Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AB91532C95F11EF9FE92293762E951A.roa
File: 3AB91532C95F11EF9FE92293762E951A.roa (raw, json)
Hash identifier: rKNn7mqdGyKbf0HXIGxJxrDnsMvOCI4cvFzsPKo5rN4=
Subject key identifier: 2C:1D:40:6C:83:17:E1:89:0D:91:D7:D6:EF:82:2F:CC:87:08:07:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F44E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AB91532C95F11EF9FE92293762E951A.roa
Signing time: Thu 02 Jan 2025 23:13:52 +0000
ROA not before: Thu 02 Jan 2025 23:13:48 +0000
ROA not after: Mon 13 Dec 2027 23:13:48 +0000
asID: 17561
IP address blocks: 156.226.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62542 (0xf44e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 23:13:48 2025 GMT
Not After : Dec 13 23:13:48 2027 GMT
Subject: CN=67771daf-07f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ab:48:49:11:be:42:c5:c1:6e:08:c4:26:5e:
06:29:73:59:9f:4a:a7:d4:b2:20:ce:57:46:3a:38:
f6:89:6a:ce:fa:3e:55:2f:d5:da:24:a2:ad:02:8d:
20:95:78:b4:65:8a:71:0b:51:b2:03:e5:3f:bd:54:
d3:21:3f:b3:0b:e9:f8:43:2f:3a:47:29:36:b7:4e:
d4:f2:84:86:76:74:3e:cf:4f:5b:c2:2c:5b:ca:85:
07:4a:b9:91:e3:ab:f5:e5:a8:cf:94:57:17:95:76:
e7:ca:17:4b:63:b8:40:5d:f5:6d:a2:92:86:02:b7:
46:a5:e9:02:e1:40:52:d3:ed:e2:e4:b9:2e:06:f0:
1a:33:9c:5f:54:76:9b:b7:7f:12:14:8c:7a:13:45:
12:4b:ee:7c:ab:00:7f:89:86:4a:7b:9e:d7:76:a8:
75:d1:4f:61:ce:a5:d5:02:c6:6d:0d:c9:39:42:fb:
63:bd:32:20:79:61:9f:5f:0e:cc:be:ae:06:5c:1b:
e3:99:2d:d5:39:82:fa:f3:4c:c8:ab:8b:44:b3:b1:
a6:c5:1f:82:22:49:40:a0:83:f4:ae:c8:4b:bc:e8:
9b:43:97:1c:6b:7f:ba:b5:cb:96:fb:0d:83:a7:83:
56:f1:b0:ce:3f:2f:88:17:7f:82:ec:dc:d9:7a:e1:
cb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1D:40:6C:83:17:E1:89:0D:91:D7:D6:EF:82:2F:CC:87:08:07:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AB91532C95F11EF9FE92293762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.217.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:8b:2d:a5:d0:96:d4:3b:08:17:19:75:e5:8c:ab:b8:ba:14:
af:ee:9e:ef:56:24:63:c7:96:80:87:8c:cc:e9:2d:40:42:85:
c1:37:75:e0:27:b8:83:35:bf:8a:13:7f:f9:10:7b:b9:ca:bf:
74:21:92:13:de:6b:c0:78:a8:b5:1e:4d:0c:c7:c7:b3:52:ae:
9a:4b:fd:01:c4:c4:27:00:b7:8c:6a:0a:e4:e8:44:f4:fd:7c:
21:f3:11:d7:c8:1d:91:7b:77:1e:c7:02:4d:c4:e5:45:54:34:
1b:b2:2f:18:ce:69:00:de:6a:c7:4d:aa:fa:1d:65:2e:5f:95:
5f:f0:40:d5:46:5c:37:79:40:4e:58:cb:97:ba:e4:45:4f:84:
e2:ab:2b:f4:de:59:ae:a3:9f:d0:e5:49:d7:41:30:22:4b:92:
0a:0a:be:b2:0d:12:2a:41:34:18:31:97:6b:36:c0:9e:cd:b7:
f1:d2:a5:d5:3f:cb:4c:62:65:7b:57:22:53:7d:e0:03:ba:f1:
31:9c:db:d3:80:d0:89:d2:9a:92:bf:4a:58:3b:d6:7a:70:88:
17:f7:9a:6d:2c:1f:1c:c5:ca:4e:4e:93:7f:9e:2f:64:76:b6:
a7:f5:f8:40:10:fe:8b:0f:69:f9:d6:94:ea:6c:b9:70:c0:a9:
9c:17:c7:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPROMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjMxMzQ4WhcNMjcxMjEzMjMxMzQ4WjAYMRYw
FAYDVQQDEw02Nzc3MWRhZi0wN2YzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwatISRG+QsXBbgjEJl4GKXNZn0qn1LIgzldGOjj2iWrO+j5VL9XaJKKt
Ao0glXi0ZYpxC1GyA+U/vVTTIT+zC+n4Qy86Ryk2t07U8oSGdnQ+z09bwixbyoUH
SrmR46v15ajPlFcXlXbnyhdLY7hAXfVtopKGArdGpekC4UBS0+3i5LkuBvAaM5xf
VHabt38SFIx6E0USS+58qwB/iYZKe57Xdqh10U9hzqXVAsZtDck5QvtjvTIgeWGf
Xw7Mvq4GXBvjmS3VOYL680zIq4tEs7GmxR+CIklAoIP0rshLvOibQ5cca3+6tcuW
+w2Dp4NW8bDOPy+IF3+C7NzZeuHLJQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCwd
QGyDF+GJDZHX1u+CL8yHCAdOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQUI5MTUzMkM5NUYxMUVGOUZFOTIyOTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLZMA0GCSqGSIb3DQEBCwUA
A4IBAQAriy2l0JbUOwgXGXXljKu4uhSv7p7vViRjx5aAh4zM6S1AQoXBN3XgJ7iD
Nb+KE3/5EHu5yr90IZIT3mvAeKi1Hk0Mx8ezUq6aS/0BxMQnALeMagrk6ET0/Xwh
8xHXyB2Re3cexwJNxOVFVDQbsi8YzmkA3mrHTar6HWUuX5Vf8EDVRlw3eUBOWMuX
uuRFT4Tiqyv03lmuo5/Q5UnXQTAiS5IKCr6yDRIqQTQYMZdrNsCezbfx0qXVP8tM
YmV7VyJTfeADuvExnNvTgNCJ0pqSv0pYO9Z6cIgX95ptLB8cxcpOTpN/ni9kdran
9fhAEP6LD2n51pTqbLlwwKmcF8fN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:55 2025 by rpki-client