Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03B3D0C4CD9F11EF8996C6A8762E951A.roa
File: 03B3D0C4CD9F11EF8996C6A8762E951A.roa (raw, json)
Hash identifier: BwDoCoB4ry5jplJHT6W34Fl9/7McGsADNoVcxjUT4eI=
Subject key identifier: 0C:83:26:CA:59:B4:6A:02:7A:54:25:47:A3:AD:80:D9:95:B9:57:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100B9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03B3D0C4CD9F11EF8996C6A8762E951A.roa
Signing time: Wed 08 Jan 2025 09:00:32 +0000
ROA not before: Wed 08 Jan 2025 09:00:28 +0000
ROA not after: Mon 13 Dec 2027 09:00:28 +0000
asID: 17561
IP address blocks: 156.252.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65721 (0x100b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:00:28 2025 GMT
Not After : Dec 13 09:00:28 2027 GMT
Subject: CN=677e3eb0-f705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7d:48:9e:7d:9b:80:2f:52:92:88:35:c5:47:
e4:40:8d:36:8e:df:60:b4:f1:db:1f:9b:ac:73:ee:
da:b0:bf:40:57:69:dd:b8:82:73:65:e4:3d:62:43:
77:49:7f:3f:4b:97:aa:05:8f:91:d6:0c:b3:9c:e5:
5c:79:bc:96:8f:b9:89:6b:3b:aa:10:e2:c3:a2:96:
f3:d9:3b:60:a9:28:ec:b8:2a:d3:2f:55:e8:2c:8f:
0e:15:04:8e:d7:ca:51:11:09:30:5f:be:3d:1f:a5:
97:ac:3a:16:a3:cc:7e:10:34:f5:29:75:69:ee:7a:
56:22:38:e3:cf:24:76:c9:83:30:41:a8:9d:77:bd:
d3:8e:24:48:a1:48:46:b3:cc:b8:3a:84:2e:cf:75:
73:6c:b8:f8:5f:54:5b:9c:c0:f3:1d:94:02:16:be:
d6:61:e0:66:ce:c0:35:0c:b6:a6:9e:9f:b5:c8:03:
ff:60:a4:94:2f:00:6b:54:1d:d5:77:d9:d5:1b:f7:
c9:cb:7b:42:b0:01:f4:2f:58:82:27:93:52:90:91:
5f:c7:59:65:f7:25:b5:e2:b8:b7:85:56:73:1a:39:
d1:13:34:b5:a4:21:0b:8a:71:01:aa:c3:8a:3d:0f:
f6:32:74:65:20:ac:4d:95:44:e3:c6:8a:5e:4c:98:
4e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:83:26:CA:59:B4:6A:02:7A:54:25:47:A3:AD:80:D9:95:B9:57:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/03B3D0C4CD9F11EF8996C6A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.63.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:9c:6b:5f:0c:08:1c:6a:79:3c:cb:b8:84:67:32:10:b8:c1:
63:b1:15:88:6c:08:a7:9d:f3:7a:2f:05:8a:68:f1:cf:d7:45:
ce:8a:51:c0:5f:99:b7:72:65:68:39:36:29:d0:90:02:7a:f0:
cd:ee:49:d0:22:c6:be:64:fa:ee:c7:0f:50:67:0c:e9:58:19:
70:02:46:c9:1d:ab:e0:d0:46:16:0a:4d:3d:1d:11:2a:5a:91:
f6:98:19:3e:fc:68:24:83:e4:7b:aa:88:12:1d:f2:9c:66:2b:
18:bf:07:12:1e:b2:f9:2d:ac:15:1b:5d:62:eb:2f:71:04:ef:
28:66:6c:6b:36:54:24:d0:95:ee:d7:7b:ca:c5:04:93:98:50:
74:a4:70:18:44:ee:02:dd:45:57:92:c2:db:67:f5:58:0e:50:
b9:5e:47:9c:ac:10:80:1b:03:56:a6:18:f8:56:e0:bc:5f:e9:
b0:d8:64:f0:e4:77:f7:b0:a2:d7:fc:98:93:fc:83:7c:0f:48:
c5:2e:c4:25:b9:4b:03:69:32:6e:fa:1e:c3:94:9d:2a:d0:29:
21:07:52:14:e9:6a:7d:de:3c:82:e4:7f:7f:cf:01:39:bd:55:
45:5d:44:ba:dd:4a:fa:83:01:dc:09:ca:a1:4d:f0:d4:25:68:
c4:48:d0:d7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQC5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkwMDI4WhcNMjcxMjEzMDkwMDI4WjAYMRYw
FAYDVQQDEw02NzdlM2ViMC1mNzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3n1Inn2bgC9Skog1xUfkQI02jt9gtPHbH5usc+7asL9AV2nduIJzZeQ9
YkN3SX8/S5eqBY+R1gyznOVcebyWj7mJazuqEOLDopbz2TtgqSjsuCrTL1XoLI8O
FQSO18pREQkwX749H6WXrDoWo8x+EDT1KXVp7npWIjjjzyR2yYMwQaidd73TjiRI
oUhGs8y4OoQuz3VzbLj4X1RbnMDzHZQCFr7WYeBmzsA1DLamnp+1yAP/YKSULwBr
VB3Vd9nVG/fJy3tCsAH0L1iCJ5NSkJFfx1ll9yW14ri3hVZzGjnREzS1pCELinEB
qsOKPQ/2MnRlIKxNlUTjxopeTJhOVQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAyD
JspZtGoCelQlR6OtgNmVuVcGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wM0IzRDBDNENEOUYxMUVGODk5NkM2QTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPw/MA0GCSqGSIb3DQEBCwUA
A4IBAQAunGtfDAgcank8y7iEZzIQuMFjsRWIbAinnfN6LwWKaPHP10XOilHAX5m3
cmVoOTYp0JACevDN7knQIsa+ZPruxw9QZwzpWBlwAkbJHavg0EYWCk09HREqWpH2
mBk+/Ggkg+R7qogSHfKcZisYvwcSHrL5LawVG11i6y9xBO8oZmxrNlQk0JXu13vK
xQSTmFB0pHAYRO4C3UVXksLbZ/VYDlC5XkecrBCAGwNWphj4VuC8X+mw2GTw5Hf3
sKLX/JiT/IN8D0jFLsQluUsDaTJu+h7DlJ0q0CkhB1IU6Wp93jyC5H9/zwE5vVVF
XUS63Ur6gwHcCcqhTfDUJWjESNDX
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:27 2025 by rpki-client