Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3DE4D59EABA411EF9DEE196B762E951A.roa
File: 3DE4D59EABA411EF9DEE196B762E951A.roa (raw, json)
Hash identifier: laeeOUfWXdH0RBigFQiJ2Wz/9o424QRvqLr4t09DhfM=
Subject key identifier: B0:ED:70:CC:06:9B:8E:96:1C:58:9D:3C:07:B5:3E:50:93:B2:5B:25
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DA9F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3DE4D59EABA411EF9DEE196B762E951A.roa
Signing time: Tue 26 Nov 2024 03:12:17 +0000
ROA not before: Tue 26 Nov 2024 03:12:14 +0000
ROA not after: Fri 26 Nov 2027 03:12:14 +0000
asID: 17561
IP address blocks: 156.244.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55967 (0xda9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 26 03:12:14 2024 GMT
Not After : Nov 26 03:12:14 2027 GMT
Subject: CN=67453c91-5607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:cb:bb:2e:49:e0:0a:9d:b2:93:0c:b3:21:33:
41:e7:d6:fc:5c:57:be:ca:d8:7c:1d:a0:32:ed:8b:
74:52:49:eb:7c:be:b4:6b:cc:1c:91:27:ee:e0:6b:
90:06:39:5d:f6:2b:b4:ff:6e:62:f9:ab:53:3a:23:
43:2e:b8:7c:94:81:8f:ae:91:eb:55:65:54:ae:79:
69:81:0a:27:0c:b6:0a:7c:da:63:f4:32:a4:58:be:
6b:d1:47:c0:45:84:20:e7:04:9a:85:32:cb:ba:78:
68:3b:e7:be:b2:df:aa:74:24:9a:47:2e:f6:77:56:
dc:ec:09:3c:fd:da:12:ab:79:e5:3e:16:a1:0c:7d:
1b:f0:db:6d:c6:02:4d:85:c5:b5:d4:28:d6:88:5b:
7a:ce:8b:ca:97:9e:a3:69:c8:32:c3:0b:9c:9a:42:
f0:af:73:05:1d:00:90:cc:65:27:04:c7:15:e1:5e:
77:14:96:29:e4:7a:f5:93:69:6b:d7:63:96:f2:b2:
2a:86:c1:6a:3a:77:63:18:47:58:eb:fe:d5:fc:81:
3b:54:59:a2:e7:b1:b0:e5:a8:e9:b7:2e:c7:f3:6d:
19:69:be:8d:57:08:97:d4:6a:34:e5:47:fb:27:62:
15:84:6d:76:74:5f:75:bb:ae:2e:cd:f6:b0:cd:ae:
e4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:ED:70:CC:06:9B:8E:96:1C:58:9D:3C:07:B5:3E:50:93:B2:5B:25
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3DE4D59EABA411EF9DEE196B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.128.0/17
Signature Algorithm: sha256WithRSAEncryption
bc:35:80:37:98:fb:c2:e4:8b:57:4d:1b:bf:e8:d9:12:b2:ac:
69:b8:20:30:be:5a:42:b8:e9:15:88:56:18:c0:45:e1:b5:61:
30:3a:56:e0:29:f3:52:84:b5:5a:a9:53:2d:ee:f4:b7:79:49:
f4:ae:2c:f4:1c:17:d4:6f:00:60:81:83:46:e9:c2:3a:73:97:
38:32:4c:0c:c0:79:5f:a3:4e:0d:fd:c5:af:5b:eb:aa:8b:09:
c4:32:12:b8:37:9f:5d:52:b9:d4:4e:71:df:7b:d8:15:83:80:
6d:60:fb:6d:41:12:2f:5f:42:10:1f:7f:30:6c:81:8b:86:8b:
bd:53:02:9c:1d:1e:0c:1f:a5:e6:90:fe:ff:5a:a5:23:2d:7e:
d8:4d:94:f0:2b:74:cc:b2:4d:1d:b8:df:80:e3:da:e0:84:9b:
fa:37:04:90:5e:1b:64:80:d9:4e:be:12:2c:7e:64:13:78:09:
86:32:58:90:d0:33:4b:2c:ca:d9:0d:17:fa:3d:d9:9c:a9:20:
a7:d6:81:16:83:7a:2a:50:be:8e:d9:61:b0:c5:2c:41:d5:e8:
a8:af:75:b5:34:b6:10:2c:a4:8d:5c:97:b8:3b:ed:5c:ac:3f:
dc:be:0f:68:f5:f6:f5:d5:ae:d8:cb:b2:47:92:0c:3b:d2:3c:
21:1d:94:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANqfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI2MDMxMjE0WhcNMjcxMTI2MDMxMjE0WjAYMRYw
FAYDVQQDEw02NzQ1M2M5MS01NjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA48u7LkngCp2ykwyzITNB59b8XFe+yth8HaAy7Yt0UknrfL60a8wckSfu
4GuQBjld9iu0/25i+atTOiNDLrh8lIGPrpHrVWVUrnlpgQonDLYKfNpj9DKkWL5r
0UfARYQg5wSahTLLunhoO+e+st+qdCSaRy72d1bc7Ak8/doSq3nlPhahDH0b8Ntt
xgJNhcW11CjWiFt6zovKl56jacgywwucmkLwr3MFHQCQzGUnBMcV4V53FJYp5Hr1
k2lr12OW8rIqhsFqOndjGEdY6/7V/IE7VFmi57Gw5ajpty7H820Zab6NVwiX1Go0
5Uf7J2IVhG12dF91u64uzfawza7krwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLDt
cMwGm46WHFidPAe1PlCTslslMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zREU0RDU5RUFCQTQxMUVGOURFRTE5NkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHnPSAMA0GCSqGSIb3DQEBCwUA
A4IBAQC8NYA3mPvC5ItXTRu/6NkSsqxpuCAwvlpCuOkViFYYwEXhtWEwOlbgKfNS
hLVaqVMt7vS3eUn0riz0HBfUbwBggYNG6cI6c5c4MkwMwHlfo04N/cWvW+uqiwnE
MhK4N59dUrnUTnHfe9gVg4BtYPttQRIvX0IQH38wbIGLhou9UwKcHR4MH6XmkP7/
WqUjLX7YTZTwK3TMsk0duN+A49rghJv6NwSQXhtkgNlOvhIsfmQTeAmGMliQ0DNL
LMrZDRf6PdmcqSCn1oEWg3oqUL6O2WGwxSxB1eior3W1NLYQLKSNXJe4O+1crD/c
vg9o9fb11a7Yy7JHkgw70jwhHZRS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:14 2025 by rpki-client