Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3D198D4C34911EF8DA70072762E951A.roa
File: B3D198D4C34911EF8DA70072762E951A.roa (raw, json)
Hash identifier: usGklrZqKxjt6+ZraUhorfBC4+rkbjPWOZTT7x7ZciQ=
Subject key identifier: 32:9D:00:B0:C3:89:F6:69:19:06:ED:62:56:04:A7:52:EC:00:37:86
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC2F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3D198D4C34911EF8DA70072762E951A.roa
Signing time: Thu 26 Dec 2024 05:24:39 +0000
ROA not before: Thu 26 Dec 2024 05:24:35 +0000
ROA not after: Wed 10 Dec 2025 05:24:35 +0000
asID: 984
IP address blocks: 156.245.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60463 (0xec2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:24:35 2024 GMT
Not After : Dec 10 05:24:35 2025 GMT
Subject: CN=676ce897-d3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4d:6f:0e:a4:cc:f9:78:2e:82:9f:14:6f:63:
c4:e0:ec:00:f2:04:e8:d4:e2:3f:f8:af:69:75:ef:
6f:90:ce:93:1f:6e:44:d4:ce:98:c6:90:43:f7:66:
4a:bf:8d:ca:03:73:37:81:c2:d1:be:38:bf:91:83:
fd:ed:70:02:36:94:bb:9b:a6:f1:dd:73:2b:70:e9:
26:74:af:5f:59:e2:13:1d:0c:68:f5:00:ad:a6:92:
39:0e:cf:bf:d5:99:35:a8:74:70:bb:92:ac:d6:e8:
5b:c1:f0:70:88:ca:2f:9d:37:3d:ae:43:0b:84:0e:
af:8a:75:ff:f0:b3:62:2a:32:d6:ca:6e:0b:a5:6b:
2f:09:70:d7:71:36:d2:a1:71:0b:44:eb:d1:9e:a4:
58:d0:3e:39:99:86:9b:40:72:89:99:d3:8f:f5:cc:
8c:bf:18:af:49:0f:94:ce:17:23:24:8a:d5:d8:cf:
19:a3:a2:a9:a8:8d:75:1f:1e:59:d9:87:e8:0c:9d:
13:ad:c4:5f:65:a9:59:23:74:24:f9:f1:da:01:b6:
47:c3:cf:d7:61:0b:93:06:6c:bc:41:92:ff:7d:09:
38:89:cf:ad:e2:e0:e9:aa:5d:46:7a:e4:6c:95:6e:
d2:11:a3:f4:be:15:1c:f2:f1:f6:e8:23:d0:5b:e1:
ec:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:9D:00:B0:C3:89:F6:69:19:06:ED:62:56:04:A7:52:EC:00:37:86
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3D198D4C34911EF8DA70072762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.214.0/24
Signature Algorithm: sha256WithRSAEncryption
99:9c:fa:fe:c5:09:23:69:ca:8e:b6:99:4e:f0:1a:e3:b4:5c:
a6:f2:ec:00:aa:d5:97:6f:2c:ce:e4:c8:8a:ca:66:fd:52:ed:
0f:d4:8f:bb:3d:82:9e:f9:d4:6e:8a:74:1c:e6:58:67:2b:44:
9c:a1:6d:54:ad:6e:ed:77:dd:8a:51:19:7e:80:dd:ee:04:a5:
78:e7:6e:ae:2b:9f:62:be:df:a1:f6:b6:d4:21:d3:ed:c3:c9:
ad:da:a7:aa:89:7a:62:66:5f:e9:5c:57:f4:bb:26:e8:b5:19:
e5:5a:05:71:1f:41:4c:7b:0c:12:6f:ce:95:e3:e0:7d:7f:14:
67:17:64:8d:3e:76:1e:8a:14:a1:1e:5d:a9:44:c3:f5:e8:41:
ef:5f:37:5e:12:48:2a:b7:d9:f2:07:6c:4b:7b:2d:5a:fa:e8:
90:68:a2:22:3a:0a:b0:2f:4a:4b:b8:ce:81:a2:08:88:c5:64:
77:e7:4d:57:fb:21:0b:8d:95:ab:77:1f:8d:32:0a:04:36:0d:
c5:d9:bf:a6:45:40:db:7d:89:75:7b:6b:af:05:ca:96:09:46:
47:cc:56:e3:86:74:f2:aa:b1:ca:19:ab:ac:a8:db:cf:39:e2:
ff:4c:11:05:34:90:69:9b:f8:68:6a:93:c3:1e:f3:b1:d4:ad:
75:87:f3:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOwvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUyNDM1WhcNMjUxMjEwMDUyNDM1WjAYMRYw
FAYDVQQDEw02NzZjZTg5Ny1kM2QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApE1vDqTM+Xgugp8Ub2PE4OwA8gTo1OI/+K9pde9vkM6TH25E1M6YxpBD
92ZKv43KA3M3gcLRvji/kYP97XACNpS7m6bx3XMrcOkmdK9fWeITHQxo9QCtppI5
Ds+/1Zk1qHRwu5Ks1uhbwfBwiMovnTc9rkMLhA6vinX/8LNiKjLWym4LpWsvCXDX
cTbSoXELROvRnqRY0D45mYabQHKJmdOP9cyMvxivSQ+UzhcjJIrV2M8Zo6KpqI11
Hx5Z2YfoDJ0TrcRfZalZI3Qk+fHaAbZHw8/XYQuTBmy8QZL/fQk4ic+t4uDpql1G
euRslW7SEaP0vhUc8vH26CPQW+HslwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDKd
ALDDifZpGQbtYlYEp1LsADeGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CM0QxOThENEMzNDkxMUVGOERBNzAwNzI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPXWMA0GCSqGSIb3DQEBCwUA
A4IBAQCZnPr+xQkjacqOtplO8BrjtFym8uwAqtWXbyzO5MiKymb9Uu0P1I+7PYKe
+dRuinQc5lhnK0ScoW1UrW7td92KURl+gN3uBKV4526uK59ivt+h9rbUIdPtw8mt
2qeqiXpiZl/pXFf0uybotRnlWgVxH0FMewwSb86V4+B9fxRnF2SNPnYeihShHl2p
RMP16EHvXzdeEkgqt9nyB2xLey1a+uiQaKIiOgqwL0pLuM6BogiIxWR3501X+yEL
jZWrdx+NMgoENg3F2b+mRUDbfYl1e2uvBcqWCUZHzFbjhnTyqrHKGausqNvPOeL/
TBEFNJBpm/hoapPDHvOx1K11h/Pn
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:44 2025 by rpki-client