Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA37E50CC32F11EFAD038D46762E951A.roa
File: CA37E50CC32F11EFAD038D46762E951A.roa (raw, json)
Hash identifier: mh8envte6jm0N96RspPLdguRLORt7RXjaeCf0gaHJw8=
Subject key identifier: E6:98:FE:17:7E:4A:36:E6:0F:CD:46:BC:CD:72:E0:B7:42:4D:3A:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAFF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA37E50CC32F11EFAD038D46762E951A.roa
Signing time: Thu 26 Dec 2024 02:19:09 +0000
ROA not before: Thu 26 Dec 2024 02:19:06 +0000
ROA not after: Wed 10 Dec 2025 02:19:06 +0000
asID: 984
IP address blocks: 156.243.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60159 (0xeaff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:19:06 2024 GMT
Not After : Dec 10 02:19:06 2025 GMT
Subject: CN=676cbd1d-6597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ef:ba:27:a8:93:21:3f:19:a5:19:41:d1:f2:
e6:85:2f:9e:93:5f:00:49:4d:9f:10:e1:ff:de:4f:
29:cb:8a:64:44:f6:cd:55:e4:88:9d:a2:b2:e2:4d:
94:93:dd:97:93:40:35:14:54:f2:26:de:a4:61:1f:
a7:32:11:fc:60:2e:eb:e1:a0:93:5c:fd:69:e0:e3:
a0:ff:25:49:07:12:61:cf:5b:8a:69:a2:c6:3e:bf:
7c:22:a0:70:ac:53:01:93:54:9c:cc:f3:f3:1e:2d:
2e:23:21:4f:85:3a:69:ba:9a:56:a2:1a:65:a1:02:
a9:fc:e8:46:1c:26:46:71:e9:ce:92:ac:5a:29:7d:
50:ed:b6:f0:a3:ae:3f:f0:d7:a3:b8:05:77:42:79:
c6:a6:a6:20:03:42:41:28:88:81:dd:d5:11:88:84:
06:d5:8d:d8:7b:a3:69:6d:cb:98:ba:ec:04:43:80:
86:82:d3:49:27:02:45:f4:b3:89:12:2d:4b:76:f6:
9f:9c:b4:b9:e3:0f:dd:f5:4f:dc:87:68:16:5a:3e:
43:c7:e2:6a:ac:3b:14:cf:87:58:d2:84:b5:3b:4d:
18:97:0d:1c:07:81:4c:ac:00:a2:b4:35:bc:0a:c0:
29:de:6f:57:7f:26:36:cb:ae:84:9b:2e:76:b4:4d:
68:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:98:FE:17:7E:4A:36:E6:0F:CD:46:BC:CD:72:E0:B7:42:4D:3A:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CA37E50CC32F11EFAD038D46762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.232.0/24
Signature Algorithm: sha256WithRSAEncryption
71:e5:6a:76:ef:1a:37:20:68:76:02:85:5d:a6:44:4d:9b:88:
14:47:0d:39:d9:81:8c:9e:8d:59:b9:56:ae:a3:69:b1:a8:e6:
45:c8:a6:b9:b6:21:e1:d4:85:8d:f3:27:ea:18:2a:b0:f9:7a:
a3:09:fd:fa:54:a5:e3:6a:f8:34:86:f4:48:3a:2a:3e:b3:ad:
11:bc:93:12:d6:08:00:84:45:18:dc:14:29:33:3c:4b:ef:d4:
80:30:b3:87:3c:c2:53:1c:ad:50:0b:c5:8c:b0:86:b5:5c:ae:
2e:c6:58:52:51:04:3e:bb:ca:08:57:c4:42:86:81:07:0a:0b:
a0:b3:b2:d9:7f:5b:90:65:56:4e:73:ab:ab:c9:53:f4:e6:1b:
9d:04:b0:4e:64:2f:54:06:4e:e6:8b:b8:7b:7d:44:b6:5f:ea:
91:b0:70:be:e8:24:da:85:e9:5f:c9:68:e6:9b:ab:52:78:39:
c3:94:7f:bb:e3:88:2c:a7:d3:cd:3e:aa:9a:fb:3a:ff:74:b3:
d9:e1:55:72:f7:fd:62:b1:e0:fd:f7:3b:d3:29:39:2d:4e:28:
29:cb:92:4a:1d:55:6c:be:2d:80:02:02:e7:f0:48:de:56:25:
41:38:6d:12:74:bb:aa:ef:6f:d0:55:ba:ba:c4:1d:4c:48:c0:
84:ee:4c:cf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOr/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIxOTA2WhcNMjUxMjEwMDIxOTA2WjAYMRYw
FAYDVQQDEw02NzZjYmQxZC02NTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwe+6J6iTIT8ZpRlB0fLmhS+ek18ASU2fEOH/3k8py4pkRPbNVeSInaKy
4k2Uk92Xk0A1FFTyJt6kYR+nMhH8YC7r4aCTXP1p4OOg/yVJBxJhz1uKaaLGPr98
IqBwrFMBk1SczPPzHi0uIyFPhTppuppWohploQKp/OhGHCZGcenOkqxaKX1Q7bbw
o64/8NejuAV3QnnGpqYgA0JBKIiB3dURiIQG1Y3Ye6NpbcuYuuwEQ4CGgtNJJwJF
9LOJEi1LdvafnLS54w/d9U/ch2gWWj5Dx+JqrDsUz4dY0oS1O00Ylw0cB4FMrACi
tDW8CsAp3m9XfyY2y66Emy52tE1ooQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOaY
/hd+SjbmD81GvM1y4LdCTTqQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQTM3RTUwQ0MzMkYxMUVGQUQwMzhENDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPoMA0GCSqGSIb3DQEBCwUA
A4IBAQBx5Wp27xo3IGh2AoVdpkRNm4gURw052YGMno1ZuVauo2mxqOZFyKa5tiHh
1IWN8yfqGCqw+XqjCf36VKXjavg0hvRIOio+s60RvJMS1ggAhEUY3BQpMzxL79SA
MLOHPMJTHK1QC8WMsIa1XK4uxlhSUQQ+u8oIV8RChoEHCgugs7LZf1uQZVZOc6ur
yVP05hudBLBOZC9UBk7mi7h7fUS2X+qRsHC+6CTahelfyWjmm6tSeDnDlH+744gs
p9PNPqqa+zr/dLPZ4VVy9/1iseD99zvTKTktTigpy5JKHVVsvi2AAgLn8EjeViVB
OG0SdLuq72/QVbq6xB1MSMCE7kzP
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:42 2025 by rpki-client