Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/6784AB48C67C11EFBD60FB45762E951A.roa
File: 6784AB48C67C11EFBD60FB45762E951A.roa (raw, json)
Hash identifier: xBELZyK+YcNLp3u8NuSZuYf0jhNwVWQ99PaHQ6Uli50=
Subject key identifier: 77:AF:A4:D1:69:0D:63:FB:F6:9B:09:8D:B2:2E:21:62:71:E7:65:3A
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0B7A
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/6784AB48C67C11EFBD60FB45762E951A.roa
Signing time: Mon 30 Dec 2024 07:05:09 +0000
ROA not before: Mon 30 Dec 2024 07:05:05 +0000
ROA not after: Wed 27 Dec 2034 07:05:05 +0000
asID: 214036
IP address blocks: 192.142.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2938 (0xb7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR
Validity
Not Before: Dec 30 07:05:05 2024 GMT
Not After : Dec 27 07:05:05 2034 GMT
Subject: CN=67724625-3878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7a:27:25:02:cb:3a:98:46:61:53:5d:f5:c5:
da:56:67:59:ab:42:6f:bb:22:5e:20:e9:73:1e:10:
5c:e9:73:1c:63:05:b1:7d:0d:0d:23:58:91:b5:67:
86:62:b3:36:20:56:9c:29:bc:78:e1:bb:b9:25:51:
8a:36:43:52:b4:c1:dc:3d:e1:ab:de:ef:a6:d6:f9:
bd:05:e9:ad:5f:ba:9f:07:5c:34:7e:65:c5:3b:77:
79:40:5e:49:af:e5:bc:04:f3:4b:2b:39:78:be:97:
44:41:14:ef:c9:49:6e:d2:42:dd:04:46:3f:9a:fd:
52:3f:fd:85:a1:4a:a2:00:31:96:94:b9:43:ed:88:
1d:ec:da:9a:57:29:e4:42:f2:da:fc:48:2a:ef:73:
1b:70:79:9f:7d:ab:80:46:b9:69:fd:b0:54:e0:13:
aa:84:e7:41:4f:68:e1:4c:02:86:9d:74:4c:2f:3a:
52:cd:f2:62:37:71:ec:0a:a5:84:14:51:ec:47:6e:
d3:6f:f6:8c:ec:67:49:34:f1:38:e8:25:58:b4:10:
00:fd:84:d3:22:b5:48:24:70:fe:aa:29:08:68:3a:
cc:09:a2:bf:5f:ca:2c:09:70:9e:b3:39:13:bc:7f:
ef:d2:5e:b1:7e:f8:3f:3a:b0:a4:0c:49:94:b8:df:
4c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AF:A4:D1:69:0D:63:FB:F6:9B:09:8D:B2:2E:21:62:71:E7:65:3A
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/6784AB48C67C11EFBD60FB45762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.18.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:6d:27:f4:aa:6d:10:26:4c:a6:4e:80:04:4a:13:bc:26:b2:
cd:1c:b6:26:b0:ad:dd:f4:76:3e:60:38:d5:b6:75:fa:54:6d:
3f:d7:20:42:19:44:46:2c:7f:f9:12:59:33:c3:e8:14:4f:43:
5b:6a:ba:4e:72:3d:92:63:66:09:55:8b:b7:11:ea:48:2c:c9:
21:b6:d9:f8:f3:53:ce:3a:51:63:9e:bf:5c:27:96:35:e0:da:
59:04:91:db:93:b8:f8:19:65:03:b5:7f:5b:60:4f:58:66:0a:
54:e0:fb:3a:85:3c:b0:de:26:98:c4:91:51:b2:92:af:f5:a7:
c8:ac:8d:46:f7:4b:cf:b4:85:f5:fb:7d:40:09:58:c1:1e:3e:
15:fc:5b:d5:e8:d4:4e:e2:2a:25:c6:cb:26:81:fc:55:1f:93:
60:b7:8e:33:f3:5e:2e:c9:5c:b7:a9:e8:b6:7b:7f:d8:11:4d:
c3:7e:cf:f8:46:54:d6:1a:58:18:e0:8f:96:95:11:51:70:30:
79:3d:9d:cb:38:89:d0:5f:54:23:dd:91:69:e8:0b:e5:b4:29:
84:e7:cf:d1:5a:3f:d0:5a:b5:97:8f:e5:ca:dd:a6:3d:db:a9:
eb:2c:2e:a4:c1:c6:1a:e5:d0:19:4a:80:07:c6:7e:39:48:45:
7d:2f:bc:6f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC3owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNDEyMzAwNzA1MDVaFw0zNDEyMjcwNzA1MDVaMBgxFjAU
BgNVBAMTDTY3NzI0NjI1LTM4NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDXeiclAss6mEZhU131xdpWZ1mrQm+7Il4g6XMeEFzpcxxjBbF9DQ0jWJG1
Z4ZiszYgVpwpvHjhu7klUYo2Q1K0wdw94ave76bW+b0F6a1fup8HXDR+ZcU7d3lA
Xkmv5bwE80srOXi+l0RBFO/JSW7SQt0ERj+a/VI//YWhSqIAMZaUuUPtiB3s2ppX
KeRC8tr8SCrvcxtweZ99q4BGuWn9sFTgE6qE50FPaOFMAoaddEwvOlLN8mI3cewK
pYQUUexHbtNv9ozsZ0k08TjoJVi0EAD9hNMitUgkcP6qKQhoOswJor9fyiwJcJ6z
ORO8f+/SXrF++D86sKQMSZS430xlAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUd6+k
0WkNY/v2mwmNsi4hYnHnZTowHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzY3ODRBQjQ4QzY3QzExRUZCRDYwRkI0NTc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjhIwDQYJKoZIhvcNAQELBQAD
ggEBAJ9tJ/SqbRAmTKZOgARKE7wmss0ctiawrd30dj5gONW2dfpUbT/XIEIZREYs
f/kSWTPD6BRPQ1tquk5yPZJjZglVi7cR6kgsySG22fjzU846UWOev1wnljXg2lkE
kduTuPgZZQO1f1tgT1hmClTg+zqFPLDeJpjEkVGykq/1p8isjUb3S8+0hfX7fUAJ
WMEePhX8W9Xo1E7iKiXGyyaB/FUfk2C3jjPzXi7JXLep6LZ7f9gRTcN+z/hGVNYa
WBjgj5aVEVFwMHk9ncs4idBfVCPdkWnoC+W0KYTnz9FaP9BatZeP5crdpj3bqess
LqTBxhrl0BlKgAfGfjlIRX0vvG8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:21 2025 by rpki-client