Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A331478CD7411EF8CBF809B762E951A.roa
File: 3A331478CD7411EF8CBF809B762E951A.roa (raw, json)
Hash identifier: IZfPhqCrNyWk/SZXk1xIYGjJemdXs3eTZGEgVbkb82s=
Subject key identifier: 28:F1:B2:A9:7A:8B:E7:AE:F8:37:43:8E:00:84:49:ED:B3:11:07:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFA3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A331478CD7411EF8CBF809B762E951A.roa
Signing time: Wed 08 Jan 2025 03:54:15 +0000
ROA not before: Wed 08 Jan 2025 03:54:11 +0000
ROA not after: Mon 13 Dec 2027 03:54:11 +0000
asID: 17561
IP address blocks: 156.248.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65443 (0xffa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 03:54:11 2025 GMT
Not After : Dec 13 03:54:11 2027 GMT
Subject: CN=677df6e7-f804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:73:89:2f:e3:97:56:70:19:c6:e6:58:7e:c8:
06:fd:9d:c1:60:66:5f:ba:c7:86:4d:58:53:68:18:
b3:73:64:01:17:e0:3c:71:11:6c:99:4f:19:7c:0a:
9a:c3:1a:7a:b5:84:24:1d:0f:3c:61:37:10:d5:5e:
bb:d3:cf:81:56:c6:e5:3f:77:ff:26:da:ad:a5:80:
22:c5:7d:c6:bb:94:6d:7c:47:52:d1:f6:b9:8f:a4:
42:e9:73:4f:d5:5e:22:b9:e6:34:78:f1:40:d0:65:
98:dd:26:a5:61:d6:8b:08:67:1c:f2:b5:85:dc:33:
3e:bd:01:51:ba:a6:0d:ed:78:4c:36:c1:13:5d:26:
b7:7f:56:f8:a3:02:49:3e:72:70:f3:28:09:6e:72:
e7:f7:2c:72:d1:6e:77:f4:f2:78:e2:de:b7:c5:c0:
a9:27:9c:ef:da:b5:29:22:60:ff:34:5c:ad:5c:7e:
95:30:05:64:53:f7:f4:46:3d:02:32:f0:14:aa:c3:
19:f2:68:a3:b8:7e:4c:8c:ac:61:82:ec:72:89:13:
23:c3:ce:34:3e:3f:61:19:8d:17:26:d5:5d:4b:43:
f9:f9:23:22:99:6b:5b:7c:28:e6:8e:5f:57:8c:d7:
43:6e:28:fc:49:6c:ea:e2:0d:bb:f6:50:03:a5:8d:
2c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F1:B2:A9:7A:8B:E7:AE:F8:37:43:8E:00:84:49:ED:B3:11:07:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A331478CD7411EF8CBF809B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.83.0/24
Signature Algorithm: sha256WithRSAEncryption
37:87:25:ae:06:b3:46:c9:de:d7:33:55:fe:c9:24:8c:f4:4e:
61:b1:fa:7f:2b:ce:00:23:f4:33:6d:91:b8:79:0b:30:06:86:
e5:13:17:6c:45:24:7a:68:08:26:47:a9:07:68:12:b4:95:91:
c3:09:96:78:7e:1a:f0:9b:5a:f0:9f:e1:3d:80:71:5e:2b:75:
dd:06:ce:ac:b5:0d:0c:c6:d4:fc:d5:9b:64:6c:a6:2f:e4:ab:
34:ab:a0:b1:7f:a0:58:bb:2f:06:1e:cf:26:ed:8a:59:88:78:
49:e5:05:15:90:ca:2d:1a:5f:69:e7:93:9d:8e:4b:c8:9e:cb:
78:67:54:d7:3c:12:d9:8f:12:95:3f:7b:d4:a7:ad:90:21:9c:
7b:af:9c:5c:82:52:0f:e0:80:09:49:bb:9f:20:4c:60:b1:04:
e4:06:1f:f8:04:f9:02:5c:44:4d:5c:e9:a8:3b:7f:12:fc:18:
30:93:b6:e6:35:74:a9:58:f1:3e:aa:31:40:b7:22:ad:dd:ff:
7a:fe:90:04:7d:67:19:8e:e2:2a:24:b7:25:1f:3d:95:82:87:
e5:6f:ee:41:4c:95:4f:fb:f1:e9:b0:c2:a0:dc:40:19:02:d5:
fb:01:44:f9:92:6f:5d:06:ea:41:ec:14:17:3c:fb:5e:26:ff:
f9:7f:22:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDM1NDExWhcNMjcxMjEzMDM1NDExWjAYMRYw
FAYDVQQDEw02NzdkZjZlNy1mODA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAunOJL+OXVnAZxuZYfsgG/Z3BYGZfuseGTVhTaBizc2QBF+A8cRFsmU8Z
fAqawxp6tYQkHQ88YTcQ1V6708+BVsblP3f/JtqtpYAixX3Gu5RtfEdS0fa5j6RC
6XNP1V4iueY0ePFA0GWY3SalYdaLCGcc8rWF3DM+vQFRuqYN7XhMNsETXSa3f1b4
owJJPnJw8ygJbnLn9yxy0W539PJ44t63xcCpJ5zv2rUpImD/NFytXH6VMAVkU/f0
Rj0CMvAUqsMZ8mijuH5MjKxhguxyiRMjw840Pj9hGY0XJtVdS0P5+SMimWtbfCjm
jl9XjNdDbij8SWzq4g279lADpY0s3QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCjx
sql6i+eu+DdDjgCESe2zEQeRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTMzMTQ3OENENzQxMUVGOENCRjgwOUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhTMA0GCSqGSIb3DQEBCwUA
A4IBAQA3hyWuBrNGyd7XM1X+ySSM9E5hsfp/K84AI/QzbZG4eQswBoblExdsRSR6
aAgmR6kHaBK0lZHDCZZ4fhrwm1rwn+E9gHFeK3XdBs6stQ0MxtT81ZtkbKYv5Ks0
q6Cxf6BYuy8GHs8m7YpZiHhJ5QUVkMotGl9p55OdjkvInst4Z1TXPBLZjxKVP3vU
p62QIZx7r5xcglIP4IAJSbufIExgsQTkBh/4BPkCXERNXOmoO38S/Bgwk7bmNXSp
WPE+qjFAtyKt3f96/pAEfWcZjuIqJLclHz2Vgoflb+5BTJVP+/HpsMKg3EAZAtX7
AUT5km9dBupB7BQXPPteJv/5fyLO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:33 2025 by rpki-client