Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/749BB100CD2F11EF8584BB53762E951A.roa
File: 749BB100CD2F11EF8584BB53762E951A.roa (raw, json)
Hash identifier: bvTXSCHOk5KZ7byNGn7ZTrGEvJg//Ivpl+ubKClf5mE=
Subject key identifier: 8A:B0:19:50:0D:F8:B6:E0:94:0A:BA:7F:8B:62:9F:4A:30:4A:A2:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDE5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/749BB100CD2F11EF8584BB53762E951A.roa
Signing time: Tue 07 Jan 2025 19:41:58 +0000
ROA not before: Tue 07 Jan 2025 19:41:54 +0000
ROA not after: Mon 13 Dec 2027 19:41:54 +0000
asID: 17561
IP address blocks: 156.242.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64997 (0xfde5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:41:54 2025 GMT
Not After : Dec 13 19:41:54 2027 GMT
Subject: CN=677d8385-6d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e5:f3:d8:f4:e4:6f:56:63:f1:ed:29:df:0d:
5f:75:74:4b:ba:5c:14:ef:9b:d3:0e:e5:19:40:0b:
d0:78:ba:7f:53:9d:bf:de:2f:15:cd:06:12:66:ec:
ef:9d:72:62:4e:ea:4c:0d:1f:af:f7:7c:25:82:df:
45:64:88:4c:bc:7e:64:0a:16:77:cd:fd:ed:31:96:
4c:ed:66:a2:b5:ea:01:cc:9b:94:b6:73:68:12:e4:
4d:dd:6e:21:29:6e:4c:c5:55:15:9f:d9:db:91:d3:
b9:a4:59:54:20:86:f3:eb:f8:c3:8c:48:43:0a:50:
40:dd:75:74:06:4d:3b:7e:3c:bc:2b:2b:ff:c6:d0:
ce:46:15:b7:85:3d:8a:39:32:fe:38:85:f7:b8:6b:
b7:fd:d6:90:49:ab:ca:f3:80:89:e1:c6:d9:58:93:
36:ad:a7:d7:60:9e:89:11:e3:53:da:c8:f9:34:7f:
2c:c4:aa:e2:fb:96:33:01:5f:1e:78:a8:70:d7:07:
09:9d:95:fe:f7:d1:c3:20:56:34:33:f2:a2:ec:0c:
f3:ca:c5:21:cf:b3:dd:1e:b1:b9:1e:f6:3c:0d:0a:
ec:61:01:4c:9e:b2:ca:8e:ad:dd:c1:0c:d3:37:01:
00:28:3f:75:1e:7d:6a:6a:7d:b5:26:da:3d:d6:ec:
10:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B0:19:50:0D:F8:B6:E0:94:0A:BA:7F:8B:62:9F:4A:30:4A:A2:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/749BB100CD2F11EF8584BB53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.3.0/24
Signature Algorithm: sha256WithRSAEncryption
44:34:21:aa:2f:c4:ce:2a:8f:fd:e0:b0:ec:a2:a6:cf:31:1c:
ea:6c:d3:5b:94:9f:4a:51:c1:35:73:7d:7e:29:36:a0:99:57:
30:4b:7d:03:76:51:cb:ee:2b:e2:e1:b2:86:5a:2c:af:1f:9f:
9d:71:b4:9f:b2:b0:21:f6:b5:1b:3c:f6:8f:ae:a7:1e:15:6b:
d3:c1:00:43:78:8b:cf:fa:cd:3a:ad:cb:d2:2d:cd:d5:48:4a:
28:4b:c3:da:e2:23:95:ea:3d:cb:0b:6a:b5:30:a3:01:f9:ca:
0c:ce:84:df:ff:60:69:66:df:41:27:5b:c0:c1:9e:fd:c5:e4:
a5:77:bd:0e:b2:05:53:bc:78:40:0d:d7:07:66:26:fe:bf:54:
ec:5c:e2:af:da:7e:5e:73:b6:2f:34:0a:95:00:e8:83:1d:aa:
b6:37:e2:e8:6e:ad:c2:7a:e8:ad:fe:66:f4:d8:b7:39:18:ce:
4c:4e:a7:1d:5e:5c:36:c8:81:80:2b:9b:2f:52:bd:9a:64:67:
06:2f:3a:3a:54:10:b3:24:69:00:66:d4:54:ed:d8:04:84:9f:
a1:50:2b:0e:15:ef:e5:1b:80:c6:45:04:7d:6f:ad:8a:b6:51:
46:03:51:0e:0c:04:d2:54:f8:fd:3e:eb:88:de:f7:dd:43:3e:
0f:c7:0b:bd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP3lMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTk0MTU0WhcNMjcxMjEzMTk0MTU0WjAYMRYw
FAYDVQQDEw02NzdkODM4NS02ZDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmeXz2PTkb1Zj8e0p3w1fdXRLulwU75vTDuUZQAvQeLp/U52/3i8VzQYS
ZuzvnXJiTupMDR+v93wlgt9FZIhMvH5kChZ3zf3tMZZM7WaiteoBzJuUtnNoEuRN
3W4hKW5MxVUVn9nbkdO5pFlUIIbz6/jDjEhDClBA3XV0Bk07fjy8Kyv/xtDORhW3
hT2KOTL+OIX3uGu3/daQSavK84CJ4cbZWJM2rafXYJ6JEeNT2sj5NH8sxKri+5Yz
AV8eeKhw1wcJnZX+99HDIFY0M/Ki7AzzysUhz7PdHrG5HvY8DQrsYQFMnrLKjq3d
wQzTNwEAKD91Hn1qan21Jto91uwQVQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIqw
GVAN+LbglAq6f4tin0owSqLvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NDlCQjEwMENEMkYxMUVGODU4NEJCNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPIDMA0GCSqGSIb3DQEBCwUA
A4IBAQBENCGqL8TOKo/94LDsoqbPMRzqbNNblJ9KUcE1c31+KTagmVcwS30DdlHL
7ivi4bKGWiyvH5+dcbSfsrAh9rUbPPaPrqceFWvTwQBDeIvP+s06rcvSLc3VSEoo
S8Pa4iOV6j3LC2q1MKMB+coMzoTf/2BpZt9BJ1vAwZ79xeSld70OsgVTvHhADdcH
Zib+v1TsXOKv2n5ec7YvNAqVAOiDHaq2N+Lobq3Ceuit/mb02Lc5GM5MTqcdXlw2
yIGAK5svUr2aZGcGLzo6VBCzJGkAZtRU7dgEhJ+hUCsOFe/lG4DGRQR9b62KtlFG
A1EODATSVPj9PuuI3vfdQz4Pxwu9
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:36 2025 by rpki-client