Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/88ABBB9003CB11F09EA96E5D762E951A.roa
File: 88ABBB9003CB11F09EA96E5D762E951A.roa (raw, json)
Hash identifier: dIqnGTgUIxtk02FP+nJAtnPQ7bVcLkqmis7J6aCwvg0=
Subject key identifier: C4:D2:A7:D8:1E:28:15:18:AB:F7:B6:6F:2B:4C:97:67:C1:3E:CC:89
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0C25
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/88ABBB9003CB11F09EA96E5D762E951A.roa
Signing time: Tue 18 Mar 2025 07:35:15 +0000
ROA not before: Tue 18 Mar 2025 07:35:12 +0000
ROA not after: Mon 05 Mar 2035 07:35:12 +0000
asID: 36916
IP address blocks: 192.142.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3109 (0xc25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR
Validity
Not Before: Mar 18 07:35:12 2025 GMT
Not After : Mar 5 07:35:12 2035 GMT
Subject: CN=67d92233-fbe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:57:b8:db:e0:40:1a:ee:a6:e2:31:00:70:12:
29:d2:6c:ba:4e:7f:6c:5e:62:45:9f:00:42:83:47:
39:97:a7:49:2c:a1:92:e2:2b:80:0b:a8:18:21:ef:
ec:c3:2f:8a:29:0e:ae:16:cd:9f:ef:5a:56:1e:a1:
6d:48:e7:e4:6c:3b:24:3e:d0:28:84:55:c9:a2:6a:
90:ac:44:ac:b7:f1:aa:b9:5f:dd:cb:5e:52:09:4b:
b7:a9:43:76:47:95:a3:05:7e:1a:cf:f5:1c:82:73:
63:64:c3:89:c5:c6:81:80:3a:4b:14:99:76:a6:0e:
7d:da:7a:a0:92:c1:d2:fc:6e:0b:d4:8a:9d:9e:bf:
c5:fc:06:ae:68:93:d2:71:74:98:85:97:81:29:2e:
72:05:07:ca:f7:63:06:47:b6:39:82:92:55:fd:4d:
47:00:d3:9f:88:1b:0d:f1:17:71:78:c9:a7:69:bf:
e3:a0:6f:13:7f:dd:22:86:99:2c:2b:0f:a0:d6:15:
96:78:38:2c:bb:87:53:0e:74:a9:be:0d:51:23:37:
7b:b2:9c:47:20:d6:56:d2:5f:7c:9d:6f:d2:f7:6c:
cc:66:4e:9d:ca:be:01:29:f2:d0:9d:a4:08:3d:02:
b6:07:22:4d:fe:65:90:e5:bf:da:c3:fe:51:29:58:
98:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D2:A7:D8:1E:28:15:18:AB:F7:B6:6F:2B:4C:97:67:C1:3E:CC:89
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/88ABBB9003CB11F09EA96E5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.173.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:50:f6:e0:f1:11:18:6b:0c:19:fa:91:fd:df:a5:17:6d:ec:
e2:a5:77:03:7e:2c:26:30:54:1d:93:d1:3e:da:7a:00:9d:02:
85:b0:47:e0:db:90:48:9d:10:05:c7:45:66:a8:c3:91:de:13:
33:8e:b2:bd:04:a3:f6:12:22:63:d5:18:96:b8:61:bd:93:1d:
b3:2f:3b:7d:fb:1c:b2:28:b5:07:c4:51:cc:76:98:d4:bc:b6:
3f:e2:92:56:2d:9e:47:a7:35:6e:78:72:40:2c:03:45:2b:bd:
54:5e:61:1a:fc:1b:cf:31:4e:de:90:a7:3f:28:af:f7:ad:aa:
3f:58:4c:41:1d:ae:86:4d:ea:cb:b0:46:8b:04:e7:02:15:32:
2c:1d:fb:4d:17:5a:de:8c:40:56:6d:7e:43:51:19:ed:22:e9:
c2:16:c1:4d:90:c5:33:cc:48:ae:4c:77:11:5c:67:17:5d:39:
d4:42:3f:d8:60:c1:55:73:e5:6c:ac:9d:26:06:d5:b9:30:fe:
f4:20:4e:e5:8d:21:48:4b:16:76:a9:8b:f1:fd:c1:58:75:14:
1b:c5:6d:bc:43:8a:7c:3c:72:7d:ca:48:2d:06:98:4b:cc:3d:
7b:8c:3d:b5:90:19:ff:68:f7:9f:13:b8:a6:b7:5f:d6:3a:e8:
85:8f:b6:6b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDCUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNTAzMTgwNzM1MTJaFw0zNTAzMDUwNzM1MTJaMBgxFjAU
BgNVBAMTDTY3ZDkyMjMzLWZiZTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCzV7jb4EAa7qbiMQBwEinSbLpOf2xeYkWfAEKDRzmXp0ksoZLiK4ALqBgh
7+zDL4opDq4WzZ/vWlYeoW1I5+RsOyQ+0CiEVcmiapCsRKy38aq5X93LXlIJS7ep
Q3ZHlaMFfhrP9RyCc2Nkw4nFxoGAOksUmXamDn3aeqCSwdL8bgvUip2ev8X8Bq5o
k9JxdJiFl4EpLnIFB8r3YwZHtjmCklX9TUcA05+IGw3xF3F4yadpv+OgbxN/3SKG
mSwrD6DWFZZ4OCy7h1MOdKm+DVEjN3uynEcg1lbSX3ydb9L3bMxmTp3KvgEp8tCd
pAg9ArYHIk3+ZZDlv9rD/lEpWJh/AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUxNKn
2B4oFRir97ZvK0yXZ8E+zIkwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4Lzg4QUJCQjkwMDNDQjExRjA5RUE5NkU1RDc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjq0wDQYJKoZIhvcNAQELBQAD
ggEBAHpQ9uDxERhrDBn6kf3fpRdt7OKldwN+LCYwVB2T0T7aegCdAoWwR+DbkEid
EAXHRWaow5HeEzOOsr0Eo/YSImPVGJa4Yb2THbMvO337HLIotQfEUcx2mNS8tj/i
klYtnkenNW54ckAsA0UrvVReYRr8G88xTt6Qpz8or/etqj9YTEEdroZN6suwRosE
5wIVMiwd+00XWt6MQFZtfkNRGe0i6cIWwU2QxTPMSK5MdxFcZxddOdRCP9hgwVVz
5WysnSYG1bkw/vQgTuWNIUhLFnapi/H9wVh1FBvFbbxDinw8cn3KSC0GmEvMPXuM
PbWQGf9o958TuKa3X9Y66IWPtms=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:21:08 2025 by rpki-client