Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3D759B4F46911EF8BB2E26A762E951A.roa
File: E3D759B4F46911EF8BB2E26A762E951A.roa (raw, json)
Hash identifier: 6DFOwKOfU0iUgLHT1D6hpYnh82ULmZvINvT2+LRNm2g=
Subject key identifier: 8B:5A:B9:FB:E0:A9:55:2D:B6:F8:86:91:5B:F3:A5:2A:DB:DE:50:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0135DF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3D759B4F46911EF8BB2E26A762E951A.roa
Signing time: Wed 26 Feb 2025 17:48:30 +0000
ROA not before: Wed 26 Feb 2025 17:48:27 +0000
ROA not after: Sat 19 Feb 2028 17:48:27 +0000
asID: 17561
IP address blocks: 156.233.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79327 (0x135df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 17:48:27 2025 GMT
Not After : Feb 19 17:48:27 2028 GMT
Subject: CN=67bf53ee-3220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:15:93:b9:4e:b1:a6:ec:d9:db:56:a9:45:9b:
02:53:74:98:40:ad:de:89:14:93:ed:4d:f3:17:df:
e3:df:d5:2d:20:76:09:fa:21:1e:28:f0:d2:64:1d:
b4:03:49:2d:43:5e:02:fb:89:d6:0e:da:33:ca:3a:
ab:66:d9:cb:c4:e8:a1:f6:d2:0f:62:27:b8:d9:ba:
01:75:ab:3e:39:db:0d:8f:dc:02:c6:dd:1b:b6:df:
74:12:46:43:b5:37:e1:39:03:c7:1c:f8:a7:9c:8c:
82:ee:53:87:ef:95:27:1d:99:8a:f6:c3:10:ab:75:
97:e8:f7:39:84:1a:7a:77:6f:b5:93:d4:c0:8f:05:
e3:76:38:1b:85:1d:b1:c3:87:0c:12:b7:5d:2c:82:
ad:65:71:72:66:d8:3f:3e:a7:17:0e:3c:1f:90:c7:
74:4c:a3:d6:72:8f:6a:9a:09:84:52:a5:e1:51:0c:
3b:19:b9:cc:99:02:09:7c:58:60:f5:8b:c5:c9:e6:
90:5e:e4:72:67:a8:9d:70:4d:d1:41:7c:22:b7:fa:
e1:92:a4:4a:b7:09:0d:4d:0d:63:ec:b2:d4:5b:dc:
03:c9:da:4d:85:c5:f8:cf:54:c2:d8:1e:e7:89:46:
b2:63:df:5b:b7:82:bd:da:7d:ef:02:5f:a9:c2:ad:
fb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:5A:B9:FB:E0:A9:55:2D:B6:F8:86:91:5B:F3:A5:2A:DB:DE:50:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3D759B4F46911EF8BB2E26A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.103.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:de:71:9a:b4:6b:5d:bb:2a:1a:e9:2c:a5:00:fb:4e:68:e7:
74:13:65:e6:04:81:76:3e:94:a0:bc:95:9b:6c:21:21:8f:fd:
a0:c7:6a:99:97:66:b9:1d:30:ea:2b:4c:51:0d:ff:2d:d4:1e:
f2:9b:ca:18:b6:1d:0c:b1:8a:d3:78:94:e4:d0:f0:d9:44:92:
71:7b:1c:fa:e0:a5:12:6d:0a:49:5e:57:20:1e:69:20:fe:5e:
f0:aa:56:35:f2:0c:1c:ea:5c:8d:64:c7:50:41:1c:61:29:aa:
08:a0:2b:b6:70:20:a5:5b:a9:99:6e:bd:5a:61:b0:96:25:48:
96:33:9e:30:4f:92:e8:50:43:f6:c0:48:c8:98:45:05:9b:13:
73:a7:6d:6b:08:f4:3a:37:ab:71:79:1a:fa:99:9c:5b:cc:7e:
8a:f7:25:b4:60:c3:1e:fd:98:04:bd:1a:e8:70:ad:37:3d:39:
98:55:16:0f:8e:f9:75:3d:57:4b:4a:11:24:ef:56:50:1d:ee:
48:fe:4b:b1:71:b9:51:08:0b:aa:20:28:68:dc:60:52:fe:48:
49:c8:46:5a:94:75:24:7c:21:7b:a8:7f:7b:35:67:44:d1:db:
f9:d3:e7:24:13:aa:79:09:93:3b:90:20:4d:87:5b:79:71:8b:
ec:96:5b:c0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATXfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTc0ODI3WhcNMjgwMjE5MTc0ODI3WjAYMRYw
FAYDVQQDEw02N2JmNTNlZS0zMjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwBWTuU6xpuzZ21apRZsCU3SYQK3eiRST7U3zF9/j39UtIHYJ+iEeKPDS
ZB20A0ktQ14C+4nWDtozyjqrZtnLxOih9tIPYie42boBdas+OdsNj9wCxt0btt90
EkZDtTfhOQPHHPinnIyC7lOH75UnHZmK9sMQq3WX6Pc5hBp6d2+1k9TAjwXjdjgb
hR2xw4cMErddLIKtZXFyZtg/PqcXDjwfkMd0TKPWco9qmgmEUqXhUQw7GbnMmQIJ
fFhg9YvFyeaQXuRyZ6idcE3RQXwit/rhkqRKtwkNTQ1j7LLUW9wDydpNhcX4z1TC
2B7niUayY99bt4K92n3vAl+pwq37dwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIta
ufvgqVUttviGkVvzpSrb3lD0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FM0Q3NTlCNEY0NjkxMUVGOEJCMkUyNkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlnMA0GCSqGSIb3DQEBCwUA
A4IBAQC33nGatGtduyoa6SylAPtOaOd0E2XmBIF2PpSgvJWbbCEhj/2gx2qZl2a5
HTDqK0xRDf8t1B7ym8oYth0MsYrTeJTk0PDZRJJxexz64KUSbQpJXlcgHmkg/l7w
qlY18gwc6lyNZMdQQRxhKaoIoCu2cCClW6mZbr1aYbCWJUiWM54wT5LoUEP2wEjI
mEUFmxNzp21rCPQ6N6txeRr6mZxbzH6K9yW0YMMe/ZgEvRrocK03PTmYVRYPjvl1
PVdLShEk71ZQHe5I/kuxcblRCAuqICho3GBS/khJyEZalHUkfCF7qH97NWdE0dv5
0+ckE6p5CZM7kCBNh1t5cYvsllvA
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:54 2025 by rpki-client