Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F80392CC95711EFB18BD961762E951A.roa
File: 3F80392CC95711EFB18BD961762E951A.roa (raw, json)
Hash identifier: vpdB3vyLQYmmDqAJnvMOmKwO08n2adJf4Utw8TG3cbA=
Subject key identifier: F0:C3:6D:4A:A3:93:F8:04:38:FB:D8:15:4A:84:4A:8B:36:6E:7F:86
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F402
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F80392CC95711EFB18BD961762E951A.roa
Signing time: Thu 02 Jan 2025 22:16:44 +0000
ROA not before: Thu 02 Jan 2025 22:16:40 +0000
ROA not after: Mon 13 Dec 2027 22:16:40 +0000
asID: 17561
IP address blocks: 156.226.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62466 (0xf402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 22:16:40 2025 GMT
Not After : Dec 13 22:16:40 2027 GMT
Subject: CN=6777104c-dd36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c6:10:b4:fe:d6:0c:f2:7d:83:b9:e7:84:9d:
22:6a:b0:b7:82:50:17:3e:62:20:b3:44:e9:71:31:
9b:0a:60:62:2a:40:3d:0f:b2:dc:55:9d:58:11:80:
a3:bc:0b:1d:50:b2:77:b1:44:25:da:d9:ed:fa:15:
bc:ea:27:36:6e:9a:d6:94:54:67:38:82:95:41:62:
2c:0a:8a:29:de:30:ef:2b:fb:39:62:cf:ed:bb:28:
9f:f6:76:24:cd:35:fc:3e:ec:69:ef:6d:67:46:a7:
2a:75:15:b8:5e:4f:c1:78:ee:8a:43:36:fc:f1:ae:
f8:8b:60:3a:21:86:f5:bc:c1:ce:24:1b:dd:a0:6e:
8c:42:ce:80:38:99:c0:a1:1c:37:47:7e:f4:50:82:
b6:e7:f6:5d:24:7c:ab:4f:a5:b5:cb:a6:d6:14:fb:
8a:69:e9:29:ff:1e:ae:d7:4b:a0:d3:37:3f:0d:3b:
6e:21:39:71:47:ff:81:99:ba:83:c2:f0:b5:87:b6:
84:03:42:97:7d:93:ab:93:25:bc:c9:09:b6:e7:16:
b4:6c:5b:a6:83:40:50:c0:1b:3d:65:6d:f7:71:02:
7d:2d:9c:f6:83:1f:bd:51:27:8a:88:50:41:5d:d5:
ac:df:34:60:60:8b:8a:ee:85:14:a3:b8:db:93:9b:
e7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C3:6D:4A:A3:93:F8:04:38:FB:D8:15:4A:84:4A:8B:36:6E:7F:86
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F80392CC95711EFB18BD961762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.154.0/24
Signature Algorithm: sha256WithRSAEncryption
84:81:b5:e1:50:a0:c4:b0:ec:af:2d:b6:ce:db:e0:74:39:d2:
e4:23:d8:e0:df:58:a0:b8:90:fe:8c:6c:b9:32:81:82:d5:98:
a5:e1:25:d3:19:fa:09:e0:a4:85:0c:78:32:3f:6f:b2:69:83:
6a:b7:d2:ed:73:a0:83:8d:b7:3b:3d:32:64:bf:02:2c:b0:23:
c1:53:c8:8d:2d:0c:52:8e:48:ad:6c:ad:2c:d7:a8:2e:74:84:
90:89:bb:33:f9:d1:db:dd:77:54:60:52:34:bd:f6:2c:6d:8e:
ad:b0:18:cf:8d:01:99:23:02:35:9a:13:a8:c6:fc:e3:b7:60:
7e:bc:be:54:1a:06:64:03:c0:bb:90:f5:0a:e0:5a:16:1c:81:
22:b4:b9:ae:a9:1d:62:05:21:69:bb:a3:60:b1:46:4f:24:20:
29:0c:55:41:29:b4:bc:b0:d8:58:c7:61:9d:76:da:3a:39:fe:
ef:d6:63:59:35:d9:fb:de:fb:06:7b:6a:01:f4:73:70:65:2c:
3c:c4:e7:4e:2d:62:69:bc:a2:59:fa:7e:5d:a7:34:40:4e:fa:
65:c3:0f:6c:32:5e:9b:7d:5c:d8:4a:cb:83:c3:f0:36:6d:aa:
f5:19:27:86:56:f5:d0:e6:ce:ad:5b:29:f9:53:e1:9b:13:f1:
61:12:87:6d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPQCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjIxNjQwWhcNMjcxMjEzMjIxNjQwWjAYMRYw
FAYDVQQDEw02Nzc3MTA0Yy1kZDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAucYQtP7WDPJ9g7nnhJ0iarC3glAXPmIgs0TpcTGbCmBiKkA9D7LcVZ1Y
EYCjvAsdULJ3sUQl2tnt+hW86ic2bprWlFRnOIKVQWIsCoop3jDvK/s5Ys/tuyif
9nYkzTX8Puxp721nRqcqdRW4Xk/BeO6KQzb88a74i2A6IYb1vMHOJBvdoG6MQs6A
OJnAoRw3R370UIK25/ZdJHyrT6W1y6bWFPuKaekp/x6u10ug0zc/DTtuITlxR/+B
mbqDwvC1h7aEA0KXfZOrkyW8yQm25xa0bFumg0BQwBs9ZW33cQJ9LZz2gx+9USeK
iFBBXdWs3zRgYIuK7oUUo7jbk5vnBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPDD
bUqjk/gEOPvYFUqESos2bn+GMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjgwMzkyQ0M5NTcxMUVGQjE4QkQ5NjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOKaMA0GCSqGSIb3DQEBCwUA
A4IBAQCEgbXhUKDEsOyvLbbO2+B0OdLkI9jg31iguJD+jGy5MoGC1Zil4SXTGfoJ
4KSFDHgyP2+yaYNqt9Ltc6CDjbc7PTJkvwIssCPBU8iNLQxSjkitbK0s16gudISQ
ibsz+dHb3XdUYFI0vfYsbY6tsBjPjQGZIwI1mhOoxvzjt2B+vL5UGgZkA8C7kPUK
4FoWHIEitLmuqR1iBSFpu6NgsUZPJCApDFVBKbS8sNhYx2Gddto6Of7v1mNZNdn7
3vsGe2oB9HNwZSw8xOdOLWJpvKJZ+n5dpzRATvplww9sMl6bfVzYSsuDw/A2bar1
GSeGVvXQ5s6tWyn5U+GbE/FhEodt
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:01 2025 by rpki-client