Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3FBADEECD3A11EFA677759B762E951A.roa
File: C3FBADEECD3A11EFA677759B762E951A.roa (raw, json)
Hash identifier: 8ygpTImiUN/oRiuvlIcSMUcC0C7WOtmMol47Scq+s7Q=
Subject key identifier: FD:E4:13:0E:2E:4C:56:08:43:8E:18:9E:3A:09:42:37:96:87:D1:5D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE3F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3FBADEECD3A11EFA677759B762E951A.roa
Signing time: Tue 07 Jan 2025 21:02:55 +0000
ROA not before: Tue 07 Jan 2025 21:02:51 +0000
ROA not after: Sat 13 Dec 2025 21:02:51 +0000
asID: 984
IP address blocks: 156.243.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65087 (0xfe3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:02:51 2025 GMT
Not After : Dec 13 21:02:51 2025 GMT
Subject: CN=677d967f-ae7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:35:1d:d8:01:2c:46:83:b0:38:73:e1:01:24:
a1:d6:03:0e:67:bb:ed:40:b4:c4:32:ef:0e:d2:d4:
0b:13:bd:2f:3f:04:c7:1c:77:6d:a6:e3:58:9b:0e:
ea:3d:85:04:96:f3:12:55:13:49:45:08:00:b8:0d:
c5:80:47:c1:3d:04:bc:e8:06:41:00:a2:a3:07:c7:
ae:87:33:c7:4e:32:16:e4:ff:45:2f:f4:6b:ab:7d:
aa:51:2d:01:7c:ef:0b:bd:00:d4:92:cf:3d:35:0b:
3b:30:b7:2d:52:5c:c9:01:cf:50:02:09:79:37:95:
27:17:0c:9f:a4:79:3f:34:14:bf:82:b8:4a:65:46:
2a:96:3d:d3:7a:05:e8:59:32:32:9a:8a:44:56:4f:
66:a9:3c:b2:77:21:55:87:f6:c3:86:08:d4:e6:4c:
6d:0f:ef:21:c5:ff:36:4d:fb:26:51:76:8f:45:79:
73:77:f4:2c:77:2c:f7:1f:b7:60:52:77:61:0c:d9:
7d:f6:43:99:62:a0:5f:83:7d:55:ae:ac:1f:98:d1:
b9:fc:5c:69:3b:4e:83:6c:a2:d3:1e:34:68:0e:75:
16:48:12:c9:6b:a2:e1:e5:a8:4b:f5:83:79:d3:35:
b2:48:5e:bb:21:cd:23:50:e1:26:db:ad:0b:5f:76:
86:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E4:13:0E:2E:4C:56:08:43:8E:18:9E:3A:09:42:37:96:87:D1:5D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3FBADEECD3A11EFA677759B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.72.0/24
Signature Algorithm: sha256WithRSAEncryption
75:0e:1f:ec:40:12:cf:80:a0:6c:a5:a8:ce:26:d3:55:e9:c1:
b1:a8:43:46:1c:cc:5c:c9:9b:47:9a:c7:02:f1:04:34:60:a5:
a5:01:39:7c:1c:c1:bc:ea:a7:1c:e4:ef:fd:82:34:79:a0:c9:
e2:1d:6f:d9:83:23:61:c6:37:57:2e:19:0b:5b:81:5a:a2:66:
ba:7b:a2:45:7d:eb:95:f1:26:32:d2:5b:1a:f1:05:3f:56:98:
94:2e:8b:64:f4:3f:97:4b:1f:b9:b1:9e:dd:c2:2f:45:f7:52:
bb:91:a8:31:23:96:7f:ca:ca:d0:21:5e:6d:c1:f4:ad:3e:28:
7b:8e:d7:54:4d:96:d4:03:e9:ed:bc:82:da:62:50:3f:32:c1:
38:3c:fc:51:3e:1f:c0:30:3e:73:40:f5:46:2c:8d:42:dd:bb:
09:2c:c4:70:c5:c5:e4:b8:15:6c:66:e3:4a:2b:b8:ee:f6:99:
eb:c0:0a:f5:1e:35:65:ef:36:42:3a:a5:0f:81:1a:ae:26:b3:
0b:b9:69:a6:14:4a:5d:60:7f:42:6e:d8:07:fd:ee:e4:1f:51:
39:33:ab:0e:90:ca:a0:f4:e9:35:4b:bd:45:66:f2:d4:b7:f6:
52:e2:f5:67:80:20:95:3d:d5:26:69:06:03:b8:71:25:43:7e:
37:6a:aa:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjEwMjUxWhcNMjUxMjEzMjEwMjUxWjAYMRYw
FAYDVQQDEw02NzdkOTY3Zi1hZTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnTUd2AEsRoOwOHPhASSh1gMOZ7vtQLTEMu8O0tQLE70vPwTHHHdtpuNY
mw7qPYUElvMSVRNJRQgAuA3FgEfBPQS86AZBAKKjB8euhzPHTjIW5P9FL/Rrq32q
US0BfO8LvQDUks89NQs7MLctUlzJAc9QAgl5N5UnFwyfpHk/NBS/grhKZUYqlj3T
egXoWTIymopEVk9mqTyydyFVh/bDhgjU5kxtD+8hxf82TfsmUXaPRXlzd/Qsdyz3
H7dgUndhDNl99kOZYqBfg31VrqwfmNG5/FxpO06DbKLTHjRoDnUWSBLJa6Lh5ahL
9YN50zWySF67Ic0jUOEm260LX3aGyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP3k
Ew4uTFYIQ44YnjoJQjeWh9FdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DM0ZCQURFRUNEM0ExMUVGQTY3Nzc1OUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNIMA0GCSqGSIb3DQEBCwUA
A4IBAQB1Dh/sQBLPgKBspajOJtNV6cGxqENGHMxcyZtHmscC8QQ0YKWlATl8HMG8
6qcc5O/9gjR5oMniHW/ZgyNhxjdXLhkLW4Faoma6e6JFfeuV8SYy0lsa8QU/VpiU
Lotk9D+XSx+5sZ7dwi9F91K7kagxI5Z/ysrQIV5twfStPih7jtdUTZbUA+ntvILa
YlA/MsE4PPxRPh/AMD5zQPVGLI1C3bsJLMRwxcXkuBVsZuNKK7ju9pnrwAr1HjVl
7zZCOqUPgRquJrMLuWmmFEpdYH9CbtgH/e7kH1E5M6sOkMqg9Ok1S71FZvLUt/ZS
4vVngCCVPdUmaQYDuHElQ343aqo+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:57 2025 by rpki-client