Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3280476AC94511EFB598306F762E951A.roa
File: 3280476AC94511EFB598306F762E951A.roa (raw, json)
Hash identifier: RPT5m7jznxsQCjUMxvOODZ51NIdNcNdIzmj3uir9SE4=
Subject key identifier: 6E:0E:0E:49:FA:83:A5:C4:AC:10:50:C5:2C:39:27:E1:03:72:13:7D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F356
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3280476AC94511EFB598306F762E951A.roa
Signing time: Thu 02 Jan 2025 20:07:31 +0000
ROA not before: Thu 02 Jan 2025 20:07:27 +0000
ROA not after: Sat 13 Dec 2025 20:07:27 +0000
asID: 984
IP address blocks: 156.225.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62294 (0xf356)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:07:27 2025 GMT
Not After : Dec 13 20:07:27 2025 GMT
Subject: CN=6776f203-4b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5a:23:ae:4c:2e:48:ab:cd:dd:ab:2e:50:e7:
f9:1f:72:d7:e3:2a:75:cc:1f:d5:f7:ac:ed:94:f7:
cd:10:57:c8:ed:d7:c7:50:a8:a8:b1:3b:6e:7b:15:
d9:3c:95:c5:fb:f7:c4:3c:c3:9e:50:c7:a9:b9:e7:
96:04:cf:27:d4:25:e2:91:12:d9:47:d8:08:9c:52:
af:2c:8f:03:bf:d7:09:1a:0a:e8:27:be:b3:6a:22:
b7:ab:b8:76:84:3e:de:37:72:87:d0:32:42:a2:41:
c7:fe:f3:e6:84:64:fc:31:54:0b:4f:6c:97:a4:e8:
85:2e:87:8b:47:5d:ce:2e:3d:b0:eb:a0:4b:0c:4e:
46:68:c5:70:0e:8c:b0:0c:e1:56:14:11:d9:ca:59:
88:9e:4e:23:f0:c3:4f:ac:3d:e7:bd:c0:51:68:7d:
0c:3e:64:4b:0f:6e:39:c4:81:6d:57:52:fc:ee:5a:
b6:98:b5:66:24:51:39:0d:25:50:ed:7b:e0:02:da:
18:2a:34:44:cb:f4:9b:3d:7e:b1:e0:eb:96:68:41:
bd:3a:4f:a9:a4:aa:78:b1:90:f6:ef:e7:39:92:9a:
a3:6f:19:fe:ad:00:31:67:b2:46:ee:ba:93:5e:db:
eb:ba:be:72:62:8e:37:5b:9b:90:c9:7e:d2:73:32:
00:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:0E:0E:49:FA:83:A5:C4:AC:10:50:C5:2C:39:27:E1:03:72:13:7D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3280476AC94511EFB598306F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.38.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:a3:c2:d7:8b:9e:69:79:1e:0f:14:da:d7:86:95:9a:36:bd:
53:75:f5:8a:9d:bf:ba:cc:fe:0e:a4:6d:be:d2:70:89:40:fc:
66:e3:2e:72:2d:c8:1a:56:c6:76:aa:af:d3:38:ca:81:77:72:
1b:78:8e:a0:48:be:2f:09:69:98:a2:67:74:51:77:63:e4:70:
a6:f2:4c:10:34:89:34:13:9e:64:2a:5c:4f:52:ea:e1:5a:1d:
f5:24:2c:7c:bc:07:3d:01:65:83:59:cb:ae:82:59:3b:52:8e:
ba:f9:68:a1:74:07:b9:63:53:d8:3b:3f:43:84:63:ce:91:3c:
13:c4:60:cc:11:ee:dd:6b:c8:10:90:82:49:0b:d5:d4:90:ed:
98:96:58:b5:62:a0:32:e9:57:d2:4f:b9:e1:f4:0e:91:c2:ce:
15:35:b9:41:f3:0f:9f:31:46:c8:40:c0:4e:41:0a:3e:73:4d:
15:2f:0f:a4:89:42:08:bc:56:e7:6f:08:a9:5a:91:99:4f:b4:
19:69:a0:b3:53:48:c0:56:8f:db:3c:53:d4:b1:e5:f4:13:af:
b0:31:e2:05:38:6c:44:75:86:29:14:c9:30:11:6c:aa:15:68:
13:38:83:3d:31:31:02:df:9c:1d:38:76:cc:b5:99:33:d3:b3:
59:69:fc:bf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPNWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjAwNzI3WhcNMjUxMjEzMjAwNzI3WjAYMRYw
FAYDVQQDEw02Nzc2ZjIwMy00YjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwVojrkwuSKvN3asuUOf5H3LX4yp1zB/V96ztlPfNEFfI7dfHUKiosTtu
exXZPJXF+/fEPMOeUMepueeWBM8n1CXikRLZR9gInFKvLI8Dv9cJGgroJ76zaiK3
q7h2hD7eN3KH0DJCokHH/vPmhGT8MVQLT2yXpOiFLoeLR13OLj2w66BLDE5GaMVw
DoywDOFWFBHZylmInk4j8MNPrD3nvcBRaH0MPmRLD245xIFtV1L87lq2mLVmJFE5
DSVQ7XvgAtoYKjREy/SbPX6x4OuWaEG9Ok+ppKp4sZD27+c5kpqjbxn+rQAxZ7JG
7rqTXtvrur5yYo43W5uQyX7SczIAtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG4O
Dkn6g6XErBBQxSw5J+EDchN9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMjgwNDc2QUM5NDUxMUVGQjU5ODMwNkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEmMA0GCSqGSIb3DQEBCwUA
A4IBAQCfo8LXi55peR4PFNrXhpWaNr1TdfWKnb+6zP4OpG2+0nCJQPxm4y5yLcga
VsZ2qq/TOMqBd3IbeI6gSL4vCWmYomd0UXdj5HCm8kwQNIk0E55kKlxPUurhWh31
JCx8vAc9AWWDWcuuglk7Uo66+WihdAe5Y1PYOz9DhGPOkTwTxGDMEe7da8gQkIJJ
C9XUkO2Ylli1YqAy6VfST7nh9A6Rws4VNblB8w+fMUbIQMBOQQo+c00VLw+kiUII
vFbnbwipWpGZT7QZaaCzU0jAVo/bPFPUseX0E6+wMeIFOGxEdYYpFMkwEWyqFWgT
OIM9MTEC35wdOHbMtZkz07NZafy/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:44 2025 by rpki-client