Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B91FAD0C98411EFBA30A294762E951A.roa
File: 3B91FAD0C98411EFBA30A294762E951A.roa (raw, json)
Hash identifier: LDJY75bBQXuQDCTmrLJYwV33cIu+e9dL/zSpQeqhzvA=
Subject key identifier: 37:B0:B3:9A:BF:5F:B0:21:2D:4E:95:A4:57:A8:37:04:6F:6C:AB:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F56D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B91FAD0C98411EFBA30A294762E951A.roa
Signing time: Fri 03 Jan 2025 03:38:44 +0000
ROA not before: Fri 03 Jan 2025 03:38:41 +0000
ROA not after: Mon 13 Dec 2027 03:38:41 +0000
asID: 17561
IP address blocks: 156.232.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62829 (0xf56d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 03:38:41 2025 GMT
Not After : Dec 13 03:38:41 2027 GMT
Subject: CN=67775bc4-d2ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:52:86:03:03:3c:7e:61:b8:d9:0d:b7:2c:c7:
7e:3d:d2:ed:98:68:5b:dc:4a:e6:be:a4:88:57:19:
7c:34:13:3e:fa:b9:b7:80:fa:a5:72:ae:1c:b7:1e:
f8:1e:b0:f3:53:3b:1a:40:84:d0:c4:80:15:0a:f9:
eb:3c:a1:57:f8:d9:a5:27:2f:c2:da:fc:63:db:d3:
e9:95:a8:b0:b0:07:8d:ac:a2:9a:6d:19:8a:ef:54:
9d:aa:ae:b4:1f:58:d1:bc:ce:d5:0e:4e:87:05:1e:
d1:c0:df:84:cf:ce:38:53:a0:65:a1:71:82:6a:ab:
a5:09:aa:f3:e4:82:99:04:07:65:77:b3:31:f0:d0:
08:a1:dd:51:58:e2:25:31:0c:1a:6c:a0:08:9c:05:
82:94:45:d7:88:17:3f:98:2e:48:04:1a:7b:8b:8f:
d0:5a:fd:75:c2:29:31:80:ab:56:f2:2f:8f:e4:f0:
25:40:0e:53:13:c7:5d:77:93:c7:72:81:c0:54:75:
32:91:1f:ed:47:03:91:2a:fa:2f:a6:14:59:29:d4:
54:f8:e7:c2:eb:e7:df:1c:cd:04:a2:d4:30:b6:43:
fd:f8:dc:93:8d:bd:01:62:75:de:d8:98:ff:f2:6d:
b8:bc:48:4a:cb:1c:6c:4a:cd:da:e3:36:1f:63:ea:
71:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B0:B3:9A:BF:5F:B0:21:2D:4E:95:A4:57:A8:37:04:6F:6C:AB:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B91FAD0C98411EFBA30A294762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.66.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:3e:1e:6a:63:e3:a7:ac:43:a3:25:a2:f9:f0:a0:c7:a0:00:
34:2e:1a:61:54:70:63:2d:db:c3:05:07:82:19:21:e2:eb:41:
ac:5a:58:25:fd:ab:94:3b:ea:99:80:87:dd:e0:94:71:c9:7e:
d3:29:18:d2:e3:68:b0:18:31:71:1c:93:77:5f:08:97:64:d5:
92:53:b3:00:85:e1:3b:95:5c:30:db:f5:a5:40:de:0d:c9:ae:
b6:e6:90:53:b0:36:4a:ae:26:46:56:45:cc:8a:6d:4d:f1:6c:
72:c1:33:64:d9:83:34:5c:fe:96:78:74:74:77:f9:8a:c0:60:
87:89:25:02:bc:a3:72:6e:ff:c6:88:cb:14:0a:cc:07:7b:fa:
d3:73:5c:d4:a6:ac:ce:b1:ab:7f:21:ff:47:d7:73:a2:36:0f:
30:13:f7:55:4d:ae:07:60:43:6c:18:68:31:f3:cd:e9:e6:cc:
0b:68:7b:5d:29:46:5e:8f:4e:57:79:3a:c2:56:c1:c1:44:c4:
58:c1:7c:0f:3d:cc:15:b8:a0:e5:f7:aa:f1:0e:0e:db:d4:67:
8b:ad:b6:bd:54:6e:f5:91:8e:5d:8f:14:9d:84:7a:bb:16:d3:
56:22:b9:a9:03:e5:49:f0:51:3a:d2:a5:68:f0:23:24:ab:c4:
6a:61:27:04
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPVtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDMzODQxWhcNMjcxMjEzMDMzODQxWjAYMRYw
FAYDVQQDEw02Nzc3NWJjNC1kMmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2VKGAwM8fmG42Q23LMd+PdLtmGhb3ErmvqSIVxl8NBM++rm3gPqlcq4c
tx74HrDzUzsaQITQxIAVCvnrPKFX+NmlJy/C2vxj29PplaiwsAeNrKKabRmK71Sd
qq60H1jRvM7VDk6HBR7RwN+Ez844U6BloXGCaqulCarz5IKZBAdld7Mx8NAIod1R
WOIlMQwabKAInAWClEXXiBc/mC5IBBp7i4/QWv11wikxgKtW8i+P5PAlQA5TE8dd
d5PHcoHAVHUykR/tRwORKvovphRZKdRU+OfC6+ffHM0EotQwtkP9+NyTjb0BYnXe
2Jj/8m24vEhKyxxsSs3a4zYfY+pxOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDew
s5q/X7AhLU6VpFeoNwRvbKtkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQjkxRkFEMEM5ODQxMUVGQkEzMEEyOTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhCMA0GCSqGSIb3DQEBCwUA
A4IBAQA9Ph5qY+OnrEOjJaL58KDHoAA0LhphVHBjLdvDBQeCGSHi60GsWlgl/auU
O+qZgIfd4JRxyX7TKRjS42iwGDFxHJN3XwiXZNWSU7MAheE7lVww2/WlQN4Nya62
5pBTsDZKriZGVkXMim1N8WxywTNk2YM0XP6WeHR0d/mKwGCHiSUCvKNybv/GiMsU
CswHe/rTc1zUpqzOsat/If9H13OiNg8wE/dVTa4HYENsGGgx883p5swLaHtdKUZe
j05XeTrCVsHBRMRYwXwPPcwVuKDl96rxDg7b1GeLrba9VG71kY5djxSdhHq7FtNW
IrmpA+VJ8FE60qVo8CMkq8RqYScE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:25 2025 by rpki-client