Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA75DAF0CCAD11EFB0B61BA3762E951A.roa
File: DA75DAF0CCAD11EFB0B61BA3762E951A.roa (raw, json)
Hash identifier: w/1fQDn3qksffHcRBkNYum4QUwGFvbPpXzVKpqRWSc8=
Subject key identifier: F3:52:50:7A:03:2B:BA:98:4E:3C:B9:36:E9:E0:F4:D8:76:92:57:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9DE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA75DAF0CCAD11EFB0B61BA3762E951A.roa
Signing time: Tue 07 Jan 2025 04:14:14 +0000
ROA not before: Tue 07 Jan 2025 04:14:10 +0000
ROA not after: Mon 13 Dec 2027 04:14:10 +0000
asID: 17561
IP address blocks: 156.232.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63966 (0xf9de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:14:10 2025 GMT
Not After : Dec 13 04:14:10 2027 GMT
Subject: CN=677caa16-ed38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:c7:ad:d0:bb:b8:bc:1b:f5:db:43:56:e2:
9c:3a:c9:d7:fb:e2:b8:29:65:38:4b:87:75:f4:53:
a6:61:a9:65:19:77:ea:8c:49:de:94:b2:ab:55:59:
77:9b:b4:9e:8a:a1:80:ab:6c:25:3f:35:30:0c:8a:
ce:fa:5b:16:07:97:e9:88:52:ef:f6:76:08:45:f0:
3c:6c:6f:8e:1c:f0:03:e4:86:38:2e:45:7f:2b:80:
a4:80:2f:53:d7:e6:b2:cf:39:d7:a3:70:16:8a:d9:
5d:4b:5c:d4:a0:5f:48:01:68:2b:53:9a:69:fc:1f:
45:47:67:85:1c:43:f9:0d:37:f8:68:62:60:4c:35:
38:2c:b9:9b:74:d5:7d:49:de:6d:f4:9f:69:27:77:
a5:8d:aa:11:82:3e:d1:2a:4f:2c:d7:b3:f0:22:96:
2b:3f:31:bc:cd:3d:0b:02:00:72:ac:a6:c0:13:aa:
2d:89:a5:c9:56:1f:76:44:3a:e0:52:47:7b:e1:5b:
d4:e5:65:3e:54:9a:3a:0e:a9:2f:9f:40:af:11:13:
ed:04:16:58:8b:6d:dd:f4:a0:e2:c8:39:48:01:72:
16:2e:2c:95:c6:2b:fc:85:cf:f3:73:fd:d9:7e:80:
12:af:a5:99:ec:34:c1:4c:63:13:d0:f0:a0:ff:31:
2a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:52:50:7A:03:2B:BA:98:4E:3C:B9:36:E9:E0:F4:D8:76:92:57:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DA75DAF0CCAD11EFB0B61BA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.3.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:84:0b:98:a9:68:21:aa:10:d2:f2:32:5b:30:fa:c9:79:d1:
57:7b:e0:34:86:be:30:b1:06:7b:f4:a7:0e:01:1d:cc:a7:91:
42:e9:df:11:67:83:a3:5f:5a:cc:e4:bb:87:01:9b:d4:6f:7f:
01:97:07:dd:17:7e:77:7e:69:df:a3:38:b0:4c:a4:bd:d5:7e:
29:a2:53:8e:90:16:f9:66:c2:3d:b9:a1:d7:49:f0:93:5f:2c:
dc:39:8a:d9:e4:85:3c:dd:ef:a3:6e:ca:24:aa:b0:7c:5f:45:
9b:4d:a1:f8:8d:d0:cd:a4:ad:c4:3e:4a:36:4b:88:9d:d6:4e:
69:ac:c1:9c:d0:60:27:58:48:d5:f4:95:76:11:53:21:11:c2:
7b:4c:78:7f:d8:36:c5:18:49:14:e7:bd:12:44:1a:b1:c2:1a:
3c:fc:59:1b:d0:ac:57:56:1a:bc:4c:52:37:11:91:e0:72:5c:
95:72:3e:13:63:d4:54:5c:75:01:ee:ca:49:b9:fa:9f:57:2e:
ff:a4:c2:c0:87:1d:d1:02:fd:be:41:fa:2b:a3:5e:0c:7a:4a:
29:ee:70:d9:97:cb:53:26:76:44:7e:ca:92:09:14:af:55:8d:
d7:d6:af:9a:73:73:b8:f1:15:22:a0:8d:44:73:b3:06:83:b7:
fb:53:b9:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPneMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQxNDEwWhcNMjcxMjEzMDQxNDEwWjAYMRYw
FAYDVQQDEw02NzdjYWExNi1lZDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsC7HrdC7uLwb9dtDVuKcOsnX++K4KWU4S4d19FOmYallGXfqjEnelLKr
VVl3m7SeiqGAq2wlPzUwDIrO+lsWB5fpiFLv9nYIRfA8bG+OHPAD5IY4LkV/K4Ck
gC9T1+ayzznXo3AWitldS1zUoF9IAWgrU5pp/B9FR2eFHEP5DTf4aGJgTDU4LLmb
dNV9Sd5t9J9pJ3eljaoRgj7RKk8s17PwIpYrPzG8zT0LAgByrKbAE6otiaXJVh92
RDrgUkd74VvU5WU+VJo6Dqkvn0CvERPtBBZYi23d9KDiyDlIAXIWLiyVxiv8hc/z
c/3ZfoASr6WZ7DTBTGMT0PCg/zEq2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPNS
UHoDK7qYTjy5Nung9Nh2klf/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQTc1REFGMENDQUQxMUVGQjBCNjFCQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOgDMA0GCSqGSIb3DQEBCwUA
A4IBAQBshAuYqWghqhDS8jJbMPrJedFXe+A0hr4wsQZ79KcOAR3Mp5FC6d8RZ4Oj
X1rM5LuHAZvUb38BlwfdF353fmnfoziwTKS91X4polOOkBb5ZsI9uaHXSfCTXyzc
OYrZ5IU83e+jbsokqrB8X0WbTaH4jdDNpK3EPko2S4id1k5prMGc0GAnWEjV9JV2
EVMhEcJ7THh/2DbFGEkU570SRBqxwho8/Fkb0KxXVhq8TFI3EZHgclyVcj4TY9RU
XHUB7spJufqfVy7/pMLAhx3RAv2+Qforo14Mekop7nDZl8tTJnZEfsqSCRSvVY3X
1q+ac3O48RUioI1Ec7MGg7f7U7k5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:41 2025 by rpki-client