Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AEC45DACD0911EF8B309763762E951A.roa
File: 3AEC45DACD0911EF8B309763762E951A.roa (raw, json)
Hash identifier: fhkAWP2jrrmke/zPoAVCJU76kptyUYcG71DS3l0zXBE=
Subject key identifier: FF:B4:61:22:E9:F5:DF:F6:D5:04:0E:F9:1A:3B:16:9C:49:F9:04:59
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCB3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AEC45DACD0911EF8B309763762E951A.roa
Signing time: Tue 07 Jan 2025 15:08:20 +0000
ROA not before: Tue 07 Jan 2025 15:08:16 +0000
ROA not after: Mon 13 Dec 2027 15:08:16 +0000
asID: 17561
IP address blocks: 156.239.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64691 (0xfcb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:08:16 2025 GMT
Not After : Dec 13 15:08:16 2027 GMT
Subject: CN=677d4364-6cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e0:f9:ba:40:51:3d:87:09:4d:68:da:36:2f:
d6:2b:cc:e7:ca:cb:b6:69:9e:56:2a:a7:4c:05:4c:
51:6a:cb:a2:26:49:0a:3f:72:dc:af:ea:97:9c:7c:
c8:cf:1f:56:42:4b:95:a5:6b:d6:74:d4:3c:16:d3:
0f:4c:93:42:a7:70:26:f6:71:2d:a6:ec:8c:52:40:
03:7d:49:1a:ba:00:75:75:8a:62:ba:06:41:53:b6:
7e:c3:d1:75:de:cc:7f:b1:5b:1b:62:8d:c8:b5:c7:
7c:25:09:fe:95:c7:ca:69:bf:2e:d4:86:57:51:1a:
7d:b7:20:b5:6e:78:f2:df:61:67:e8:48:e7:99:ab:
da:ea:0a:d7:cf:c8:cc:cf:99:80:15:e6:5a:d5:3d:
c5:65:2a:ca:2d:31:9f:d9:39:e8:7a:fa:2a:58:d1:
b8:ea:fa:01:66:da:02:a5:02:02:9d:4c:53:ee:ce:
65:50:30:d7:cb:38:ce:11:40:78:5d:3f:5f:d5:b8:
0b:a1:0e:e6:5e:fa:61:dd:23:19:7f:2f:58:76:14:
27:3d:e1:71:05:1d:fb:1a:09:28:18:c6:31:f4:32:
26:94:10:38:66:d3:2d:3d:70:a3:4e:65:eb:b6:00:
34:d9:4f:03:39:f7:cd:89:81:4e:7d:8e:47:2a:df:
97:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B4:61:22:E9:F5:DF:F6:D5:04:0E:F9:1A:3B:16:9C:49:F9:04:59
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AEC45DACD0911EF8B309763762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.43.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:20:d5:19:20:67:fd:77:0f:40:7c:37:c5:32:91:1a:2c:34:
16:f0:53:f2:3b:cc:2a:bc:6e:27:81:55:26:47:cc:9f:64:91:
7d:bc:a6:75:83:b1:48:4c:82:60:57:18:dc:62:30:2b:3e:19:
96:65:a0:cb:fb:4f:29:4e:2a:ad:3c:40:1c:10:07:24:af:a6:
83:5d:96:87:6f:6f:0b:18:eb:2d:df:a8:df:5c:89:08:6d:84:
55:76:9a:e6:7a:3d:c0:87:37:d9:1d:61:07:c6:5b:8a:3c:2d:
a5:e4:cc:f9:15:d0:68:00:00:3f:9a:c2:7b:14:75:0d:a5:83:
94:10:d8:f9:90:60:22:a7:be:61:b0:be:95:dc:99:b4:3a:e7:
dd:fc:95:4b:d6:40:5d:57:e2:aa:d2:12:f6:13:f2:e6:c2:c2:
2b:6d:9f:2c:49:b6:88:18:5d:38:ee:85:72:1e:e0:51:c9:11:
39:56:36:a3:cf:ea:f1:86:ba:80:f7:75:26:3b:47:78:67:ce:
b4:de:be:83:fc:65:d2:05:53:47:ab:ad:aa:49:b5:73:61:50:
a1:c7:e0:85:42:a7:f8:2a:39:b9:b3:c8:5e:fd:05:c3:8f:75:
94:32:f2:34:d3:60:c6:ba:85:62:51:fa:b9:89:79:86:e5:78:
84:31:59:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPyzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTUwODE2WhcNMjcxMjEzMTUwODE2WjAYMRYw
FAYDVQQDEw02NzdkNDM2NC02Y2YzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApOD5ukBRPYcJTWjaNi/WK8znysu2aZ5WKqdMBUxRasuiJkkKP3Lcr+qX
nHzIzx9WQkuVpWvWdNQ8FtMPTJNCp3Am9nEtpuyMUkADfUkaugB1dYpiugZBU7Z+
w9F13sx/sVsbYo3Itcd8JQn+lcfKab8u1IZXURp9tyC1bnjy32Fn6Ejnmava6grX
z8jMz5mAFeZa1T3FZSrKLTGf2TnoevoqWNG46voBZtoCpQICnUxT7s5lUDDXyzjO
EUB4XT9f1bgLoQ7mXvph3SMZfy9YdhQnPeFxBR37GgkoGMYx9DImlBA4ZtMtPXCj
TmXrtgA02U8DOffNiYFOfY5HKt+XGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP+0
YSLp9d/21QQO+Ro7FpxJ+QRZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQUVDNDVEQUNEMDkxMUVGOEIzMDk3NjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO8rMA0GCSqGSIb3DQEBCwUA
A4IBAQC8INUZIGf9dw9AfDfFMpEaLDQW8FPyO8wqvG4ngVUmR8yfZJF9vKZ1g7FI
TIJgVxjcYjArPhmWZaDL+08pTiqtPEAcEAckr6aDXZaHb28LGOst36jfXIkIbYRV
dprmej3AhzfZHWEHxluKPC2l5Mz5FdBoAAA/msJ7FHUNpYOUENj5kGAip75hsL6V
3Jm0Oufd/JVL1kBdV+Kq0hL2E/LmwsIrbZ8sSbaIGF047oVyHuBRyRE5Vjajz+rx
hrqA93UmO0d4Z8603r6D/GXSBVNHq62qSbVzYVChx+CFQqf4Kjm5s8he/QXDj3WU
MvI002DGuoViUfq5iXmG5XiEMVkn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:00 2025 by rpki-client