Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F637DF36D2F211EFB9741675762E951A.roa
File: F637DF36D2F211EFB9741675762E951A.roa (raw, json)
Hash identifier: slkV3s2FAG7t58sbGz1i2BLpkQhiaK437JibUDgntOw=
Subject key identifier: 46:27:30:5E:22:17:94:11:8F:21:D0:03:B9:AF:84:C4:D3:72:9F:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01078D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F637DF36D2F211EFB9741675762E951A.roa
Signing time: Wed 15 Jan 2025 03:44:03 +0000
ROA not before: Wed 15 Jan 2025 03:43:59 +0000
ROA not after: Sat 03 Jan 2026 03:43:59 +0000
asID: 984
IP address blocks: 156.247.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67469 (0x1078d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 03:43:59 2025 GMT
Not After : Jan 3 03:43:59 2026 GMT
Subject: CN=67872f03-2098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:38:66:b7:49:2d:29:e8:43:0b:25:7a:29:7c:
62:12:dd:20:ec:83:3c:f1:c6:63:9b:b3:42:34:2c:
2f:2c:92:45:8c:81:60:60:97:c5:03:ef:c6:16:17:
68:e1:1b:44:9e:53:cb:6e:24:9c:76:de:09:f9:45:
15:fc:54:a1:11:12:b0:69:46:8b:fe:d9:f0:fe:97:
c8:18:2e:cf:67:fb:38:0f:39:b3:79:54:d7:6e:30:
e6:34:e5:77:ca:19:24:4a:31:7e:e1:c1:10:0e:46:
d3:27:33:4b:d3:3c:47:ea:4f:2a:9e:91:a1:8a:d9:
46:2e:81:3b:52:32:19:66:c0:e1:e4:32:23:46:ab:
b2:4f:f9:a0:f4:35:ee:66:12:4b:1a:a7:b6:60:d8:
1f:74:39:2c:32:09:79:5a:61:ee:33:48:f0:79:a4:
38:fe:72:19:39:ef:72:3e:28:a9:26:dc:5f:ce:22:
89:ae:3d:b0:ed:8d:c7:08:86:05:e1:d3:30:97:2c:
7e:21:99:bb:b4:1e:28:6c:35:7f:97:4a:74:29:4d:
c5:ef:77:fb:52:4d:d6:e8:e6:ef:b6:02:85:c8:f6:
be:c6:75:31:a3:07:05:57:82:c3:99:22:17:c2:23:
32:9f:1f:9f:23:2d:89:dd:fb:7c:fa:bd:cd:32:46:
e4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:27:30:5E:22:17:94:11:8F:21:D0:03:B9:AF:84:C4:D3:72:9F:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F637DF36D2F211EFB9741675762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.101.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:3a:27:ee:46:d9:7e:0d:fe:14:15:69:f1:6a:1e:fa:24:79:
c1:59:09:7e:da:a1:8b:20:88:82:88:2b:be:3b:e4:2a:3f:4c:
5c:83:c3:2f:7c:5b:73:1e:7f:30:38:ac:48:6f:d1:96:70:ce:
fe:a8:fb:aa:1d:a4:0c:9a:5a:a0:4c:49:1d:e3:81:4e:a5:ab:
a7:76:6c:9c:c7:09:ce:3f:3b:65:96:da:b4:99:6e:15:18:cb:
c9:1c:30:45:dd:81:96:2f:ba:6a:1b:0f:f9:63:e9:c8:1b:20:
08:de:ba:c9:0b:b1:e4:03:0e:02:8e:8d:dd:bb:d2:58:18:14:
c2:ae:d4:d4:65:60:c0:51:8b:be:67:cd:ce:52:bb:a6:97:1f:
9e:7d:9f:5e:48:c0:14:22:66:55:d7:48:4c:03:7e:ca:58:c1:
ed:6c:4a:52:9b:c7:f0:d1:ad:30:c6:c0:8a:92:22:34:d6:f6:
c7:f9:70:74:1c:4f:6e:7b:86:c0:eb:2a:2d:0a:c8:bd:13:10:
e5:68:4b:73:26:c6:2d:dd:f4:ab:8a:1c:28:65:1d:48:bc:97:
e7:90:8e:95:90:cf:9e:85:0f:1c:f1:de:ce:f7:07:fe:ef:1a:
1b:9e:08:5d:41:2f:c1:87:23:fb:77:4d:3b:8b:3b:7c:75:e7:
3a:15:d3:b6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQeNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDM0MzU5WhcNMjYwMTAzMDM0MzU5WjAYMRYw
FAYDVQQDEw02Nzg3MmYwMy0yMDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6Thmt0ktKehDCyV6KXxiEt0g7IM88cZjm7NCNCwvLJJFjIFgYJfFA+/G
Fhdo4RtEnlPLbiScdt4J+UUV/FShERKwaUaL/tnw/pfIGC7PZ/s4DzmzeVTXbjDm
NOV3yhkkSjF+4cEQDkbTJzNL0zxH6k8qnpGhitlGLoE7UjIZZsDh5DIjRquyT/mg
9DXuZhJLGqe2YNgfdDksMgl5WmHuM0jweaQ4/nIZOe9yPiipJtxfziKJrj2w7Y3H
CIYF4dMwlyx+IZm7tB4obDV/l0p0KU3F73f7Uk3W6ObvtgKFyPa+xnUxowcFV4LD
mSIXwiMynx+fIy2J3ft8+r3NMkbkfQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEYn
MF4iF5QRjyHQA7mvhMTTcp87MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNjM3REYzNkQyRjIxMUVGQjk3NDE2NzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdlMA0GCSqGSIb3DQEBCwUA
A4IBAQBdOifuRtl+Df4UFWnxah76JHnBWQl+2qGLIIiCiCu+O+QqP0xcg8MvfFtz
Hn8wOKxIb9GWcM7+qPuqHaQMmlqgTEkd44FOpaundmycxwnOPztlltq0mW4VGMvJ
HDBF3YGWL7pqGw/5Y+nIGyAI3rrJC7HkAw4Cjo3du9JYGBTCrtTUZWDAUYu+Z83O
Urumlx+efZ9eSMAUImZV10hMA37KWMHtbEpSm8fw0a0wxsCKkiI01vbH+XB0HE9u
e4bA6yotCsi9ExDlaEtzJsYt3fSrihwoZR1IvJfnkI6VkM+ehQ8c8d7O9wf+7xob
nghdQS/BhyP7d007izt8dec6FdO2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:05 2025 by rpki-client