Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C71DF8ECD3911EF975FED90762E951A.roa
File: 3C71DF8ECD3911EF975FED90762E951A.roa (raw, json)
Hash identifier: iriZEyxOe7Lg7//z2Nkhpj3ON/7seJISkuZ4HXRXni4=
Subject key identifier: E8:15:23:EA:36:1A:31:3E:69:8C:A2:D0:12:4F:BA:70:5A:55:C0:FC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE33
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C71DF8ECD3911EF975FED90762E951A.roa
Signing time: Tue 07 Jan 2025 20:51:58 +0000
ROA not before: Tue 07 Jan 2025 20:51:54 +0000
ROA not after: Sat 13 Dec 2025 20:51:54 +0000
asID: 984
IP address blocks: 156.243.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65075 (0xfe33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:51:54 2025 GMT
Not After : Dec 13 20:51:54 2025 GMT
Subject: CN=677d93ee-f7fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f9:41:07:69:d1:68:2a:51:6e:af:96:ea:97:
68:6a:d6:1c:0a:cd:eb:f9:d9:8e:f3:78:13:2a:16:
7a:bf:28:f1:3c:88:7e:a8:f1:15:50:dd:0b:a0:36:
29:72:5e:67:f3:cf:03:23:ee:d8:11:1d:d9:48:37:
74:47:75:82:87:39:9a:5b:ae:92:0f:2b:cd:be:d4:
3d:c3:4d:02:7a:70:ed:f4:d6:0e:8f:ff:f4:52:de:
cd:db:49:47:7e:17:ec:10:f2:e3:8d:ec:54:ec:e8:
e9:2c:22:e1:75:e9:f1:54:48:c2:be:e5:ac:83:99:
17:18:1a:aa:bf:db:fd:f4:55:e9:20:a8:42:34:2a:
c2:56:7a:91:13:da:53:96:2b:c1:6d:72:02:c2:5d:
fc:dc:0a:f3:26:fd:12:e5:87:ea:4f:f5:e5:09:79:
98:a7:4d:67:b6:2b:fb:67:f4:e9:b8:8c:5e:99:93:
b6:97:6e:b9:d1:22:1a:1c:9b:4b:62:16:09:ef:91:
f3:a6:e8:75:21:27:8b:0c:d5:8a:1a:1d:3c:e0:fc:
75:af:6b:c2:19:b4:fc:9a:5f:1e:38:12:9e:65:d6:
3b:7e:66:1a:37:3c:29:01:fc:7a:a8:2e:96:cd:14:
11:58:1c:7d:b3:93:d4:7e:50:01:57:a2:95:e3:27:
01:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:15:23:EA:36:1A:31:3E:69:8C:A2:D0:12:4F:BA:70:5A:55:C0:FC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C71DF8ECD3911EF975FED90762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.66.0/24
Signature Algorithm: sha256WithRSAEncryption
49:1f:38:79:fc:6b:9e:e4:28:b0:38:1f:ba:69:e6:9f:de:4d:
4d:62:55:3d:78:7c:59:47:7b:83:d2:1b:15:aa:d4:f9:cd:ab:
f5:13:4e:7e:4e:98:a3:bf:c5:5d:eb:d5:fc:1a:4e:e4:c7:6b:
33:01:40:66:ae:e3:45:39:2c:49:e5:e0:e7:70:81:aa:f2:23:
02:64:1b:9f:2f:6a:06:0e:f6:8c:ec:70:19:f4:3a:25:2f:1a:
e1:6a:aa:ea:04:41:ef:7c:96:b2:4b:c1:70:98:99:cd:e4:eb:
24:96:e1:45:40:63:ae:3a:32:74:71:51:29:57:25:43:ba:a7:
eb:20:9f:02:e3:4c:e1:ac:d4:49:c2:98:76:83:37:5e:f3:f1:
ef:cf:75:25:56:81:49:9b:98:27:a1:df:40:52:f5:bb:b6:5a:
6f:fd:98:3c:a2:57:40:fa:59:64:91:56:f4:b2:97:1b:6e:56:
b5:e8:f9:63:af:99:9b:e0:3a:bd:d0:69:b0:e6:57:43:89:96:
e6:ec:ee:f1:4b:44:72:08:db:74:6c:15:19:a1:a9:f7:05:28:
0d:47:12:04:bf:82:81:2b:e0:8b:8e:02:b7:5c:e5:30:ea:64:
44:64:a0:2d:b4:51:c1:5a:5a:23:25:bf:d0:da:7b:0e:6e:ca:
10:a2:79:3f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjA1MTU0WhcNMjUxMjEzMjA1MTU0WjAYMRYw
FAYDVQQDEw02NzdkOTNlZS1mN2ZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9PlBB2nRaCpRbq+W6pdoatYcCs3r+dmO83gTKhZ6vyjxPIh+qPEVUN0L
oDYpcl5n888DI+7YER3ZSDd0R3WChzmaW66SDyvNvtQ9w00CenDt9NYOj//0Ut7N
20lHfhfsEPLjjexU7OjpLCLhdenxVEjCvuWsg5kXGBqqv9v99FXpIKhCNCrCVnqR
E9pTlivBbXICwl383ArzJv0S5YfqT/XlCXmYp01ntiv7Z/TpuIxemZO2l2650SIa
HJtLYhYJ75Hzpuh1ISeLDNWKGh084Px1r2vCGbT8ml8eOBKeZdY7fmYaNzwpAfx6
qC6WzRQRWBx9s5PUflABV6KV4ycBjQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOgV
I+o2GjE+aYyi0BJPunBaVcD8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzcxREY4RUNEMzkxMUVGOTc1RkVEOTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNCMA0GCSqGSIb3DQEBCwUA
A4IBAQBJHzh5/Gue5CiwOB+6aeaf3k1NYlU9eHxZR3uD0hsVqtT5zav1E05+Tpij
v8Vd69X8Gk7kx2szAUBmruNFOSxJ5eDncIGq8iMCZBufL2oGDvaM7HAZ9DolLxrh
aqrqBEHvfJayS8FwmJnN5OskluFFQGOuOjJ0cVEpVyVDuqfrIJ8C40zhrNRJwph2
gzde8/Hvz3UlVoFJm5gnod9AUvW7tlpv/Zg8oldA+llkkVb0spcbbla16Pljr5mb
4Dq90Gmw5ldDiZbm7O7xS0RyCNt0bBUZoan3BSgNRxIEv4KBK+CLjgK3XOUw6mRE
ZKAttFHBWlojJb/Q2nsObsoQonk/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:08 2025 by rpki-client