Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/3BCAA95C03CC11F085A29C61762E951A.roa
File: 3BCAA95C03CC11F085A29C61762E951A.roa (raw, json)
Hash identifier: SMYiFNhpko0Q6ApwtZgAjIFHkp8hoKLF4b7a7FxExeU=
Subject key identifier: 6F:20:AA:E2:D0:AB:FA:84:CE:D0:D4:A5:1F:7B:A6:5F:94:5B:19:64
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0C2F
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/3BCAA95C03CC11F085A29C61762E951A.roa
Signing time: Tue 18 Mar 2025 07:40:16 +0000
ROA not before: Tue 18 Mar 2025 07:40:12 +0000
ROA not after: Wed 14 Mar 2035 07:40:12 +0000
asID: 36916
IP address blocks: 192.142.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3119 (0xc2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR
Validity
Not Before: Mar 18 07:40:12 2025 GMT
Not After : Mar 14 07:40:12 2035 GMT
Subject: CN=67d92360-6e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:09:43:5c:14:bb:71:cb:f3:ab:e1:92:b6:c9:
51:eb:8f:01:63:83:b0:a4:e0:6e:56:61:f5:c0:17:
d7:21:f9:82:6f:1b:66:05:23:25:0d:51:ed:fb:78:
ec:78:75:e4:db:e3:39:a5:a4:49:cb:83:0c:bd:2d:
b6:f0:ae:9e:5d:6d:f3:77:4c:81:ce:ad:f3:57:17:
97:14:22:29:4d:67:c8:33:ce:93:1d:c1:d7:02:25:
6c:0c:ec:82:6d:3c:8d:49:d5:b0:66:bc:90:37:65:
a0:fa:d0:6b:4c:bd:95:8e:51:a9:1d:da:a8:dd:68:
19:e2:37:9b:d2:ae:e6:23:45:c5:44:14:a1:ae:c3:
ab:ce:9a:0d:11:c0:6d:18:90:0d:66:08:c0:51:4c:
31:49:c0:9a:88:9d:42:0b:b0:9c:b7:b4:ff:00:3b:
36:ac:f3:64:b0:cc:7d:a6:08:eb:c0:71:30:dc:5b:
fb:f6:bf:b7:05:e1:06:73:cc:53:23:4c:6a:a7:51:
f4:b1:a4:d7:62:ad:d7:01:3a:1e:3e:d0:b4:82:6f:
60:71:33:c6:b8:cd:2c:ed:99:2f:dd:4f:fe:2d:73:
3d:5b:0c:cf:03:37:0c:23:91:51:bb:00:c2:46:78:
eb:59:91:10:06:2c:24:3c:6c:55:69:08:69:bd:91:
e5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:20:AA:E2:D0:AB:FA:84:CE:D0:D4:A5:1F:7B:A6:5F:94:5B:19:64
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/3BCAA95C03CC11F085A29C61762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.240.0/21
Signature Algorithm: sha256WithRSAEncryption
35:2a:5b:46:59:2e:f2:ad:54:32:20:9b:98:dc:ca:fb:ac:7b:
45:d9:ad:76:1d:d7:bc:69:b6:10:f9:d0:e9:ed:30:05:e0:4d:
d1:d2:8d:86:6c:2a:11:ab:1c:67:2b:a6:93:d3:33:fd:76:56:
a0:77:fc:b0:a9:21:98:84:57:7e:bd:a1:65:8c:be:5a:9c:a4:
56:15:0d:0d:86:01:cd:df:ae:72:76:07:7e:7a:3e:12:9f:49:
19:bb:ad:84:75:91:ee:f2:ea:32:4b:83:f5:54:66:fc:06:3e:
8b:86:00:47:ed:b8:1b:f9:05:49:0e:a5:0f:8a:eb:b2:d4:3a:
70:ee:d6:a8:77:92:72:62:8c:5c:9d:40:97:3b:31:5b:c6:43:
b4:0b:7c:24:2a:c8:60:f6:60:98:ed:bd:e4:6c:83:7c:eb:80:
ef:91:62:57:3e:1a:cf:a5:92:a5:5c:b8:2d:39:88:0a:cb:51:
73:0d:22:ff:a8:20:45:b6:6e:9a:fa:bc:2a:0f:1a:ff:c1:7d:
60:de:b6:29:83:02:d5:91:9e:be:63:46:27:f1:81:74:4a:d7:
24:6d:c6:9b:8e:ee:05:54:d1:1e:91:dc:cf:d9:62:67:5e:b1:
69:3d:5c:a7:05:68:ee:ba:b1:cb:fc:52:a0:e6:b4:c4:93:39:
23:bf:21:d3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDC8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNTAzMTgwNzQwMTJaFw0zNTAzMTQwNzQwMTJaMBgxFjAU
BgNVBAMTDTY3ZDkyMzYwLTZlMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCwCUNcFLtxy/Or4ZK2yVHrjwFjg7Ck4G5WYfXAF9ch+YJvG2YFIyUNUe37
eOx4deTb4zmlpEnLgwy9Lbbwrp5dbfN3TIHOrfNXF5cUIilNZ8gzzpMdwdcCJWwM
7IJtPI1J1bBmvJA3ZaD60GtMvZWOUakd2qjdaBniN5vSruYjRcVEFKGuw6vOmg0R
wG0YkA1mCMBRTDFJwJqInUILsJy3tP8AOzas82SwzH2mCOvAcTDcW/v2v7cF4QZz
zFMjTGqnUfSxpNdirdcBOh4+0LSCb2BxM8a4zSztmS/dT/4tcz1bDM8DNwwjkVG7
AMJGeOtZkRAGLCQ8bFVpCGm9keX1AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUbyCq
4tCr+oTO0NSlH3umX5RbGWQwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzNCQ0FBOTVDMDNDQzExRjA4NUEyOUM2MTc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPAjvAwDQYJKoZIhvcNAQELBQAD
ggEBADUqW0ZZLvKtVDIgm5jcyvuse0XZrXYd17xpthD50OntMAXgTdHSjYZsKhGr
HGcrppPTM/12VqB3/LCpIZiEV369oWWMvlqcpFYVDQ2GAc3frnJ2B356PhKfSRm7
rYR1ke7y6jJLg/VUZvwGPouGAEftuBv5BUkOpQ+K67LUOnDu1qh3knJijFydQJc7
MVvGQ7QLfCQqyGD2YJjtveRsg3zrgO+RYlc+Gs+lkqVcuC05iArLUXMNIv+oIEW2
bpr6vCoPGv/BfWDetimDAtWRnr5jRifxgXRK1yRtxpuO7gVU0R6R3M/ZYmdesWk9
XKcFaO66scv8UqDmtMSTOSO/IdM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:46:58 2025 by rpki-client