Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F99E8FAF46711EF9F201258762E951A.roa
File: 3F99E8FAF46711EF9F201258762E951A.roa (raw, json)
Hash identifier: 3qzeC6dvvlOM+NGMeqy5zeUgnpPWbPCIbDuIUbZ5Hl8=
Subject key identifier: 27:D2:01:23:C3:2F:02:D6:92:C2:96:CE:78:F4:0D:02:27:60:DE:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01359D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F99E8FAF46711EF9F201258762E951A.roa
Signing time: Wed 26 Feb 2025 17:29:36 +0000
ROA not before: Wed 26 Feb 2025 17:29:32 +0000
ROA not after: Sat 19 Feb 2028 17:29:32 +0000
asID: 17561
IP address blocks: 156.233.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79261 (0x1359d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 17:29:32 2025 GMT
Not After : Feb 19 17:29:32 2028 GMT
Subject: CN=67bf4f80-33f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:08:2c:0a:58:ba:30:1d:c6:61:69:84:7e:26:
d7:ca:f0:1d:54:b4:fc:d6:c3:66:81:d4:8e:df:4f:
5d:b4:76:6f:97:52:b1:b3:92:21:05:1c:f3:99:f2:
fa:67:36:79:e2:53:6b:b7:39:5d:b2:3d:cf:99:3c:
ab:b0:8e:38:9e:42:47:09:64:18:1f:9e:8b:f4:a1:
1d:22:f7:f7:fa:fe:85:a8:df:9b:b4:77:59:d3:5a:
60:6b:ac:d0:6b:08:e2:b6:f5:4d:90:46:91:a0:10:
f5:9e:d3:cc:ea:09:53:2e:9e:b2:a2:a7:fc:80:1f:
43:8e:8e:25:bc:a1:04:9b:b9:cc:cb:e1:27:53:e0:
1c:e5:14:a6:4d:6c:93:de:f5:4e:0a:63:62:1d:0b:
15:42:e2:f9:a1:63:52:78:18:16:f3:2f:df:cc:c0:
cc:bb:21:00:4f:7f:2a:2c:06:e7:8c:e6:d6:46:d2:
da:83:1b:99:2c:18:a0:ec:95:fb:42:51:aa:ed:05:
76:ef:82:87:3e:f3:a2:70:10:89:ef:3d:c6:5a:df:
42:6c:dc:6d:be:e3:20:63:c9:b7:04:4a:a1:77:e6:
9f:29:11:6d:88:e7:7e:dd:04:31:4e:a1:c9:95:6f:
3c:b7:c1:e3:6c:a2:c3:b7:17:71:4a:1e:76:6a:41:
1f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D2:01:23:C3:2F:02:D6:92:C2:96:CE:78:F4:0D:02:27:60:DE:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F99E8FAF46711EF9F201258762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.79.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b8:c8:3d:26:06:c7:26:a2:66:4f:01:eb:6b:9a:6f:ba:81:
16:4f:ce:62:1d:b1:0a:80:d5:66:b4:e8:36:96:74:51:c3:d1:
4f:e5:b8:1b:49:84:bf:06:29:54:86:7e:7e:fa:c5:43:b3:eb:
d8:27:29:3b:cc:4c:99:ff:83:9e:c2:fc:99:5a:37:20:b3:8f:
9a:88:41:55:01:8d:08:2f:c4:2a:bc:1f:82:cb:b7:d5:32:4c:
25:7c:7e:ed:be:e7:c3:e4:61:2d:38:41:c4:78:bc:be:51:e2:
7c:cd:9e:8b:ec:21:b2:23:85:43:92:fd:d0:1a:70:0d:ba:16:
04:af:23:fe:fe:2b:57:71:fd:de:ae:1d:28:92:b3:db:36:fb:
20:9a:2f:7c:80:86:ca:04:0f:2b:e7:39:95:93:b6:7f:6b:18:
82:f0:ea:5a:d3:89:63:e0:d3:b3:10:06:f9:3d:a1:5b:5f:b4:
2d:02:6c:a2:41:f3:36:20:c5:42:49:5a:86:95:82:a9:f8:24:
36:3e:fd:5e:66:64:16:e2:1f:9a:11:cb:59:c5:ac:a3:36:5a:
ba:7f:e3:91:ee:8f:21:e5:03:af:f5:ce:48:72:43:9c:f0:9e:
77:97:76:28:fd:79:3b:e1:bb:81:03:cf:85:1d:ec:1c:22:29:
83:bd:dd:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATWdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTcyOTMyWhcNMjgwMjE5MTcyOTMyWjAYMRYw
FAYDVQQDEw02N2JmNGY4MC0zM2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuAgsCli6MB3GYWmEfibXyvAdVLT81sNmgdSO309dtHZvl1Kxs5IhBRzz
mfL6ZzZ54lNrtzldsj3PmTyrsI44nkJHCWQYH56L9KEdIvf3+v6FqN+btHdZ01pg
a6zQawjitvVNkEaRoBD1ntPM6glTLp6yoqf8gB9Djo4lvKEEm7nMy+EnU+Ac5RSm
TWyT3vVOCmNiHQsVQuL5oWNSeBgW8y/fzMDMuyEAT38qLAbnjObWRtLagxuZLBig
7JX7QlGq7QV274KHPvOicBCJ7z3GWt9CbNxtvuMgY8m3BEqhd+afKRFtiOd+3QQx
TqHJlW88t8HjbKLDtxdxSh52akEfrwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCfS
ASPDLwLWksKWznj0DQInYN5pMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjk5RThGQUY0NjcxMUVGOUYyMDEyNTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlPMA0GCSqGSIb3DQEBCwUA
A4IBAQB9uMg9JgbHJqJmTwHra5pvuoEWT85iHbEKgNVmtOg2lnRRw9FP5bgbSYS/
BilUhn5++sVDs+vYJyk7zEyZ/4OewvyZWjcgs4+aiEFVAY0IL8QqvB+Cy7fVMkwl
fH7tvufD5GEtOEHEeLy+UeJ8zZ6L7CGyI4VDkv3QGnANuhYEryP+/itXcf3erh0o
krPbNvsgmi98gIbKBA8r5zmVk7Z/axiC8Opa04lj4NOzEAb5PaFbX7QtAmyiQfM2
IMVCSVqGlYKp+CQ2Pv1eZmQW4h+aEctZxayjNlq6f+OR7o8h5QOv9c5IckOc8J53
l3Yo/Xk74buBA8+FHewcIimDvd2w
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:33 2025 by rpki-client