Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A513528CAD311EF8C6A4553762E951A.roa
File: 3A513528CAD311EF8C6A4553762E951A.roa (raw, json)
Hash identifier: /tuhgxNhYJ+q2SWF5km+rYmCi+XdwxdXFUXyUPe5t5s=
Subject key identifier: 84:08:77:BB:3D:7B:D7:67:BB:E0:BB:CA:7E:A2:DE:85:D6:44:13:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F786
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A513528CAD311EF8C6A4553762E951A.roa
Signing time: Sat 04 Jan 2025 19:36:44 +0000
ROA not before: Sun 05 Jan 2025 19:36:40 +0000
ROA not after: Sun 09 Feb 2025 19:36:40 +0000
asID: 11404
IP address blocks: 156.237.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63366 (0xf786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 19:36:40 2025 GMT
Not After : Feb 9 19:36:40 2025 GMT
Subject: CN=67798dcc-b1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:74:49:6b:a6:73:39:69:a7:8a:b1:84:f6:69:
f2:bc:8d:2e:3a:67:8e:8b:9a:74:99:a6:2f:a3:c3:
32:4d:2f:7d:5b:9f:26:1e:d2:5c:47:32:51:b9:1d:
b8:7a:1f:74:a7:2d:92:b4:e6:20:28:74:2c:3e:3a:
9e:be:4b:49:b5:fd:a9:3c:60:24:bc:2f:b2:43:14:
5f:59:f1:0b:3f:94:ed:be:97:52:d0:e7:fa:98:c8:
9e:e9:be:62:e4:7d:b4:18:2b:85:0a:b2:83:db:bb:
cc:39:bb:e5:75:29:24:00:e8:d5:fb:69:67:1a:f2:
1f:08:66:c4:d1:ee:ef:07:91:80:a0:3a:9a:87:06:
09:5f:fa:bb:b7:8e:b9:c2:c3:47:cb:cd:51:ce:05:
7e:07:ad:78:9e:f0:57:1d:cf:7b:03:10:cd:e0:a6:
24:68:14:fc:c7:c9:94:69:83:09:d4:37:c5:df:0c:
1d:67:7a:f8:f0:8e:3b:11:8a:1f:56:fd:5f:dc:8d:
15:d8:b7:2f:78:5c:3d:8e:ef:3d:49:c8:9d:1f:49:
d6:d6:8f:dd:8b:f6:dc:b5:0c:b8:58:22:b1:01:f2:
0b:fd:5c:36:35:28:cb:0c:86:22:38:48:ae:94:0b:
dc:49:52:db:c8:ad:ca:02:34:3d:04:5d:a2:cf:1c:
c7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:08:77:BB:3D:7B:D7:67:BB:E0:BB:CA:7E:A2:DE:85:D6:44:13:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A513528CAD311EF8C6A4553762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.32.0/19
Signature Algorithm: sha256WithRSAEncryption
18:3e:68:63:b8:92:6d:8f:f5:d0:d8:1d:24:5d:9e:4e:c8:c2:
5d:b9:63:63:27:cc:6f:31:42:38:5f:76:86:f2:e4:89:e8:00:
f8:91:14:34:39:48:75:24:ab:63:ad:d1:a2:c9:39:58:cb:9b:
d4:43:5c:1b:f8:f3:c0:d6:25:9a:22:c0:3b:6e:16:57:14:ea:
19:7c:24:15:a7:71:a4:f3:fa:c0:85:1a:1d:0e:01:66:08:3e:
5e:54:2a:de:db:af:46:90:3a:2f:1b:ed:9d:0c:7a:d3:c9:35:
0e:5f:57:c5:1d:a5:f8:e1:20:d7:be:94:76:66:a2:58:fb:9b:
e1:05:7a:08:0c:84:c8:1a:78:ca:66:1d:06:b3:e7:64:16:9d:
63:01:cc:6e:85:fe:83:4d:75:78:8e:6c:41:8e:0e:45:26:52:
3b:d3:79:f9:84:f8:72:23:44:be:b3:d9:3e:08:86:4e:2d:3b:
8e:b3:aa:e3:ab:4e:af:e9:08:99:a5:6b:18:6b:17:96:24:ee:
ac:42:77:f1:49:ae:23:0f:c8:2b:76:0f:96:70:de:3f:c2:8f:
46:e8:1c:fb:47:81:a3:25:1b:64:15:c6:65:58:6f:5a:0f:5a:
0f:c4:69:44:ad:d1:07:b6:dd:76:f1:32:72:aa:31:6b:14:12:
a2:35:a3:3b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTkzNjQwWhcNMjUwMjA5MTkzNjQwWjAYMRYw
FAYDVQQDEw02Nzc5OGRjYy1iMWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwHRJa6ZzOWmnirGE9mnyvI0uOmeOi5p0maYvo8MyTS99W58mHtJcRzJR
uR24eh90py2StOYgKHQsPjqevktJtf2pPGAkvC+yQxRfWfELP5TtvpdS0Of6mMie
6b5i5H20GCuFCrKD27vMObvldSkkAOjV+2lnGvIfCGbE0e7vB5GAoDqahwYJX/q7
t465wsNHy81RzgV+B614nvBXHc97AxDN4KYkaBT8x8mUaYMJ1DfF3wwdZ3r48I47
EYofVv1f3I0V2LcveFw9ju89ScidH0nW1o/di/bctQy4WCKxAfIL/Vw2NSjLDIYi
OEiulAvcSVLbyK3KAjQ9BF2izxzHcwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIQI
d7s9e9dnu+C7yn6i3oXWRBMOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTUxMzUyOENBRDMxMUVGOEM2QTQ1NTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO0gMA0GCSqGSIb3DQEBCwUA
A4IBAQAYPmhjuJJtj/XQ2B0kXZ5OyMJduWNjJ8xvMUI4X3aG8uSJ6AD4kRQ0OUh1
JKtjrdGiyTlYy5vUQ1wb+PPA1iWaIsA7bhZXFOoZfCQVp3Gk8/rAhRodDgFmCD5e
VCre269GkDovG+2dDHrTyTUOX1fFHaX44SDXvpR2ZqJY+5vhBXoIDITIGnjKZh0G
s+dkFp1jAcxuhf6DTXV4jmxBjg5FJlI703n5hPhyI0S+s9k+CIZOLTuOs6rjq06v
6QiZpWsYaxeWJO6sQnfxSa4jD8grdg+WcN4/wo9G6Bz7R4GjJRtkFcZlWG9aD1oP
xGlErdEHtt128TJyqjFrFBKiNaM7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:10 2025 by rpki-client