Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D7C78A2CF6011EFBD1F4454762E951A.roa
File: 3D7C78A2CF6011EFBD1F4454762E951A.roa (raw, json)
Hash identifier: IZrcucghrznHj61/PAibj/rDqYAabrzDf/6PaJX1DRI=
Subject key identifier: 6D:AD:F0:85:86:4E:66:6B:51:99:E6:22:F1:6A:8A:33:93:03:F3:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01055F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D7C78A2CF6011EFBD1F4454762E951A.roa
Signing time: Fri 10 Jan 2025 14:36:13 +0000
ROA not before: Fri 10 Jan 2025 14:36:09 +0000
ROA not after: Wed 05 Feb 2025 14:36:09 +0000
asID: 23764
IP address blocks: 156.242.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 05 Feb 2025 14:36:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66911 (0x1055f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 14:36:09 2025 GMT
Not After : Feb 5 14:36:09 2025 GMT
Subject: CN=6781305d-91ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0c:91:a0:6d:87:18:52:24:9f:c2:cd:2b:e7:
ad:b6:ad:de:64:02:79:59:95:63:ec:72:fc:fd:74:
fa:03:bd:bf:4d:a0:cb:bd:55:6b:0d:c4:17:cb:28:
2e:3a:0d:aa:a1:67:eb:a2:f3:c1:95:e0:5a:77:4f:
e8:2c:ce:44:cd:52:25:19:cf:fe:db:c7:8a:b9:eb:
e5:27:bf:75:5e:93:f1:be:b2:5d:37:b9:b4:f3:bc:
f7:c5:a1:a8:8e:84:4d:c6:3c:42:ce:e8:5e:61:99:
60:2d:66:1a:f9:9b:b1:70:d6:78:f3:85:8d:57:64:
4b:c1:48:86:f2:4e:85:40:0a:52:f9:c4:48:0a:69:
94:45:d1:76:06:c1:a1:5d:44:61:5c:2f:7b:14:3b:
eb:f4:8a:7a:7d:8b:ec:6f:39:9a:a4:91:eb:62:b4:
ad:aa:cc:10:54:c3:28:e7:72:ce:b6:bb:e4:d4:e5:
8b:f2:57:21:01:be:5e:26:3e:64:ea:4c:2d:04:18:
10:57:86:0a:7e:93:8f:7a:b6:6a:a9:b2:54:55:dc:
d7:1e:73:26:19:dc:0c:73:5e:58:0b:7c:aa:e3:d8:
36:c7:ff:bf:a2:a1:8e:05:01:a6:ad:68:27:ce:ce:
02:47:df:d1:e1:3f:c5:e0:4c:0a:f6:3c:f1:53:3a:
7a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AD:F0:85:86:4E:66:6B:51:99:E6:22:F1:6A:8A:33:93:03:F3:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D7C78A2CF6011EFBD1F4454762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.7.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:74:c9:bf:bf:b4:a1:b2:f8:64:0d:e9:f5:83:59:68:bd:38:
a5:71:96:bc:6d:54:95:76:e6:f1:a8:bc:a0:82:b8:98:99:12:
8d:9d:49:9d:a3:9e:af:f3:d0:3c:5e:4c:52:39:e6:99:9e:df:
9e:23:9f:5a:a1:c9:d2:66:89:f0:d4:5c:bf:87:5e:8a:03:c2:
be:21:c2:5c:1d:24:a8:94:00:04:57:12:3c:4b:48:f4:e4:99:
c7:11:54:df:ce:91:1a:99:23:3a:66:2b:69:cd:34:b0:ed:32:
3c:1b:66:45:bc:9f:ff:36:91:fc:25:14:86:59:e1:25:ac:c7:
b6:af:bb:a6:00:d0:19:fa:b6:07:a2:4c:89:93:7a:90:ef:21:
7e:57:04:95:08:d4:ae:4a:00:42:77:da:fa:ff:26:8e:89:1c:
04:5e:7b:f8:b3:b9:80:15:ec:4f:d4:33:c1:9a:28:65:f0:0b:
49:aa:c5:29:32:98:a0:90:5b:7f:5a:22:43:20:8f:56:20:c2:
ec:30:8a:11:d8:63:05:78:96:8f:af:15:64:69:7a:74:99:3a:
9d:ff:b2:c4:4c:58:89:77:24:bd:04:13:d5:8b:cf:b1:1b:cf:
fc:3c:46:de:bb:8d:44:2b:60:e7:8e:4a:46:db:e3:df:89:3c:
06:7f:f5:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTQzNjA5WhcNMjUwMjA1MTQzNjA5WjAYMRYw
FAYDVQQDEw02NzgxMzA1ZC05MWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuwyRoG2HGFIkn8LNK+ettq3eZAJ5WZVj7HL8/XT6A72/TaDLvVVrDcQX
yyguOg2qoWfrovPBleBad0/oLM5EzVIlGc/+28eKuevlJ791XpPxvrJdN7m087z3
xaGojoRNxjxCzuheYZlgLWYa+ZuxcNZ484WNV2RLwUiG8k6FQApS+cRICmmURdF2
BsGhXURhXC97FDvr9Ip6fYvsbzmapJHrYrStqswQVMMo53LOtrvk1OWL8lchAb5e
Jj5k6kwtBBgQV4YKfpOPerZqqbJUVdzXHnMmGdwMc15YC3yq49g2x/+/oqGOBQGm
rWgnzs4CR9/R4T/F4EwK9jzxUzp6xQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG2t
8IWGTmZrUZnmIvFqijOTA/M6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRDdDNzhBMkNGNjAxMUVGQkQxRjQ0NTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPIHMA0GCSqGSIb3DQEBCwUA
A4IBAQCpdMm/v7ShsvhkDen1g1lovTilcZa8bVSVdubxqLyggriYmRKNnUmdo56v
89A8XkxSOeaZnt+eI59aocnSZonw1Fy/h16KA8K+IcJcHSSolAAEVxI8S0j05JnH
EVTfzpEamSM6ZitpzTSw7TI8G2ZFvJ//NpH8JRSGWeElrMe2r7umANAZ+rYHokyJ
k3qQ7yF+VwSVCNSuSgBCd9r6/yaOiRwEXnv4s7mAFexP1DPBmihl8AtJqsUpMpig
kFt/WiJDII9WIMLsMIoR2GMFeJaPrxVkaXp0mTqd/7LETFiJdyS9BBPVi8+xG8/8
PEbeu41EK2DnjkpG2+PfiTwGf/Vj
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:30 2025 by rpki-client