Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AEA7C86CD8211EFA83D3673762E951A.roa
File: 3AEA7C86CD8211EFA83D3673762E951A.roa (raw, json)
Hash identifier: s8wNVzF9WosVM1Pgws66QP4ppvtYy5ygYctDbQbdDqE=
Subject key identifier: D1:7E:48:A4:10:39:D5:D8:00:8C:40:0C:E2:EC:3A:21:A9:E3:79:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01000D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AEA7C86CD8211EFA83D3673762E951A.roa
Signing time: Wed 08 Jan 2025 05:34:29 +0000
ROA not before: Wed 08 Jan 2025 05:34:25 +0000
ROA not after: Mon 13 Dec 2027 05:34:25 +0000
asID: 17561
IP address blocks: 156.252.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65549 (0x1000d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:34:25 2025 GMT
Not After : Dec 13 05:34:25 2027 GMT
Subject: CN=677e0e65-2f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:03:d6:7b:18:6c:98:0f:14:23:08:5e:59:44:
64:e0:30:c2:55:fd:d7:01:5c:59:48:8d:ad:09:34:
36:01:c3:66:44:ac:83:23:ea:61:17:81:c3:4c:52:
8a:b1:e1:1b:b1:59:61:ef:e8:41:ae:35:68:7e:aa:
45:b7:ab:e4:d7:f5:7e:81:a5:78:7c:c6:55:3b:42:
9a:52:3f:86:f2:59:a5:f0:d4:5a:10:11:5a:5c:99:
f3:62:7d:90:a4:10:19:4d:d0:45:db:21:8c:fb:09:
59:fb:23:89:48:1b:e5:f1:97:a5:d6:75:a0:a0:40:
99:34:a8:8d:5b:d3:0d:0f:1a:ce:52:ce:12:21:80:
ce:0c:90:9c:6f:7a:89:a9:4d:1e:43:dd:2d:f2:62:
de:6e:64:35:5b:96:19:17:38:7b:8f:b2:73:5a:d1:
ce:86:46:87:2c:e9:6d:3d:2a:8b:06:0d:df:5e:fb:
86:aa:84:99:1e:90:45:74:64:58:9a:07:43:ad:e8:
ff:1c:b3:f0:f0:2d:40:4d:17:07:d9:2e:67:ba:3e:
88:40:92:86:4e:cd:23:89:0c:d5:e7:68:e0:0a:ac:
a1:05:66:26:b7:3d:53:c1:b0:e1:70:00:90:0f:ed:
80:1b:db:17:e3:61:a6:c2:23:d1:f3:ed:ea:d3:37:
33:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:7E:48:A4:10:39:D5:D8:00:8C:40:0C:E2:EC:3A:21:A9:E3:79:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AEA7C86CD8211EFA83D3673762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.17.0/24
Signature Algorithm: sha256WithRSAEncryption
16:22:fa:7b:2c:1e:72:9f:8f:a3:9a:69:3b:03:d7:b2:53:06:
cb:35:fe:a6:94:ec:cf:6c:58:91:64:c9:f3:f1:80:b5:6d:92:
7d:d1:bf:2b:8f:90:88:1b:be:21:57:9b:ed:1d:92:ea:fe:7d:
b2:e1:3e:45:26:7f:1e:c2:d6:e3:e2:9c:6e:ca:65:2f:94:08:
5d:5e:a5:67:5b:b9:52:21:1b:1c:e7:3c:cc:8e:db:6c:49:56:
42:40:9f:41:ed:5c:7a:48:c7:37:32:c5:e0:fe:a5:c7:e2:d6:
bd:4d:b2:73:9f:70:ba:3e:4a:56:9e:c2:02:37:32:02:3b:08:
e9:be:2d:c0:78:34:a6:e7:53:3d:b1:41:1b:8a:9d:14:95:4e:
f4:17:f5:d0:7b:8d:27:08:fc:70:4d:b4:18:bb:67:f3:da:7d:
83:a5:6d:7b:1d:36:c1:c2:48:c4:87:20:c4:40:36:1b:c4:00:
6f:bd:ad:e9:87:3d:fe:7e:65:96:7e:a3:2e:98:fc:ce:96:ae:
1e:fe:94:40:ad:dc:45:6a:44:bc:8a:09:a3:fb:a1:a3:08:f0:
80:02:6a:86:c2:80:e9:a2:e8:aa:31:73:48:a7:d3:eb:70:dc:
f5:d6:5e:7f:15:53:9b:61:c5:d5:53:67:b4:7d:44:fb:cf:0e:
89:3d:e8:7b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQANMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDUzNDI1WhcNMjcxMjEzMDUzNDI1WjAYMRYw
FAYDVQQDEw02NzdlMGU2NS0yZjUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzwPWexhsmA8UIwheWURk4DDCVf3XAVxZSI2tCTQ2AcNmRKyDI+phF4HD
TFKKseEbsVlh7+hBrjVofqpFt6vk1/V+gaV4fMZVO0KaUj+G8lml8NRaEBFaXJnz
Yn2QpBAZTdBF2yGM+wlZ+yOJSBvl8Zel1nWgoECZNKiNW9MNDxrOUs4SIYDODJCc
b3qJqU0eQ90t8mLebmQ1W5YZFzh7j7JzWtHOhkaHLOltPSqLBg3fXvuGqoSZHpBF
dGRYmgdDrej/HLPw8C1ATRcH2S5nuj6IQJKGTs0jiQzV52jgCqyhBWYmtz1TwbDh
cACQD+2AG9sX42GmwiPR8+3q0zczZQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNF+
SKQQOdXYAIxADOLsOiGp43lnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQUVBN0M4NkNEODIxMUVGQTgzRDM2NzM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwRMA0GCSqGSIb3DQEBCwUA
A4IBAQAWIvp7LB5yn4+jmmk7A9eyUwbLNf6mlOzPbFiRZMnz8YC1bZJ90b8rj5CI
G74hV5vtHZLq/n2y4T5FJn8ewtbj4pxuymUvlAhdXqVnW7lSIRsc5zzMjttsSVZC
QJ9B7Vx6SMc3MsXg/qXH4ta9TbJzn3C6PkpWnsICNzICOwjpvi3AeDSm51M9sUEb
ip0UlU70F/XQe40nCPxwTbQYu2fz2n2DpW17HTbBwkjEhyDEQDYbxABvva3phz3+
fmWWfqMumPzOlq4e/pRArdxFakS8igmj+6GjCPCAAmqGwoDpouiqMXNIp9PrcNz1
1l5/FVObYcXVU2e0fUT7zw6JPeh7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:11 2025 by rpki-client