Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3905396CD9E11EF9C0699A6762E951A.roa
File: C3905396CD9E11EF9C0699A6762E951A.roa (raw, json)
Hash identifier: Q6AJkbo2iOTvRFou9VBG+bpOeqvW+3RMAStqJfAaPYw=
Subject key identifier: 11:68:0D:92:EB:F3:9F:FA:B9:19:40:00:86:F0:99:04:30:F0:20:BD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100B5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3905396CD9E11EF9C0699A6762E951A.roa
Signing time: Wed 08 Jan 2025 08:58:44 +0000
ROA not before: Wed 08 Jan 2025 08:58:41 +0000
ROA not after: Mon 13 Dec 2027 08:58:41 +0000
asID: 17561
IP address blocks: 156.252.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65717 (0x100b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:58:41 2025 GMT
Not After : Dec 13 08:58:41 2027 GMT
Subject: CN=677e3e44-dab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:94:8c:6f:97:05:57:d8:6d:41:db:19:41:73:
bd:5b:22:6c:e4:b3:21:cf:59:34:5c:ab:a3:a1:ef:
89:a7:90:e2:ff:58:5e:64:ec:03:e8:84:0b:4c:34:
86:f3:62:bc:b1:ad:53:7e:2d:53:8b:a6:6d:ba:7b:
f1:16:b2:06:43:6e:ea:7f:0a:ad:e4:1d:5f:22:3a:
6d:c3:17:7f:a4:b3:90:e5:ad:76:ec:2b:1e:e5:32:
30:5b:1c:82:db:6c:c4:53:bb:f4:85:be:e5:34:46:
b9:e2:18:c2:19:09:d2:a2:fe:83:14:81:e8:e6:1e:
ce:d7:4e:9a:51:0c:a8:4b:f4:5b:8e:a9:ac:9c:6e:
0e:91:67:a5:9c:81:0a:0b:76:48:38:dc:ef:e9:7a:
07:40:25:e5:84:3d:ba:44:2a:c6:84:f9:0f:c2:91:
0c:55:85:68:0c:d0:f8:88:2f:37:bc:ca:47:fe:76:
22:fa:ab:b0:c8:5f:6d:20:67:29:40:3c:15:84:61:
53:76:bb:a4:cb:7c:7a:ea:fb:96:f2:0f:75:d2:10:
ec:2c:00:83:39:22:9a:95:03:ab:26:61:bf:d1:03:
46:bb:f7:55:a1:91:54:18:cf:2b:2a:8f:22:7f:4d:
e8:35:da:50:04:fe:b4:7f:49:6d:71:95:88:d5:8b:
4a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:68:0D:92:EB:F3:9F:FA:B9:19:40:00:86:F0:99:04:30:F0:20:BD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3905396CD9E11EF9C0699A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.62.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:b3:de:0b:a4:bc:8f:8f:93:5e:76:0f:0e:c4:91:90:4d:7b:
24:fa:85:be:f2:c0:0a:06:25:d9:19:6b:22:98:c1:5d:dd:d2:
38:7b:18:b1:ef:d2:7b:91:44:69:55:7d:97:f9:59:32:7f:c3:
bb:b0:35:22:56:23:9c:9b:2f:d1:71:b6:c6:f1:98:da:ed:ef:
d0:f8:4e:6b:1e:13:e6:cb:4b:a8:24:e6:40:21:a2:35:97:55:
b2:32:9b:a5:ed:78:e3:e1:1d:b1:03:c7:1c:11:ee:af:d1:7b:
dc:05:81:61:29:6a:2d:12:d2:9d:3d:0f:07:0c:22:ad:ff:b0:
1f:1c:de:3e:71:91:06:01:e6:bd:e3:3e:76:de:f5:f5:a3:46:
20:ff:a1:3f:0a:cb:68:e6:05:20:ea:4d:7d:79:d0:06:7b:cb:
f8:c7:a6:77:1e:4f:1e:e2:60:5c:cf:35:f1:00:25:af:61:d6:
d0:5a:c2:13:ff:8b:45:a1:66:51:90:e7:9f:05:fe:cb:74:6c:
dc:67:36:5a:6b:66:1b:b6:cd:37:2d:31:13:b1:94:c3:dc:2e:
4c:67:02:6d:6b:1b:bd:b6:bf:da:03:91:c3:b7:15:0c:a7:2a:
25:7a:7a:d5:b9:62:67:73:5a:93:06:1a:8f:ed:9a:13:1e:8f:
21:04:a6:ae
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQC1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDg1ODQxWhcNMjcxMjEzMDg1ODQxWjAYMRYw
FAYDVQQDEw02NzdlM2U0NC1kYWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqZSMb5cFV9htQdsZQXO9WyJs5LMhz1k0XKujoe+Jp5Di/1heZOwD6IQL
TDSG82K8sa1Tfi1Ti6ZtunvxFrIGQ27qfwqt5B1fIjptwxd/pLOQ5a127Cse5TIw
WxyC22zEU7v0hb7lNEa54hjCGQnSov6DFIHo5h7O106aUQyoS/RbjqmsnG4OkWel
nIEKC3ZIONzv6XoHQCXlhD26RCrGhPkPwpEMVYVoDND4iC83vMpH/nYi+quwyF9t
IGcpQDwVhGFTdruky3x66vuW8g910hDsLACDOSKalQOrJmG/0QNGu/dVoZFUGM8r
Ko8if03oNdpQBP60f0ltcZWI1YtK2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBFo
DZLr85/6uRlAAIbwmQQw8CC9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMzkwNTM5NkNEOUUxMUVGOUMwNjk5QTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPw+MA0GCSqGSIb3DQEBCwUA
A4IBAQCns94LpLyPj5Nedg8OxJGQTXsk+oW+8sAKBiXZGWsimMFd3dI4exix79J7
kURpVX2X+Vkyf8O7sDUiViOcmy/RcbbG8Zja7e/Q+E5rHhPmy0uoJOZAIaI1l1Wy
Mpul7Xjj4R2xA8ccEe6v0XvcBYFhKWotEtKdPQ8HDCKt/7AfHN4+cZEGAea94z52
3vX1o0Yg/6E/Csto5gUg6k19edAGe8v4x6Z3Hk8e4mBczzXxACWvYdbQWsIT/4tF
oWZRkOefBf7LdGzcZzZaa2Ybts03LTETsZTD3C5MZwJtaxu9tr/aA5HDtxUMpyol
enrVuWJnc1qTBhqP7ZoTHo8hBKau
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:05 2025 by rpki-client