Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F62C3/80A5BAEC556911E59B9AAA81F8AEA228/3F711DA2B57511EF9BE2B9BD762E951A.roa
File: 3F711DA2B57511EF9BE2B9BD762E951A.roa (raw, json)
Hash identifier: HY6X5qdCvMeHk+soAwWe9vEEWgfGLOX8rrjzYU1Pl8w=
Subject key identifier: AC:22:1A:AF:5B:53:54:C9:DD:1D:73:6A:4F:AD:4B:2A:84:89:3D:C2
Certificate issuer: /CN=F36F62C3AR/serialNumber=4BB03261F14D04B00B26B29725E420EE539EFAC1
Certificate serial: 0D83
Authority key identifier: 4B:B0:32:61:F1:4D:04:B0:0B:26:B2:97:25:E4:20:EE:53:9E:FA:C1
Authority info access: rsync://rpki.afrinic.net/repository/arin/S7AyYfFNBLALJrKXJeQg7lOe-sE.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36F62C3/80A5BAEC556911E59B9AAA81F8AEA228/3F711DA2B57511EF9BE2B9BD762E951A.roa
Signing time: Sun 08 Dec 2024 15:01:05 +0000
ROA not before: Sun 08 Dec 2024 15:01:00 +0000
ROA not after: Tue 01 Dec 2026 15:01:00 +0000
asID: 6083
IP address blocks: 192.94.246.0/24 maxlen: 24
192.96.24.0/24 maxlen: 24
192.96.25.0/24 maxlen: 24
192.96.26.0/24 maxlen: 24
192.96.27.0/24 maxlen: 24
192.96.28.0/24 maxlen: 24
192.96.29.0/24 maxlen: 24
192.96.30.0/24 maxlen: 24
192.96.31.0/24 maxlen: 24
192.96.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36F62C3/80A5BAEC556911E59B9AAA81F8AEA228/S7AyYfFNBLALJrKXJeQg7lOe-sE.crl
rsync://rpki.afrinic.net/repository/member_repository/F36F62C3/80A5BAEC556911E59B9AAA81F8AEA228/S7AyYfFNBLALJrKXJeQg7lOe-sE.mft
rsync://rpki.afrinic.net/repository/arin/S7AyYfFNBLALJrKXJeQg7lOe-sE.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3459 (0xd83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36F62C3AR
Validity
Not Before: Dec 8 15:01:00 2024 GMT
Not After : Dec 1 15:01:00 2026 GMT
Subject: CN=6755b4b1-0e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8d:6b:4d:df:4e:99:09:6a:96:5c:cd:7e:3c:
85:b8:66:d9:fd:e9:98:2a:84:da:aa:f7:52:88:4d:
7f:51:38:75:5d:ac:38:bb:e1:65:51:06:4e:20:d2:
e7:51:5e:a3:2d:57:3f:3c:24:10:1a:df:9a:4b:b4:
b7:27:7d:a2:24:9e:36:52:01:28:25:75:f2:9c:9e:
cf:09:46:59:ee:2f:1a:f1:42:fe:ee:06:99:b2:fb:
92:8f:ea:0a:1d:97:dc:64:f0:88:a1:bc:f8:05:7a:
eb:4d:ad:56:0b:94:fc:89:1d:50:98:68:53:97:22:
dc:4a:4f:9d:86:50:ed:b0:31:b2:c4:9a:85:f3:a0:
f6:b6:ca:32:b6:b9:5c:87:ca:65:74:9e:06:fa:a2:
77:d4:fd:de:1c:05:24:77:1d:ac:24:e7:a6:93:72:
dc:b0:38:fe:b3:a9:08:2b:cf:ab:90:4d:a2:cf:ff:
d7:b3:f5:8b:46:31:5a:b3:6b:15:f8:2c:7a:73:b1:
6d:c6:6e:3e:5b:9e:ac:dd:ee:38:84:2f:d4:ac:f7:
15:2b:51:b4:5c:fc:c5:66:49:f3:12:45:70:50:e4:
81:bb:5b:93:a1:73:2b:8d:e2:37:ac:7d:c8:eb:54:
d9:f5:73:62:c3:41:78:a0:93:3f:e1:8f:80:ec:96:
c5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:22:1A:AF:5B:53:54:C9:DD:1D:73:6A:4F:AD:4B:2A:84:89:3D:C2
X509v3 Authority Key Identifier:
keyid:4B:B0:32:61:F1:4D:04:B0:0B:26:B2:97:25:E4:20:EE:53:9E:FA:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36F62C3/80A5BAEC556911E59B9AAA81F8AEA228/S7AyYfFNBLALJrKXJeQg7lOe-sE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/S7AyYfFNBLALJrKXJeQg7lOe-sE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F62C3/80A5BAEC556911E59B9AAA81F8AEA228/3F711DA2B57511EF9BE2B9BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.94.246.0/24
192.96.24.0/21
192.96.177.0/24
Signature Algorithm: sha256WithRSAEncryption
60:d4:2a:1e:a4:47:4f:29:3c:5e:ad:6e:85:b3:49:48:66:68:
bf:b8:2a:ae:55:b1:9e:f5:93:d8:ba:c0:79:42:10:6f:19:f4:
c0:1f:54:9e:6b:d9:1d:7e:b0:c3:b8:ad:19:53:2a:aa:d5:01:
07:23:21:5e:d0:18:10:77:0a:7e:d7:33:12:34:3e:58:45:f4:
c6:05:ab:f9:8b:61:0b:4c:0d:21:90:1f:0d:ff:69:fb:7e:8c:
95:2e:ca:31:2b:7f:d1:1b:23:bf:41:b1:f3:19:96:85:68:01:
1f:d7:23:9d:3e:d6:e5:cc:7a:be:65:13:43:2d:4d:b8:ec:63:
62:31:43:a9:17:f8:d5:d1:09:f5:b6:e8:f6:c5:19:7e:f2:0d:
13:06:66:5b:cb:16:0b:9e:9e:18:4a:bb:bb:2d:a7:9d:59:3e:
d8:90:f3:65:e8:b0:8f:0f:64:e6:a1:3a:11:61:94:e4:2b:64:
3f:f3:ac:2f:41:d7:a5:24:2b:c0:8f:89:fd:13:a5:28:c2:8c:
c8:f6:f6:19:19:c8:55:2a:10:4b:13:03:07:a5:4f:b8:b6:7d:
03:b2:b4:91:8c:30:0c:4d:4e:1e:ee:65:1a:4b:2a:9a:7f:98:
5d:14:88:b3:82:d0:93:0d:d0:87:8b:4b:26:ab:f0:a7:66:bd:
be:99:c4:6d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICDYMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjYyQzNBUjExMC8GA1UEBRMoNEJCMDMyNjFGMTREMDRCMDBCMjZCMjk3MjVFNDIw
RUU1MzlFRkFDMTAeFw0yNDEyMDgxNTAxMDBaFw0yNjEyMDExNTAxMDBaMBgxFjAU
BgNVBAMTDTY3NTViNGIxLTBlMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDjWtN306ZCWqWXM1+PIW4Ztn96ZgqhNqq91KITX9ROHVdrDi74WVRBk4g
0udRXqMtVz88JBAa35pLtLcnfaIknjZSASgldfKcns8JRlnuLxrxQv7uBpmy+5KP
6godl9xk8IihvPgFeutNrVYLlPyJHVCYaFOXItxKT52GUO2wMbLEmoXzoPa2yjK2
uVyHymV0ngb6onfU/d4cBSR3Hawk56aTctywOP6zqQgrz6uQTaLP/9ez9YtGMVqz
axX4LHpzsW3Gbj5bnqzd7jiEL9Ss9xUrUbRc/MVmSfMSRXBQ5IG7W5OhcyuN4jes
fcjrVNn1c2LDQXigkz/hj4DslsV/AgMBAAGjggKuMIICqjAdBgNVHQ4EFgQUrCIa
r1tTVMndHXNqT61LKoSJPcIwHwYDVR0jBBgwFoAUS7AyYfFNBLALJrKXJeQg7lOe
+sEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY2MkMzLzgwQTVCQUVDNTU2OTExRTU5QjlBQUE4MUY4QUVBMjI4L1M3QXlZ
ZkZOQkxBTEpyS1hKZVFnN2xPZS1zRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1M3QXlZZkZOQkxBTEpyS1hKZVFnN2xPZS1zRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkY2MkMzLzgwQTVCQUVDNTU2OTExRTU5QjlBQUE4MUY4QUVB
MjI4LzNGNzExREEyQjU3NTExRUY5QkUyQjlCRDc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
KwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBADAXvYDBAPAYBgDBADAYLEwDQYJ
KoZIhvcNAQELBQADggEBAGDUKh6kR08pPF6tboWzSUhmaL+4Kq5VsZ71k9i6wHlC
EG8Z9MAfVJ5r2R1+sMO4rRlTKqrVAQcjIV7QGBB3Cn7XMxI0PlhF9MYFq/mLYQtM
DSGQHw3/aft+jJUuyjErf9EbI79BsfMZloVoAR/XI50+1uXMer5lE0MtTbjsY2Ix
Q6kX+NXRCfW26PbFGX7yDRMGZlvLFguenhhKu7stp51ZPtiQ82XosI8PZOahOhFh
lOQrZD/zrC9B16UkK8CPif0TpSjCjMj29hkZyFUqEEsTAwelT7i2fQOytJGMMAxN
Th7uZRpLKpp/mF0UiLOC0JMN0IeLSyar8Kdmvb6ZxG0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:17:05 2025 by rpki-client