Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C9C26B2CDB211EF9FFEADA2762E951A.roa
File: 3C9C26B2CDB211EF9FFEADA2762E951A.roa (raw, json)
Hash identifier: FV1yYdqvOrEl4KrPyMQA0hgUc2qKvBMOjR4A/Av53gU=
Subject key identifier: E4:0F:CB:23:D0:1B:1D:EB:02:6A:81:D0:D4:0E:53:33:42:1A:74:C3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010189
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C9C26B2CDB211EF9FFEADA2762E951A.roa
Signing time: Wed 08 Jan 2025 11:18:08 +0000
ROA not before: Wed 08 Jan 2025 11:18:04 +0000
ROA not after: Mon 13 Dec 2027 11:18:04 +0000
asID: 17561
IP address blocks: 156.255.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65929 (0x10189)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 11:18:04 2025 GMT
Not After : Dec 13 11:18:04 2027 GMT
Subject: CN=677e5ef0-ed88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:09:ea:09:ca:6f:4d:0b:fe:61:88:52:f0:f2:
b1:77:93:4c:90:26:df:82:e7:1c:bd:d7:57:07:90:
88:63:7c:c4:7a:d3:e1:c8:1c:7c:85:89:7e:4e:3a:
94:dc:fa:a5:10:86:75:de:fe:df:8f:96:8f:f0:ca:
63:7b:0d:34:99:d6:d8:0d:17:ee:8f:fe:6f:5b:3f:
ac:b8:4e:f0:88:2c:9d:7f:58:bd:23:96:72:cd:a2:
e5:34:cb:be:3d:9d:0d:ac:67:fd:f9:45:62:f5:b7:
81:82:57:d0:27:1c:67:98:aa:cb:ca:ce:f5:0c:86:
03:12:e2:45:b6:d4:63:4f:b9:d8:6a:67:04:57:09:
e6:56:62:0f:9d:5e:49:17:c1:f5:86:db:3f:5d:59:
ba:49:76:f8:6a:4c:92:9f:d4:9f:d8:be:70:23:e0:
fd:51:79:52:70:d1:95:f5:53:be:61:58:d5:17:ce:
16:c7:a2:f5:57:2f:fd:1b:8e:b5:3e:5d:57:3f:a6:
09:1e:f0:dd:f0:5d:40:95:4b:ec:a9:6b:fb:31:1a:
c0:4d:ce:f6:73:7a:d8:fa:4d:73:33:e5:45:25:03:
48:4d:00:6b:ef:b8:c4:14:22:18:68:95:7f:c3:4b:
67:b3:da:eb:71:5e:d0:01:d1:19:1a:5e:aa:93:fd:
18:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0F:CB:23:D0:1B:1D:EB:02:6A:81:D0:D4:0E:53:33:42:1A:74:C3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C9C26B2CDB211EF9FFEADA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.87.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:64:74:1b:14:7f:7f:b2:ad:d4:bd:d4:db:4e:f5:85:35:3e:
ba:07:c7:fe:b9:2e:85:60:25:cc:33:a2:b5:9c:0f:0b:2f:12:
7b:09:89:d1:22:56:5b:e4:8a:01:d4:bd:ac:b5:a6:b9:54:b8:
66:7a:c3:51:59:08:3d:ae:92:b9:24:c4:6c:de:84:dc:83:30:
59:1a:8b:bb:b7:a9:0d:61:b3:92:89:0c:09:3e:d2:58:a9:c3:
1c:a5:f0:f1:5e:4e:76:39:e0:4a:e0:59:31:9b:6a:0e:22:b2:
52:c0:94:1f:3c:11:c0:e6:f6:9a:a9:f1:16:c0:bb:22:5e:66:
89:f8:f3:db:77:57:60:ee:9c:32:6f:da:d7:16:c3:21:4e:43:
e2:2f:80:52:64:8f:83:f1:55:73:e8:2e:62:81:71:8a:4d:d5:
5e:56:f4:4d:37:c0:ea:d4:9a:d1:a1:96:75:08:e7:3d:35:34:
18:f1:3c:14:63:97:21:a7:ac:4c:b1:43:5b:0b:67:d7:90:7c:
41:44:fb:fe:cb:98:60:8c:8f:03:29:00:3d:da:23:02:fe:8d:
df:ab:f5:7e:35:c9:b2:5f:c9:ba:cc:3f:20:da:0c:f6:fa:5d:
1e:49:ec:fb:57:76:14:0c:25:7c:56:24:43:15:2a:a1:87:6b:
e8:e5:25:fe
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQGJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTExODA0WhcNMjcxMjEzMTExODA0WjAYMRYw
FAYDVQQDEw02NzdlNWVmMC1lZDg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQnqCcpvTQv+YYhS8PKxd5NMkCbfguccvddXB5CIY3zEetPhyBx8hYl+
TjqU3PqlEIZ13v7fj5aP8Mpjew00mdbYDRfuj/5vWz+suE7wiCydf1i9I5ZyzaLl
NMu+PZ0NrGf9+UVi9beBglfQJxxnmKrLys71DIYDEuJFttRjT7nYamcEVwnmVmIP
nV5JF8H1hts/XVm6SXb4akySn9Sf2L5wI+D9UXlScNGV9VO+YVjVF84Wx6L1Vy/9
G461Pl1XP6YJHvDd8F1AlUvsqWv7MRrATc72c3rY+k1zM+VFJQNITQBr77jEFCIY
aJV/w0tns9rrcV7QAdEZGl6qk/0Y1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOQP
yyPQGx3rAmqB0NQOUzNCGnTDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzlDMjZCMkNEQjIxMUVGOUZGRUFEQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP9XMA0GCSqGSIb3DQEBCwUA
A4IBAQCuZHQbFH9/sq3UvdTbTvWFNT66B8f+uS6FYCXMM6K1nA8LLxJ7CYnRIlZb
5IoB1L2staa5VLhmesNRWQg9rpK5JMRs3oTcgzBZGou7t6kNYbOSiQwJPtJYqcMc
pfDxXk52OeBK4Fkxm2oOIrJSwJQfPBHA5vaaqfEWwLsiXmaJ+PPbd1dg7pwyb9rX
FsMhTkPiL4BSZI+D8VVz6C5igXGKTdVeVvRNN8Dq1JrRoZZ1COc9NTQY8TwUY5ch
p6xMsUNbC2fXkHxBRPv+y5hgjI8DKQA92iMC/o3fq/V+NcmyX8m6zD8g2gz2+l0e
Sez7V3YUDCV8ViRDFSqhh2vo5SX+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:46 2025 by rpki-client