Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F7DD988AD5B11EFA0E212B7762E951A.roa
File: 3F7DD988AD5B11EFA0E212B7762E951A.roa (raw, json)
Hash identifier: Fo8PpDlM22rdx1WbBTqhNPCmMmo1ObjMektYuRy/5MQ=
Subject key identifier: D0:95:9E:0E:CC:06:54:A4:E5:06:FE:6B:CB:E5:C9:76:2F:D0:41:42
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC4D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F7DD988AD5B11EFA0E212B7762E951A.roa
Signing time: Thu 28 Nov 2024 07:34:49 +0000
ROA not before: Thu 28 Nov 2024 07:34:45 +0000
ROA not after: Tue 11 Feb 2025 07:34:45 +0000
asID: 3561
IP address blocks: 156.255.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56397 (0xdc4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 28 07:34:45 2024 GMT
Not After : Feb 11 07:34:45 2025 GMT
Subject: CN=67481d19-43d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a1:60:04:b5:af:b6:1e:1d:2d:43:5f:bc:45:
1f:f1:48:ed:0a:bc:02:3e:3f:b4:5e:b5:5e:e2:6b:
56:0f:64:2b:3a:cf:76:2b:5b:d5:09:4a:4f:c5:de:
d9:ac:8e:57:ba:1f:71:2b:c1:56:6b:54:77:21:59:
99:11:96:52:f8:c4:99:84:0c:4a:95:ec:e1:4b:1d:
99:65:9d:c3:2b:4d:ac:50:40:69:31:a2:9f:a0:60:
f4:bc:dc:f2:d2:e8:06:e4:0a:05:bb:2f:bf:c5:a9:
7f:40:59:1f:d5:4a:b2:5b:11:a4:0a:f4:07:40:dc:
d5:39:14:b4:92:42:ad:6c:cf:a7:83:06:5e:d5:c6:
b6:cd:bb:52:98:6d:41:fe:59:2c:ed:a6:cd:e5:da:
fe:56:65:72:37:23:e5:58:12:1f:85:3d:11:18:23:
ae:6c:be:27:80:94:08:7a:7b:b4:10:2b:69:3a:da:
3a:89:bb:9a:57:a4:1d:02:01:5e:5b:48:bc:1c:45:
fc:fb:2a:f7:3e:31:bb:13:5e:65:f0:57:f4:69:ee:
7f:81:34:97:5f:db:e1:69:56:34:4e:20:de:1e:e3:
51:3e:2b:99:15:ed:26:28:68:20:b7:46:9a:c3:b8:
be:25:c2:e3:61:ed:22:5d:cb:01:f7:fd:40:6a:b9:
3e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:95:9E:0E:CC:06:54:A4:E5:06:FE:6B:CB:E5:C9:76:2F:D0:41:42
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F7DD988AD5B11EFA0E212B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.4.0/22
Signature Algorithm: sha256WithRSAEncryption
af:18:62:96:9a:7e:c8:f8:1f:df:87:fd:db:a3:2f:4a:75:5e:
09:b5:01:03:83:04:e2:a8:fb:f9:3c:e5:f8:14:1c:a5:41:8a:
44:0e:84:50:08:a3:1c:d6:31:2d:4c:0d:66:b8:2e:47:af:27:
d0:f3:d4:fd:58:0b:d1:fa:06:74:6b:1b:22:de:9d:75:16:0c:
c2:f3:1b:33:57:12:b8:cb:17:fa:30:a7:81:88:b9:34:8d:38:
d1:ca:0b:eb:0d:6e:b9:f0:bf:8e:11:8a:b8:c8:56:1f:95:31:
b9:3b:84:d1:5a:31:30:77:3b:64:96:2e:3c:04:24:ca:70:df:
66:bd:b3:1e:ff:35:a1:47:49:b0:61:6d:50:e2:6d:5e:89:6b:
55:d9:b4:53:68:3f:aa:06:ce:80:0a:7a:9d:86:d2:e8:f8:38:
1c:31:a1:56:05:c8:50:a2:8b:91:e9:77:25:1f:f0:14:9f:1c:
0f:de:5f:91:d9:43:da:dc:2a:0d:7c:32:9b:a4:23:f4:18:15:
db:a2:e2:7d:f9:0b:7c:ff:c9:54:1e:eb:c1:a7:83:3b:ef:a4:
f6:65:47:d5:df:be:f7:eb:ba:09:58:a4:e7:e9:5b:37:07:75:
d2:80:c7:97:cd:7a:87:84:c6:93:f2:57:09:f4:94:f9:9a:f7:
eb:55:68:0d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANxNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI4MDczNDQ1WhcNMjUwMjExMDczNDQ1WjAYMRYw
FAYDVQQDEw02NzQ4MWQxOS00M2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1KFgBLWvth4dLUNfvEUf8UjtCrwCPj+0XrVe4mtWD2QrOs92K1vVCUpP
xd7ZrI5Xuh9xK8FWa1R3IVmZEZZS+MSZhAxKlezhSx2ZZZ3DK02sUEBpMaKfoGD0
vNzy0ugG5AoFuy+/xal/QFkf1UqyWxGkCvQHQNzVORS0kkKtbM+ngwZe1ca2zbtS
mG1B/lks7abN5dr+VmVyNyPlWBIfhT0RGCOubL4ngJQIenu0ECtpOto6ibuaV6Qd
AgFeW0i8HEX8+yr3PjG7E15l8Ff0ae5/gTSXX9vhaVY0TiDeHuNRPiuZFe0mKGgg
t0aaw7i+JcLjYe0iXcsB9/1Aark+yQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNCV
ng7MBlSk5Qb+a8vlyXYv0EFCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjdERDk4OEFENUIxMUVGQTBFMjEyQjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP8EMA0GCSqGSIb3DQEBCwUA
A4IBAQCvGGKWmn7I+B/fh/3boy9KdV4JtQEDgwTiqPv5POX4FBylQYpEDoRQCKMc
1jEtTA1muC5HryfQ89T9WAvR+gZ0axsi3p11FgzC8xszVxK4yxf6MKeBiLk0jTjR
ygvrDW658L+OEYq4yFYflTG5O4TRWjEwdztkli48BCTKcN9mvbMe/zWhR0mwYW1Q
4m1eiWtV2bRTaD+qBs6ACnqdhtLo+DgcMaFWBchQoouR6XclH/AUnxwP3l+R2UPa
3CoNfDKbpCP0GBXbouJ9+Qt8/8lUHuvBp4M776T2ZUfV377367oJWKTn6Vs3B3XS
gMeXzXqHhMaT8lcJ9JT5mvfrVWgN
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:33 2025 by rpki-client