Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BAB8178F5E711EFA73723AE762E951A.roa
File: 3BAB8178F5E711EFA73723AE762E951A.roa (raw, json)
Hash identifier: fuscZS1DKp296AKFZS4fZDCr64W2tr2jL1ZzK3AZBwk=
Subject key identifier: BF:75:6B:4E:54:E0:02:39:45:77:4E:81:04:93:2D:A5:A0:C9:F3:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E8D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BAB8178F5E711EFA73723AE762E951A.roa
Signing time: Fri 28 Feb 2025 15:18:16 +0000
ROA not before: Fri 28 Feb 2025 15:18:12 +0000
ROA not after: Sun 13 Apr 2025 15:18:12 +0000
asID: 138915
IP address blocks: 156.244.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81549 (0x13e8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 15:18:12 2025 GMT
Not After : Apr 13 15:18:12 2025 GMT
Subject: CN=67c1d3b8-6802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f4:95:e5:1c:b3:b8:ef:19:f1:77:b2:2c:3c:
bd:00:8b:89:43:40:e0:e9:61:ff:7f:81:f0:5b:d6:
ab:a4:a1:b7:e0:10:b2:61:81:a0:53:af:45:12:bf:
bd:5e:8f:25:61:bb:2d:0e:72:c9:a2:63:90:13:c7:
88:6f:38:dd:71:9d:cf:27:b2:93:6a:a8:18:76:2c:
59:58:2d:a0:94:96:82:ec:6d:b1:bb:a1:80:fb:e2:
c2:36:61:ba:04:c6:21:e6:b0:5b:da:69:57:08:2a:
53:39:23:f0:59:5f:14:fd:47:29:ff:eb:5e:cd:c7:
91:38:e3:e7:79:0e:97:e7:f3:94:76:6b:4b:10:a7:
71:41:a6:f0:6e:9e:9e:52:23:67:b3:d8:c1:14:e0:
01:da:9e:e2:6c:24:76:c0:86:1d:9f:58:97:b7:d6:
ef:4d:ce:d4:1c:97:17:46:df:a1:07:c3:8f:b1:da:
fb:49:8d:1d:f3:40:20:cd:02:a4:87:99:e3:cd:0f:
25:a9:7f:87:7a:36:50:40:d7:49:9f:e7:8a:ad:1b:
73:c1:1f:d5:bb:f6:5c:f9:dd:ad:a7:ec:ba:cc:2c:
e6:98:d8:c2:6e:64:02:8a:49:c0:e8:97:7c:c2:9a:
da:66:9e:43:f7:7d:d1:bb:1a:92:41:ce:78:e7:dd:
3f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:75:6B:4E:54:E0:02:39:45:77:4E:81:04:93:2D:A5:A0:C9:F3:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BAB8178F5E711EFA73723AE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.9.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:6f:6f:e3:3d:e5:e3:14:72:f5:a0:6a:78:6e:e0:d3:9a:fd:
a9:3f:58:55:04:46:49:a2:27:1e:71:84:30:24:c9:97:c9:5a:
97:66:91:1b:1e:35:ed:ed:78:ce:ce:16:a2:7a:cc:23:28:28:
f9:ae:56:ae:c5:76:ec:3b:a9:91:91:79:4c:b4:ff:53:59:2b:
5d:d5:04:7e:af:fc:2a:f2:37:dd:fd:ab:a1:bc:26:ac:9e:68:
85:2d:cb:0d:db:65:42:79:47:d4:d9:1d:5f:34:4d:63:07:7f:
1a:38:68:d2:75:16:ac:5b:41:db:0b:31:15:0a:83:be:7b:be:
26:b4:8f:5e:2a:a3:f1:3c:f4:cf:2c:a9:5d:d4:1f:a3:8b:48:
91:b1:10:1d:f6:64:6e:38:54:ee:6c:ed:6f:35:80:9f:92:eb:
95:ce:9e:af:31:8e:1d:fc:3a:88:12:b7:63:0d:18:17:e2:b4:
04:32:e7:f8:26:60:17:51:96:ec:91:ec:ce:4d:83:eb:3d:d5:
83:87:79:a1:22:40:e7:09:43:9a:05:20:f3:bd:be:cc:0f:07:
7a:86:bb:22:39:9a:ef:4d:07:45:18:48:98:ae:39:f9:32:fa:
31:89:97:dd:e0:dc:07:f6:81:7e:c6:70:a3:83:05:08:e7:29:
dc:74:85:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT6NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTUxODEyWhcNMjUwNDEzMTUxODEyWjAYMRYw
FAYDVQQDEw02N2MxZDNiOC02ODAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyPSV5RyzuO8Z8XeyLDy9AIuJQ0Dg6WH/f4HwW9arpKG34BCyYYGgU69F
Er+9Xo8lYbstDnLJomOQE8eIbzjdcZ3PJ7KTaqgYdixZWC2glJaC7G2xu6GA++LC
NmG6BMYh5rBb2mlXCCpTOSPwWV8U/Ucp/+tezceROOPneQ6X5/OUdmtLEKdxQabw
bp6eUiNns9jBFOAB2p7ibCR2wIYdn1iXt9bvTc7UHJcXRt+hB8OPsdr7SY0d80Ag
zQKkh5njzQ8lqX+HejZQQNdJn+eKrRtzwR/Vu/Zc+d2tp+y6zCzmmNjCbmQCiknA
6Jd8wpraZp5D933RuxqSQc54590/DQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL91
a05U4AI5RXdOgQSTLaWgyfMNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQkFCODE3OEY1RTcxMUVGQTczNzIzQUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQJMA0GCSqGSIb3DQEBCwUA
A4IBAQAvb2/jPeXjFHL1oGp4buDTmv2pP1hVBEZJoicecYQwJMmXyVqXZpEbHjXt
7XjOzhaieswjKCj5rlauxXbsO6mRkXlMtP9TWStd1QR+r/wq8jfd/auhvCasnmiF
LcsN22VCeUfU2R1fNE1jB38aOGjSdRasW0HbCzEVCoO+e74mtI9eKqPxPPTPLKld
1B+ji0iRsRAd9mRuOFTubO1vNYCfkuuVzp6vMY4d/DqIErdjDRgX4rQEMuf4JmAX
UZbskezOTYPrPdWDh3mhIkDnCUOaBSDzvb7MDwd6hrsiOZrvTQdFGEiYrjn5Mvox
iZfd4NwH9oF+xnCjgwUI5yncdIUS
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:58:40 2025 by rpki-client