Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A33DE0ACD5E11EF98552C7C762E951A.roa
File: 3A33DE0ACD5E11EF98552C7C762E951A.roa (raw, json)
Hash identifier: i0Wz9WP1DCxoI7z9QdW1Trl+OvG/NAxA+kREN4qJi0g=
Subject key identifier: 3F:40:11:EE:6A:EE:73:6C:C5:AC:9C:1E:30:AB:D5:47:A4:66:2E:56
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FF1D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A33DE0ACD5E11EF98552C7C762E951A.roa
Signing time: Wed 08 Jan 2025 01:16:46 +0000
ROA not before: Wed 08 Jan 2025 01:16:42 +0000
ROA not after: Sat 13 Dec 2025 01:16:42 +0000
asID: 984
IP address blocks: 156.247.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65309 (0xff1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 01:16:42 2025 GMT
Not After : Dec 13 01:16:42 2025 GMT
Subject: CN=677dd1fe-9f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:60:8a:95:c4:af:43:b5:4e:b9:f9:d1:cb:95:
15:ca:c4:81:8a:a6:26:6e:cc:a0:b3:12:66:ef:92:
e7:32:99:ee:fa:20:15:38:98:00:83:96:f3:92:f1:
99:06:76:57:63:31:97:87:99:23:12:d6:f8:c6:6c:
ec:15:d3:9e:41:04:36:b1:b4:84:11:17:2c:75:d0:
87:26:db:37:95:8e:31:44:35:00:53:0b:96:2a:2e:
13:b2:e5:50:45:2f:8d:ef:51:d9:1f:3f:32:a7:e3:
da:d0:19:5c:0d:d3:ad:e1:d1:7f:fa:31:c1:8a:f4:
71:e1:18:43:1b:40:64:35:02:e0:21:ed:7f:e8:6c:
34:76:74:85:0a:ce:e9:f3:50:f1:49:74:39:b7:52:
05:a8:24:ee:b2:f3:8c:1b:21:bf:64:e5:7b:05:a0:
89:98:eb:52:9a:81:2f:55:a6:61:ce:74:61:8f:47:
61:92:8a:3d:28:82:13:03:8a:f9:e7:6b:34:98:ac:
96:cc:e0:14:79:e0:09:69:4f:e9:cc:b9:8c:d4:1f:
e6:5b:d5:e3:ad:e9:cc:60:55:f8:ad:a1:f4:ea:eb:
ab:26:89:0d:7c:f1:e1:b0:d5:be:74:09:65:51:56:
97:a7:90:f5:63:f4:f3:3f:ef:46:b9:fb:41:e6:7c:
9d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:40:11:EE:6A:EE:73:6C:C5:AC:9C:1E:30:AB:D5:47:A4:66:2E:56
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A33DE0ACD5E11EF98552C7C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.86.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:75:45:6d:c8:90:13:15:0e:69:28:fc:13:a6:ee:ec:fd:82:
3e:31:fd:8f:bc:09:e4:c9:75:8e:23:0c:7f:6f:ed:d6:9c:b9:
d8:dc:db:7d:39:1b:c8:07:cc:86:8f:4d:7f:9b:11:81:4e:0d:
77:ab:74:3b:df:8c:5d:c0:ac:87:94:50:18:70:80:10:9a:4f:
86:84:00:5c:b7:cb:bd:17:cc:b2:bb:10:97:a9:6f:30:01:ac:
c9:01:4b:f6:82:ca:79:5d:64:6b:fa:ac:f7:fb:32:fd:01:a2:
38:f6:fb:88:14:83:df:c7:95:c2:a3:0f:b5:6c:61:df:62:c1:
c0:f4:b4:88:f8:fe:81:e6:51:03:57:6f:6d:44:0c:8e:bc:63:
dd:24:a4:81:b1:c2:50:23:67:11:f6:37:c0:eb:90:08:c5:83:
05:d1:5e:2e:e4:11:cd:e5:d7:b0:8b:ee:e0:7e:8d:9b:92:1f:
a3:06:31:af:c9:54:43:8f:30:2c:3f:f8:22:2a:18:2c:62:dd:
65:94:34:de:0c:7d:dc:4f:9b:4f:aa:b8:a0:20:ff:00:f1:cf:
09:27:3e:45:65:fc:9d:fd:b6:a2:7d:85:e2:f4:83:a5:4c:93:
7d:53:ce:9c:58:64:5a:7b:9d:33:9c:0e:4b:51:d3:e1:00:8b:
d8:81:1c:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP8dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDExNjQyWhcNMjUxMjEzMDExNjQyWjAYMRYw
FAYDVQQDEw02NzdkZDFmZS05ZjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv2CKlcSvQ7VOufnRy5UVysSBiqYmbsygsxJm75LnMpnu+iAVOJgAg5bz
kvGZBnZXYzGXh5kjEtb4xmzsFdOeQQQ2sbSEERcsddCHJts3lY4xRDUAUwuWKi4T
suVQRS+N71HZHz8yp+Pa0BlcDdOt4dF/+jHBivRx4RhDG0BkNQLgIe1/6Gw0dnSF
Cs7p81DxSXQ5t1IFqCTusvOMGyG/ZOV7BaCJmOtSmoEvVaZhznRhj0dhkoo9KIIT
A4r552s0mKyWzOAUeeAJaU/pzLmM1B/mW9XjrenMYFX4raH06uurJokNfPHhsNW+
dAllUVaXp5D1Y/TzP+9GuftB5nydpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD9A
Ee5q7nNsxaycHjCr1UekZi5WMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTMzREUwQUNENUUxMUVGOTg1NTJDN0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPdWMA0GCSqGSIb3DQEBCwUA
A4IBAQAddUVtyJATFQ5pKPwTpu7s/YI+Mf2PvAnkyXWOIwx/b+3WnLnY3Nt9ORvI
B8yGj01/mxGBTg13q3Q734xdwKyHlFAYcIAQmk+GhABct8u9F8yyuxCXqW8wAazJ
AUv2gsp5XWRr+qz3+zL9AaI49vuIFIPfx5XCow+1bGHfYsHA9LSI+P6B5lEDV29t
RAyOvGPdJKSBscJQI2cR9jfA65AIxYMF0V4u5BHN5dewi+7gfo2bkh+jBjGvyVRD
jzAsP/giKhgsYt1llDTeDH3cT5tPqrigIP8A8c8JJz5FZfyd/baifYXi9IOlTJN9
U86cWGRae50znA5LUdPhAIvYgRwh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:45 2025 by rpki-client