Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/1E7691DC089411F09FCCC5A4762E951A.roa
File: 1E7691DC089411F09FCCC5A4762E951A.roa (raw, json)
Hash identifier: xvxdXKsLKu1xC9TUlNNm9585M9xaAO7fhp6roZFLJkM=
Subject key identifier: 94:C7:B8:FF:7C:52:D5:E4:B3:88:13:27:C8:1A:69:8C:DE:69:85:C6
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0C53
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/1E7691DC089411F09FCCC5A4762E951A.roa
Signing time: Mon 24 Mar 2025 09:41:11 +0000
ROA not before: Mon 24 Mar 2025 09:41:07 +0000
ROA not after: Wed 07 Mar 2035 09:41:07 +0000
asID: 214036
IP address blocks: 192.142.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3155 (0xc53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR
Validity
Not Before: Mar 24 09:41:07 2025 GMT
Not After : Mar 7 09:41:07 2035 GMT
Subject: CN=67e128b7-7fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8a:37:09:9f:46:e2:8a:51:19:47:58:d4:3b:
5d:61:0d:51:26:86:8c:5c:fa:4b:42:76:b7:e2:98:
aa:9d:8c:b9:55:ec:21:b1:b3:c3:5b:ee:2a:9f:79:
e9:12:9b:8a:00:76:ba:ac:5d:ad:5a:d6:4c:3e:af:
42:07:8a:d7:c2:a4:1f:b5:df:3c:ac:13:48:85:56:
ca:4e:58:9a:1f:f7:b9:ac:59:5f:46:76:12:98:45:
ad:ce:ae:78:9a:cc:f7:76:61:7b:22:a8:15:a7:ec:
61:a0:d7:66:da:c2:df:6a:4f:31:1e:18:e9:5f:71:
f2:7b:0e:35:0a:e6:54:55:b0:ff:60:ef:fa:77:8a:
44:bc:89:7c:e6:de:38:f7:80:6f:db:40:af:00:f5:
0e:fe:80:fc:b6:80:70:35:f5:7c:da:6e:b3:fd:7e:
8b:59:02:54:99:de:ce:81:40:82:4c:a7:d9:5d:4e:
06:02:ac:5b:19:61:5b:86:19:84:f2:40:52:e6:dd:
93:5a:66:a7:22:cd:4f:0b:c6:0f:ed:11:78:76:45:
87:9f:1a:32:b2:ca:44:ca:fd:82:78:92:71:14:be:
dd:81:87:52:51:e7:63:32:b6:aa:f7:cf:d9:dc:b0:
6d:bf:61:41:4c:61:19:89:26:af:90:2c:d1:27:36:
65:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C7:B8:FF:7C:52:D5:E4:B3:88:13:27:C8:1A:69:8C:DE:69:85:C6
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/1E7691DC089411F09FCCC5A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.15.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:07:f1:de:b2:0a:4c:8f:f2:26:5f:d9:95:28:aa:2f:c2:92:
0c:6b:bc:8c:ef:1a:6a:29:cf:6f:73:fc:42:75:2c:50:3a:e3:
c6:41:93:38:00:97:2e:ed:68:ba:d5:de:77:3a:07:ac:37:a0:
a9:5a:d3:4a:f6:fd:91:87:33:19:48:06:fe:7b:87:af:35:4e:
5d:2e:f9:25:d3:a6:44:b3:06:15:81:75:55:3f:65:50:72:03:
95:41:cf:14:73:11:ba:4b:0a:3e:2c:87:42:d9:ee:05:4a:d7:
ae:76:83:2a:b9:e6:90:b0:0d:a4:f1:ab:59:7b:e7:8d:71:70:
e6:1e:89:87:81:63:c4:ad:e0:33:e3:80:ff:10:6c:fd:39:f5:
85:5f:bf:73:2b:f6:35:44:31:73:ff:bd:8c:a8:ae:60:cc:4a:
4d:ea:2e:8b:05:e9:35:4e:ec:9b:b4:c1:04:37:ce:e3:0d:12:
55:17:84:4d:e1:39:1c:20:13:ef:85:42:c6:c6:ad:89:9f:bf:
75:10:89:0a:35:de:98:d9:97:d4:a5:03:c1:18:8a:54:41:34:
16:ec:6f:27:d5:4e:6e:9b:02:ca:73:aa:a1:2f:a1:97:93:02:
df:db:21:df:23:d7:76:d1:af:2c:5f:23:10:44:e5:0f:34:ab:
c2:eb:af:4a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDFMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNTAzMjQwOTQxMDdaFw0zNTAzMDcwOTQxMDdaMBgxFjAU
BgNVBAMTDTY3ZTEyOGI3LTdmZDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCYijcJn0biilEZR1jUO11hDVEmhoxc+ktCdrfimKqdjLlV7CGxs8Nb7iqf
eekSm4oAdrqsXa1a1kw+r0IHitfCpB+13zysE0iFVspOWJof97msWV9GdhKYRa3O
rniazPd2YXsiqBWn7GGg12bawt9qTzEeGOlfcfJ7DjUK5lRVsP9g7/p3ikS8iXzm
3jj3gG/bQK8A9Q7+gPy2gHA19XzabrP9fotZAlSZ3s6BQIJMp9ldTgYCrFsZYVuG
GYTyQFLm3ZNaZqcizU8Lxg/tEXh2RYefGjKyykTK/YJ4knEUvt2Bh1JR52Mytqr3
z9ncsG2/YUFMYRmJJq+QLNEnNmWbAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUlMe4
/3xS1eSziBMnyBppjN5phcYwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzFFNzY5MURDMDg5NDExRjA5RkNDQzVBNDc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjg8wDQYJKoZIhvcNAQELBQAD
ggEBAD0H8d6yCkyP8iZf2ZUoqi/CkgxrvIzvGmopz29z/EJ1LFA648ZBkzgAly7t
aLrV3nc6B6w3oKla00r2/ZGHMxlIBv57h681Tl0u+SXTpkSzBhWBdVU/ZVByA5VB
zxRzEbpLCj4sh0LZ7gVK1652gyq55pCwDaTxq1l7541xcOYeiYeBY8St4DPjgP8Q
bP059YVfv3Mr9jVEMXP/vYyormDMSk3qLosF6TVO7Ju0wQQ3zuMNElUXhE3hORwg
E++FQsbGrYmfv3UQiQo13pjZl9SlA8EYilRBNBbsbyfVTm6bAspzqqEvoZeTAt/b
Id8j13bRryxfIxBE5Q80q8Lrr0o=
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:20:03 2025 by rpki-client