:26:87:
f1:0b:e2:e5:d4:51:cb:6a:15:6a:68:7f:da:ca:a1:f2:db:5a:
9f:5f:3a:07:eb:16:92:b2:51:0c:98:db:87:55:43:a3:59:4a:
13:ec:81:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPynMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQ1NzQ1WhcNMjcxMjEzMTQ1NzQ1WjAYMRYw
FAYDVQQDEw02NzdkNDBlYy00YzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3dzCplSRmhNr0LF3UKKBnyjHLTeTx7bW3mJNKF6c7P5SZ4GVgOGYMkHv
GGBMgaVvzDzvPh7hYzUFGi3PnM6OL3r3fWA4FHk4h+9RZT3y3MKph8+JfCh3V2RB
7g8YFsY5ailVg+gf7hZfrETZmfaqYxJ0peDW8CaCc/8/StG2fKlVLeTQ8DnSp4m+
H64++avau1xbsKeViOdm6arvnOXxYZLVFQS14CL+eJ1kVWekKHt66TDzgeSGrUcO
lpf5n2pqDUdYcsbuQ6MamE8k0964chGWnSJVnc6f3VSTDM2qHM/kRj6KN86U63kX
RIPsYkT+as8f3jRufdZ3N27ru95ezwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDdF
npmfDqmaf9lU4ocRPacHvoLcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMjcxODgzQ0NEMDcxMUVGOTc4OEY4NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8lMA0GCSqGSIb3DQEBCwUA
A4IBAQBKAt0CsXk/MDIeXDn0PXJpKJg5FWrhDEJQ6YiEZHFv+B36W4kkFcX8OjEc
9Ak9W7FddzAdm2y9K2YPyQ5aT9cKNihlZJX2mbsSCPI8XICdM5GNQswWX6M8z8Pa
FzsvJpgy0kqQIKAdmfywV5EjQBd9n25FdLKoZl0030ofio/3K9L0g4dGEk21DE4O
TksnuOEJbUNsVLsBf8dC29EZXgP9a3v+0ejQ0/YfprPApNyj4DSV0zMi8Bu/bGft
XqA5mCiznV1Glgy5Pz/A7lN1RVD8fRu6eMkcJofxC+Ll1FHLahVqaH/ayqHy21qf
XzoH6xaSslEMmNuHVUOjWUoT7IGL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:50 2025 by rpki-client