Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3DE7C6C4CF6111EF878BC55A762E951A.roa
File: 3DE7C6C4CF6111EF878BC55A762E951A.roa (raw, json)
Hash identifier: XpyuFE0g281JVV5k1anzjT4EfKyVhsFBaY6DtH9dXzM=
Subject key identifier: DB:14:EE:D1:A5:15:5C:6E:55:D4:0D:0E:60:A5:1D:22:F3:E3:B6:32
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010565
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3DE7C6C4CF6111EF878BC55A762E951A.roa
Signing time: Fri 10 Jan 2025 14:43:23 +0000
ROA not before: Fri 10 Jan 2025 14:43:16 +0000
ROA not after: Wed 05 Feb 2025 14:43:16 +0000
asID: 23764
IP address blocks: 156.242.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 05 Feb 2025 14:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66917 (0x10565)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 10 14:43:16 2025 GMT
Not After : Feb 5 14:43:16 2025 GMT
Subject: CN=6781320b-ccab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bf:d7:6d:b0:bf:f1:d6:d6:35:05:bd:a2:65:
cd:d8:21:da:bf:7d:87:15:27:51:58:f8:48:ab:45:
45:1a:a3:a6:94:ed:41:0c:b1:8b:ac:7d:28:af:ea:
16:aa:de:74:d2:c2:72:4f:fe:9a:96:63:c6:4a:b0:
18:a7:cb:20:cc:4f:41:6e:86:93:73:f7:98:48:d5:
5e:41:68:77:42:6a:91:8f:e7:c6:e1:5d:4b:9a:c6:
22:86:b3:cc:77:72:6e:b8:2c:f6:39:27:0e:62:32:
30:04:7a:5e:38:f5:05:45:d5:93:7d:6e:01:fb:bc:
8d:4e:35:da:7e:0d:bc:31:bf:25:93:ad:3d:60:81:
91:ac:e3:be:f4:77:e1:a1:d5:ae:71:3a:88:00:d9:
39:fb:41:e0:05:ac:02:4a:46:23:19:b5:e5:ff:9e:
d7:cc:ef:f9:80:e3:69:71:53:0e:d2:bb:2a:fc:78:
96:24:da:03:05:c5:0a:22:dc:73:3f:64:f5:b4:06:
7f:76:9a:fd:7b:52:34:c3:c7:20:b9:7a:fa:18:3b:
41:93:b5:2b:76:12:88:93:5e:f4:d1:ce:a9:ac:29:
4a:f2:c6:ff:a8:20:01:61:ed:b0:a3:91:7b:08:d7:
2d:0e:0f:99:e7:c0:d3:b4:e1:5e:c0:15:01:ff:8d:
e8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:14:EE:D1:A5:15:5C:6E:55:D4:0D:0E:60:A5:1D:22:F3:E3:B6:32
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3DE7C6C4CF6111EF878BC55A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.6.0/24
Signature Algorithm: sha256WithRSAEncryption
37:dd:c7:2c:48:a2:3b:70:2b:1e:38:7d:65:bb:52:5b:4f:4c:
62:5e:4c:8e:96:e8:2e:9c:84:a4:a1:d0:b2:f8:f8:0f:39:66:
09:ad:30:84:1a:e3:3d:cd:74:27:c6:ce:8f:39:9e:38:d9:ac:
02:bc:9f:c4:96:cd:ca:bd:10:9b:8e:98:b7:16:50:19:ae:42:
6b:4e:2c:63:69:21:88:9f:d7:eb:77:af:53:e4:7a:ce:64:67:
89:66:e2:d8:65:a9:4a:d2:b5:8f:34:12:eb:d9:a7:cf:8d:7e:
9c:3f:cb:7d:eb:a2:06:11:7c:a8:8f:40:f0:1d:3c:7a:08:ee:
96:69:12:a4:81:a3:67:11:45:19:ca:22:bd:1f:84:5f:66:c2:
8d:1c:9a:68:da:57:ba:03:9f:95:f0:a1:a7:73:53:7f:5e:d1:
fa:4b:f1:76:50:d4:6a:17:b5:bb:ea:8d:9e:ad:fb:0a:ac:f8:
45:9f:7a:54:10:02:f7:8d:aa:ae:a5:d2:cd:bf:71:6b:a8:a1:
49:9c:07:52:ea:6e:e8:42:05:3e:84:89:e6:93:e1:a7:ea:b6:
4a:51:01:08:76:a1:e2:be:96:0c:87:e3:18:aa:cb:95:c3:ac:
bc:23:9d:b9:5e:86:84:4e:cf:a9:61:ea:ce:6f:d2:57:3b:cc:
df:09:d1:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQVlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEwMTQ0MzE2WhcNMjUwMjA1MTQ0MzE2WjAYMRYw
FAYDVQQDEw02NzgxMzIwYi1jY2FiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAub/XbbC/8dbWNQW9omXN2CHav32HFSdRWPhIq0VFGqOmlO1BDLGLrH0o
r+oWqt500sJyT/6almPGSrAYp8sgzE9BboaTc/eYSNVeQWh3QmqRj+fG4V1LmsYi
hrPMd3JuuCz2OScOYjIwBHpeOPUFRdWTfW4B+7yNTjXafg28Mb8lk609YIGRrOO+
9HfhodWucTqIANk5+0HgBawCSkYjGbXl/57XzO/5gONpcVMO0rsq/HiWJNoDBcUK
ItxzP2T1tAZ/dpr9e1I0w8cguXr6GDtBk7UrdhKIk1700c6prClK8sb/qCABYe2w
o5F7CNctDg+Z58DTtOFewBUB/43ojQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNsU
7tGlFVxuVdQNDmClHSLz47YyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zREU3QzZDNENGNjExMUVGODc4QkM1NUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPIGMA0GCSqGSIb3DQEBCwUA
A4IBAQA33ccsSKI7cCseOH1lu1JbT0xiXkyOlugunISkodCy+PgPOWYJrTCEGuM9
zXQnxs6POZ442awCvJ/Els3KvRCbjpi3FlAZrkJrTixjaSGIn9frd69T5HrOZGeJ
ZuLYZalK0rWPNBLr2afPjX6cP8t966IGEXyoj0DwHTx6CO6WaRKkgaNnEUUZyiK9
H4RfZsKNHJpo2le6A5+V8KGnc1N/XtH6S/F2UNRqF7W76o2erfsKrPhFn3pUEAL3
jaqupdLNv3FrqKFJnAdS6m7oQgU+hInmk+Gn6rZKUQEIdqHivpYMh+MYqsuVw6y8
I525XoaETs+pYerOb9JXO8zfCdHd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:36 2025 by rpki-client