Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AAD3394C94A11EFA707148F762E951A.roa
File: 3AAD3394C94A11EFA707148F762E951A.roa (raw, json)
Hash identifier: n9l8vK7EvVborX37YggZxr+yU/qFnmVzrotSfmY4Ejc=
Subject key identifier: 03:7B:6D:2C:FF:6B:60:E3:94:BD:16:B2:2E:31:9D:70:2B:1B:DA:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F386
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AAD3394C94A11EFA707148F762E951A.roa
Signing time: Thu 02 Jan 2025 20:43:32 +0000
ROA not before: Thu 02 Jan 2025 20:43:28 +0000
ROA not after: Mon 13 Dec 2027 20:43:28 +0000
asID: 17561
IP address blocks: 156.225.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62342 (0xf386)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:43:28 2025 GMT
Not After : Dec 13 20:43:28 2027 GMT
Subject: CN=6776fa74-f400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:50:62:81:34:c7:bd:47:55:14:31:4c:8a:6f:
b8:cf:71:63:e7:94:e8:3a:f6:04:fa:34:91:7e:a1:
3d:3e:1a:d4:f4:8d:4c:64:82:e7:44:f6:88:82:fe:
bb:72:59:3e:63:95:ab:12:1f:ed:fc:07:86:5b:75:
3a:32:a6:88:6b:78:de:28:e1:f1:3b:92:89:40:2f:
bd:2d:d7:59:fa:8d:75:93:bd:19:9e:9c:20:04:da:
53:98:ad:e1:b1:91:4a:a0:74:f3:04:3c:38:50:be:
73:c4:f4:af:91:61:b3:30:05:36:ab:ac:75:17:6f:
b0:9c:5e:c8:b8:13:81:95:5d:b5:ab:f9:04:61:bb:
10:1d:52:21:35:37:41:98:6c:fe:c9:d1:4a:c9:d1:
9c:69:50:39:81:a4:ac:2a:b3:d2:4b:b4:b1:2d:e9:
9a:22:c7:7c:d7:c6:bd:d3:fb:4c:32:af:e1:12:ea:
5a:54:a9:df:cf:b1:e4:17:e8:7c:15:72:3a:fb:d4:
7c:0e:88:5d:94:29:68:18:c7:8a:07:58:ed:99:b5:
62:5e:76:04:ef:5f:70:c9:8b:5c:02:aa:7d:eb:96:
a0:41:00:27:ba:a0:9f:eb:85:43:5a:c9:27:8c:2f:
70:6b:50:48:f4:45:c9:93:e4:92:6c:c9:82:9e:fc:
b7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7B:6D:2C:FF:6B:60:E3:94:BD:16:B2:2E:31:9D:70:2B:1B:DA:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AAD3394C94A11EFA707148F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.63.0/24
Signature Algorithm: sha256WithRSAEncryption
14:06:a6:01:62:1f:9d:7c:c7:e7:01:7f:6a:4b:49:ae:af:58:
0c:a1:8e:07:c4:2f:2d:e1:77:72:f5:81:d2:7b:8d:d1:8e:ad:
c6:c2:b0:77:fa:85:9a:c3:06:b2:22:b3:78:36:51:d6:91:74:
92:25:76:98:c4:07:4c:67:c8:81:e4:03:3a:48:06:c1:46:c9:
ad:f8:bf:3f:e9:fc:f0:57:00:60:2a:2f:e0:cc:f5:53:81:ef:
ed:54:36:62:e6:f2:81:7e:bb:34:0e:90:05:53:98:6a:62:4a:
2a:56:cb:da:b3:95:55:fb:c8:a8:9d:9c:9e:a4:d5:24:67:ed:
cd:fd:1f:60:ae:e6:87:84:ce:f1:71:53:a2:20:3a:57:a0:b3:
ce:34:f5:a1:44:27:54:0b:c3:5d:24:05:ff:f5:79:03:96:04:
71:e4:33:e3:b6:a5:b3:13:29:89:d0:22:6e:97:f8:b2:4a:fe:
68:76:37:60:7d:e1:e8:c6:e8:ab:5b:84:de:39:90:50:d1:93:
16:67:99:8d:9f:ff:ec:c0:ed:cb:43:41:2f:76:15:0d:51:3d:
c8:a8:95:08:b3:0d:54:b6:28:e0:9f:7a:5f:f2:87:10:e6:64:
ed:f6:3f:b6:c8:a8:f2:97:f0:49:b3:01:b8:4d:52:56:f1:b6:
c1:a3:17:c1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPOGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjA0MzI4WhcNMjcxMjEzMjA0MzI4WjAYMRYw
FAYDVQQDEw02Nzc2ZmE3NC1mNDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs1BigTTHvUdVFDFMim+4z3Fj55ToOvYE+jSRfqE9PhrU9I1MZILnRPaI
gv67clk+Y5WrEh/t/AeGW3U6MqaIa3jeKOHxO5KJQC+9LddZ+o11k70ZnpwgBNpT
mK3hsZFKoHTzBDw4UL5zxPSvkWGzMAU2q6x1F2+wnF7IuBOBlV21q/kEYbsQHVIh
NTdBmGz+ydFKydGcaVA5gaSsKrPSS7SxLemaIsd818a90/tMMq/hEupaVKnfz7Hk
F+h8FXI6+9R8DohdlCloGMeKB1jtmbViXnYE719wyYtcAqp965agQQAnuqCf64VD
WsknjC9wa1BI9EXJk+SSbMmCnvy3YwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAN7
bSz/a2DjlL0Wsi4xnXArG9q/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQUFEMzM5NEM5NEExMUVGQTcwNzE0OEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOE/MA0GCSqGSIb3DQEBCwUA
A4IBAQAUBqYBYh+dfMfnAX9qS0mur1gMoY4HxC8t4Xdy9YHSe43Rjq3GwrB3+oWa
wwayIrN4NlHWkXSSJXaYxAdMZ8iB5AM6SAbBRsmt+L8/6fzwVwBgKi/gzPVTge/t
VDZi5vKBfrs0DpAFU5hqYkoqVsvas5VV+8ionZyepNUkZ+3N/R9gruaHhM7xcVOi
IDpXoLPONPWhRCdUC8NdJAX/9XkDlgRx5DPjtqWzEymJ0CJul/iySv5odjdgfeHo
xuirW4TeOZBQ0ZMWZ5mNn//swO3LQ0EvdhUNUT3IqJUIsw1Utijgn3pf8ocQ5mTt
9j+2yKjyl/BJswG4TVJW8bbBoxfB
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:40 2025 by rpki-client