Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/7B3EE874FB1511EFA9A6515C762E951A.roa
File: 7B3EE874FB1511EFA9A6515C762E951A.roa (raw, json)
Hash identifier: Ka8hqB5Q7l00OwRIPrmde7SMY4EPHE1LHJnOHtScoUs=
Subject key identifier: 0E:46:A6:76:F7:CE:E0:59:1D:CA:A7:F2:16:80:F2:05:AA:E8:9E:71
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0BFA
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/7B3EE874FB1511EFA9A6515C762E951A.roa
Signing time: Fri 07 Mar 2025 05:31:55 +0000
ROA not before: Fri 07 Mar 2025 05:31:51 +0000
ROA not after: Wed 07 Mar 2035 05:31:51 +0000
asID: 214120
IP address blocks: 192.142.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3066 (0xbfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR
Validity
Not Before: Mar 7 05:31:51 2025 GMT
Not After : Mar 7 05:31:51 2035 GMT
Subject: CN=67ca84cb-f417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0d:e6:ab:83:da:19:c6:a4:ca:9c:2a:44:e1:
5c:0c:6b:dc:96:da:e7:e9:93:44:f1:f6:3c:5f:b9:
c9:2c:80:93:d2:63:aa:d3:32:4f:f4:41:12:be:af:
fd:31:f4:38:fe:49:bc:19:d2:74:39:6b:a1:7b:14:
d7:bd:13:ac:04:e6:bf:0f:11:5f:ff:87:ff:3e:cb:
7c:5c:5f:83:95:d1:1d:0f:5d:dd:e7:36:c0:fe:04:
43:60:2a:03:80:c6:18:5a:93:f1:5a:af:2e:62:c5:
5e:4d:01:b9:a4:b5:91:f4:45:4c:25:3e:68:59:42:
89:26:01:dd:4a:15:c3:20:8e:9d:e2:07:0d:5b:8b:
92:b7:64:80:41:70:7a:31:57:f9:a9:93:cb:83:9c:
6d:23:60:15:cb:4d:73:3c:49:a3:8b:ba:f0:88:8e:
06:9f:56:15:d9:16:5d:94:a1:49:4b:38:59:41:d3:
23:b1:aa:b4:63:fe:36:dd:7a:56:8b:c9:44:19:ac:
7c:25:0b:04:45:31:af:ee:3d:77:9e:91:e4:3d:1a:
30:3e:5d:74:ab:91:a9:0c:50:6b:2c:ad:76:3d:f0:
9e:4d:f0:b5:b0:8f:0d:31:ae:c5:00:81:9c:28:96:
c2:0f:92:35:1f:d8:36:e0:13:1c:d4:bf:63:34:71:
42:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:46:A6:76:F7:CE:E0:59:1D:CA:A7:F2:16:80:F2:05:AA:E8:9E:71
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/7B3EE874FB1511EFA9A6515C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.39.0/24
Signature Algorithm: sha256WithRSAEncryption
01:45:d2:6c:dd:4c:9e:c7:08:52:5e:ac:ca:8a:11:1f:6d:0a:
13:44:ad:7d:2c:fc:83:ea:0d:e1:59:03:7d:cf:e4:1c:66:0c:
5a:25:3d:6e:94:c0:dd:19:49:0c:bd:b3:13:34:6d:e2:86:b0:
35:c3:78:f5:9d:70:21:9f:8f:d9:52:d0:3e:36:53:2e:09:94:
73:60:01:5b:cc:fd:d4:80:bc:a6:6e:b1:09:cf:48:75:b1:ee:
31:c8:c1:c5:44:2b:a7:93:32:28:66:83:e6:d4:a5:cd:57:e5:
10:47:a0:35:f2:46:84:71:e9:70:92:89:b8:5d:3d:41:01:32:
90:07:fc:73:bb:b4:d9:63:74:6f:7e:ca:93:f0:ba:7f:98:95:
5d:28:95:42:98:78:d1:7d:53:b2:5c:38:56:bd:5b:5d:19:4d:
8f:e5:f7:27:48:ba:15:b7:6c:e3:82:ed:0b:ef:d5:78:fc:40:
29:3e:55:f7:0f:7c:24:e5:df:03:fd:9b:a7:ca:0b:3f:a9:30:
b4:cb:fa:e3:25:9a:d8:8d:b9:9a:f3:58:b8:a9:fc:e8:37:44:
11:c8:0d:08:ad:59:6f:0b:10:d7:6b:4d:3d:22:be:c4:f8:e6:
b1:62:40:3f:31:c1:ab:b0:cb:26:e2:2a:ff:57:1d:b8:24:46:
2f:16:1a:f3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC/owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNTAzMDcwNTMxNTFaFw0zNTAzMDcwNTMxNTFaMBgxFjAU
BgNVBAMTDTY3Y2E4NGNiLWY0MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3Dearg9oZxqTKnCpE4VwMa9yW2ufpk0Tx9jxfucksgJPSY6rTMk/0QRK+
r/0x9Dj+SbwZ0nQ5a6F7FNe9E6wE5r8PEV//h/8+y3xcX4OV0R0PXd3nNsD+BENg
KgOAxhhak/Fary5ixV5NAbmktZH0RUwlPmhZQokmAd1KFcMgjp3iBw1bi5K3ZIBB
cHoxV/mpk8uDnG0jYBXLTXM8SaOLuvCIjgafVhXZFl2UoUlLOFlB0yOxqrRj/jbd
elaLyUQZrHwlCwRFMa/uPXeekeQ9GjA+XXSrkakMUGssrXY98J5N8LWwjw0xrsUA
gZwolsIPkjUf2DbgExzUv2M0cUK9AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUDkam
dvfO4FkdyqfyFoDyBaronnEwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4LzdCM0VFODc0RkIxNTExRUZBOUE2NTE1Qzc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjicwDQYJKoZIhvcNAQELBQAD
ggEBAAFF0mzdTJ7HCFJerMqKER9tChNErX0s/IPqDeFZA33P5BxmDFolPW6UwN0Z
SQy9sxM0beKGsDXDePWdcCGfj9lS0D42Uy4JlHNgAVvM/dSAvKZusQnPSHWx7jHI
wcVEK6eTMihmg+bUpc1X5RBHoDXyRoRx6XCSibhdPUEBMpAH/HO7tNljdG9+ypPw
un+YlV0olUKYeNF9U7JcOFa9W10ZTY/l9ydIuhW3bOOC7Qvv1Xj8QCk+VfcPfCTl
3wP9m6fKCz+pMLTL+uMlmtiNuZrzWLip/Og3RBHIDQitWW8LENdrTT0ivsT45rFi
QD8xwauwyybiKv9XHbgkRi8WGvM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:35:45 2025 by rpki-client