Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3DD31BF2F34711EF9661B79F762E951A.roa
File: 3DD31BF2F34711EF9661B79F762E951A.roa (raw, json)
Hash identifier: AvuwO6pIvCejOJntb9zthYypFmHmFOHVQzyEXqID7c8=
Subject key identifier: 55:A2:99:AE:76:13:27:27:CC:A0:A4:0B:4D:FA:21:12:21:D9:FE:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012D9C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3DD31BF2F34711EF9661B79F762E951A.roa
Signing time: Tue 25 Feb 2025 07:07:58 +0000
ROA not before: Tue 25 Feb 2025 07:07:54 +0000
ROA not after: Sat 19 Feb 2028 07:07:54 +0000
asID: 17561
IP address blocks: 156.249.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77212 (0x12d9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 25 07:07:54 2025 GMT
Not After : Feb 19 07:07:54 2028 GMT
Subject: CN=67bd6c4e-ee6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:af:81:49:f6:f2:69:fd:0c:d4:08:43:d9:b9:
af:5d:35:42:7d:15:9f:32:a7:bc:1d:5e:eb:0c:7c:
aa:be:86:15:21:df:08:af:6f:90:67:4c:6f:87:8c:
0b:90:32:80:d7:8c:30:bd:71:29:8d:fc:7a:88:fb:
c6:8b:33:c8:ee:10:a1:37:1a:87:ff:f1:bf:75:69:
7b:7b:c5:8d:18:1f:13:76:fc:cd:44:66:ab:4f:c7:
24:82:43:1c:fa:36:19:e9:99:05:a3:22:c6:ec:c0:
ea:78:e7:b4:67:72:33:1d:fd:86:c5:d0:d5:23:44:
08:f4:64:d6:1f:09:7f:af:af:7c:d7:90:71:dc:90:
9f:79:f0:c5:fc:f3:f0:07:43:47:86:e8:e3:1a:86:
0a:b5:7d:b9:1b:a2:67:96:84:81:05:ac:28:61:5f:
ce:e8:7e:1f:07:d6:0f:c8:f6:2b:05:b9:72:8e:7d:
16:d5:b1:d7:64:e1:13:ea:eb:0f:b4:f7:54:d7:66:
76:d4:1d:81:7e:d4:b9:a2:bf:20:13:88:c6:06:50:
4e:ef:95:ab:cf:8b:7f:8c:34:a3:a3:9b:db:fb:dd:
af:ba:60:94:6b:36:cf:cd:c7:91:7f:83:e0:37:83:
3b:b7:51:bc:2b:fa:f2:63:5f:de:d0:5d:49:4f:62:
68:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A2:99:AE:76:13:27:27:CC:A0:A4:0B:4D:FA:21:12:21:D9:FE:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3DD31BF2F34711EF9661B79F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.218.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:fc:30:16:a2:dc:01:2e:36:91:23:1e:cb:af:0d:f5:be:fd:
13:32:84:82:df:a6:2a:9f:1b:0c:c6:1c:0b:8d:7d:b5:3c:9a:
37:e4:86:70:fe:c9:b0:22:77:35:b9:8a:dd:07:1d:a5:f6:43:
9b:ec:89:8f:4d:9c:38:17:ea:04:6e:bc:e2:2a:43:07:28:a3:
9f:0a:c2:ea:b6:29:1a:80:b9:93:00:bc:a8:dd:95:72:98:5a:
59:ee:11:a4:d5:82:cd:ae:bf:ef:bf:04:79:04:f7:02:0f:22:
be:f5:25:26:0e:d2:b6:94:6b:f5:04:98:4b:82:5d:86:99:9f:
d0:5e:f3:04:2f:1d:07:58:6c:ba:9f:b9:9a:13:ef:a7:9a:b7:
31:c5:88:cc:b2:40:7b:22:35:20:6d:d2:52:7e:6f:ae:4f:a1:
5c:77:38:9d:88:10:55:0b:d8:75:94:3b:33:f3:b6:20:9f:51:
0f:7f:5e:c3:48:7f:3d:b9:1c:58:67:f0:db:e0:e7:dd:69:65:
48:20:35:52:1a:89:10:af:6a:60:c9:a2:04:ff:9d:c8:33:63:
70:2d:1a:b5:85:6b:e7:ed:2b:96:b8:aa:a6:4f:0f:e1:65:1d:
65:56:1e:0d:7e:df:10:14:e9:77:e5:88:b9:8a:e9:61:2f:4f:
f2:f6:a4:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS2cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI1MDcwNzU0WhcNMjgwMjE5MDcwNzU0WjAYMRYw
FAYDVQQDEw02N2JkNmM0ZS1lZTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsK+BSfbyaf0M1AhD2bmvXTVCfRWfMqe8HV7rDHyqvoYVId8Ir2+QZ0xv
h4wLkDKA14wwvXEpjfx6iPvGizPI7hChNxqH//G/dWl7e8WNGB8TdvzNRGarT8ck
gkMc+jYZ6ZkFoyLG7MDqeOe0Z3IzHf2GxdDVI0QI9GTWHwl/r69815Bx3JCfefDF
/PPwB0NHhujjGoYKtX25G6JnloSBBawoYV/O6H4fB9YPyPYrBblyjn0W1bHXZOET
6usPtPdU12Z21B2BftS5or8gE4jGBlBO75Wrz4t/jDSjo5vb+92vumCUazbPzceR
f4PgN4M7t1G8K/ryY1/e0F1JT2Jo4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFWi
ma52EycnzKCkC036IRIh2f4iMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zREQzMUJGMkYzNDcxMUVGOTY2MUI3OUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPnaMA0GCSqGSIb3DQEBCwUA
A4IBAQC7/DAWotwBLjaRIx7Lrw31vv0TMoSC36YqnxsMxhwLjX21PJo35IZw/smw
Inc1uYrdBx2l9kOb7ImPTZw4F+oEbrziKkMHKKOfCsLqtikagLmTALyo3ZVymFpZ
7hGk1YLNrr/vvwR5BPcCDyK+9SUmDtK2lGv1BJhLgl2GmZ/QXvMELx0HWGy6n7ma
E++nmrcxxYjMskB7IjUgbdJSfm+uT6FcdzidiBBVC9h1lDsz87Ygn1EPf17DSH89
uRxYZ/Db4OfdaWVIIDVSGokQr2pgyaIE/53IM2NwLRq1hWvn7SuWuKqmTw/hZR1l
Vh4Nft8QFOl35Yi5iulhL0/y9qQh
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:33 2025 by rpki-client