Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3CC8922D17A11EF90450A9F762E951A.roa
File: B3CC8922D17A11EF90450A9F762E951A.roa (raw, json)
Hash identifier: dpbWS2vXUzymPuFkNHZ/6Z2rSUQW11RgjDCPPOPxhLE=
Subject key identifier: 52:78:B6:83:C7:25:29:CC:55:37:18:C3:61:C5:DB:EF:04:EF:09:96
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01066E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3CC8922D17A11EF90450A9F762E951A.roa
Signing time: Mon 13 Jan 2025 06:50:40 +0000
ROA not before: Mon 13 Jan 2025 06:50:37 +0000
ROA not after: Thu 20 Feb 2025 06:50:37 +0000
asID: 50053
IP address blocks: 156.253.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67182 (0x1066e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 06:50:37 2025 GMT
Not After : Feb 20 06:50:37 2025 GMT
Subject: CN=6784b7c0-defb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:94:6f:d2:97:73:d9:22:32:3e:f5:5b:26:88:
8b:78:4c:3d:49:fe:31:23:6b:ee:6f:5c:81:44:83:
8b:81:c9:3e:19:69:9d:49:19:c3:1d:52:cb:d1:4d:
36:92:fc:a7:e8:cc:d2:99:ce:40:ac:08:72:e2:a2:
a3:f3:9e:8e:d2:a3:20:53:28:98:9e:86:d8:a3:34:
e0:83:f0:25:66:8f:8a:4a:8b:49:ac:d0:f2:3a:35:
0e:2b:35:d7:d1:74:df:e5:f9:1a:88:b5:2e:d6:bc:
62:ae:30:5d:e6:0b:97:b9:cf:0e:3a:70:6f:88:87:
c5:6a:6f:81:c4:1d:ee:4f:50:1a:da:3a:d8:fe:ac:
99:24:76:a4:64:5c:be:bc:c2:84:70:d1:4b:86:34:
42:6e:6d:73:6e:60:46:05:40:11:7e:34:5c:78:63:
d8:c4:e4:56:3c:7a:b8:c6:5a:d1:2b:4b:e1:8a:46:
17:d8:e3:c3:62:50:39:d2:59:65:2d:22:70:8f:47:
1e:c6:1b:d1:0e:b9:f3:b5:2f:cf:8f:52:7f:49:3f:
4b:1b:24:be:c7:79:3c:78:ec:1f:10:77:b8:6c:a9:
8d:c6:50:04:90:ea:82:5c:e0:5f:99:ed:67:8c:04:
5a:a5:f3:6d:7c:fc:ad:dc:9a:1f:16:88:98:c2:f5:
15:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:78:B6:83:C7:25:29:CC:55:37:18:C3:61:C5:DB:EF:04:EF:09:96
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3CC8922D17A11EF90450A9F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.223.0/24
Signature Algorithm: sha256WithRSAEncryption
56:29:29:0c:d3:d0:c8:62:0c:74:63:06:0f:81:7d:a2:9b:4a:
7a:b5:77:34:0d:13:72:5e:a7:25:a9:32:97:80:f7:8c:1e:77:
b1:3f:f5:cf:fc:37:c4:0c:f4:7c:30:c1:05:c8:cb:84:a3:3b:
e2:18:2f:51:77:62:c2:77:de:5f:56:31:2d:04:56:cc:1a:79:
85:ef:ce:7d:9d:e0:a7:56:5a:5e:70:98:ed:eb:80:1e:0a:d7:
71:2e:99:a0:04:ce:40:1b:41:1b:a6:10:b3:82:33:da:93:a8:
ea:f0:2e:e1:ff:10:54:d3:8c:d8:e5:1e:86:e4:32:e9:70:9b:
2d:ee:20:36:77:1f:14:6d:b6:1e:95:48:a4:52:1b:d8:61:fd:
39:4f:ea:a5:0a:18:05:5a:28:09:e3:10:f6:d2:74:94:77:13:
c6:73:42:d3:88:c5:dc:14:e9:a1:21:e5:00:40:e0:45:e1:b3:
bf:ce:1b:29:34:cd:08:74:e6:0c:1d:bd:b1:4a:b2:20:2b:db:
46:10:f9:78:3b:84:55:a9:40:a2:a3:73:d6:67:33:e3:df:e5:
cc:3f:a7:06:3f:9d:2a:da:92:d2:d2:6a:bd:64:40:e8:47:1d:
9b:f7:f8:e9:c8:d9:bc:12:ed:fc:97:6f:04:cd:25:56:09:d2:
84:6c:e5:82
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQZuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDY1MDM3WhcNMjUwMjIwMDY1MDM3WjAYMRYw
FAYDVQQDEw02Nzg0YjdjMC1kZWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnpRv0pdz2SIyPvVbJoiLeEw9Sf4xI2vub1yBRIOLgck+GWmdSRnDHVLL
0U02kvyn6MzSmc5ArAhy4qKj856O0qMgUyiYnobYozTgg/AlZo+KSotJrNDyOjUO
KzXX0XTf5fkaiLUu1rxirjBd5guXuc8OOnBviIfFam+BxB3uT1Aa2jrY/qyZJHak
ZFy+vMKEcNFLhjRCbm1zbmBGBUARfjRceGPYxORWPHq4xlrRK0vhikYX2OPDYlA5
0lllLSJwj0cexhvRDrnztS/Pj1J/ST9LGyS+x3k8eOwfEHe4bKmNxlAEkOqCXOBf
me1njARapfNtfPyt3JofFoiYwvUVywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFJ4
toPHJSnMVTcYw2HF2+8E7wmWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CM0NDODkyMkQxN0ExMUVGOTA0NTBBOUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3fMA0GCSqGSIb3DQEBCwUA
A4IBAQBWKSkM09DIYgx0YwYPgX2im0p6tXc0DRNyXqclqTKXgPeMHnexP/XP/DfE
DPR8MMEFyMuEozviGC9Rd2LCd95fVjEtBFbMGnmF7859neCnVlpecJjt64AeCtdx
LpmgBM5AG0EbphCzgjPak6jq8C7h/xBU04zY5R6G5DLpcJst7iA2dx8UbbYelUik
UhvYYf05T+qlChgFWigJ4xD20nSUdxPGc0LTiMXcFOmhIeUAQOBF4bO/zhspNM0I
dOYMHb2xSrIgK9tGEPl4O4RVqUCio3PWZzPj3+XMP6cGP50q2pLS0mq9ZEDoRx2b
9/jpyNm8Eu38l28EzSVWCdKEbOWC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:29 2025 by rpki-client