Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CC9075E210E11F086A50399DAE4EC9C.roa
File: 3CC9075E210E11F086A50399DAE4EC9C.roa (raw, json)
Hash identifier: LWNAzfn4oDnoH8IGyAzbrCNQPv03YH0U1lqhc2WRf/Q=
Subject key identifier: DF:30:B4:96:85:29:F6:6C:67:AA:4F:E3:08:A0:AD:4D:84:7B:B1:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014E62
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CC9075E210E11F086A50399DAE4EC9C.roa
Signing time: Thu 24 Apr 2025 13:15:49 +0000
ROA not before: Thu 24 Apr 2025 13:15:43 +0000
ROA not after: Wed 21 May 2025 13:15:43 +0000
asID: 139880
IP address blocks: 156.227.64.0/18 maxlen: 24
156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85602 (0x14e62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 24 13:15:43 2025 GMT
Not After : May 21 13:15:43 2025 GMT
Subject: CN=680a3984-34d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d9:5f:c5:49:f7:8d:0a:fe:0e:09:1d:b8:79:
f4:87:ce:25:29:79:fb:ca:5f:bf:f3:26:49:31:36:
f6:c3:51:32:1f:7c:54:bc:42:ac:fc:d9:ca:f5:fd:
14:c7:9c:eb:03:a7:dc:99:a3:0a:4f:46:05:eb:e8:
63:51:2f:f9:e5:fe:60:f8:90:6b:ee:cc:2d:2f:ab:
41:47:39:d4:c6:a9:72:b5:2a:71:54:38:fd:28:7d:
29:88:69:bb:e6:68:91:32:8f:dd:11:e5:44:13:16:
69:20:fa:9b:f3:8b:66:8e:5b:6b:c7:2b:44:d8:e0:
fd:ce:8b:8b:b4:4a:f1:54:b8:27:12:5e:d8:32:a6:
6d:07:a2:3f:25:cd:d1:c5:95:a0:0a:77:d6:57:b6:
d7:1a:80:98:52:1d:2e:37:34:ac:6e:bc:3c:c8:48:
b2:c9:2d:d7:d8:ea:74:ad:66:8e:51:a9:41:ef:38:
b9:df:f1:52:1b:9a:8c:bf:1d:7c:2d:7a:c1:78:47:
5c:89:87:c3:a2:f0:08:8e:6f:3a:9e:61:f7:49:74:
83:7b:c6:a7:54:77:08:1a:93:b6:bc:78:fc:fe:6d:
5b:5b:e2:dc:0c:d7:90:4d:bd:3d:c9:8a:e1:0c:bc:
d8:9f:91:6f:96:ac:c0:fa:6f:84:5f:e1:26:a1:3a:
8e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:30:B4:96:85:29:F6:6C:67:AA:4F:E3:08:A0:AD:4D:84:7B:B1:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CC9075E210E11F086A50399DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.64.0/18
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
4c:57:42:5e:77:22:d7:4b:8e:d6:47:65:48:6c:7e:65:56:d2:
64:03:87:1a:af:e9:c0:4b:d3:b8:de:51:3f:0c:25:12:29:35:
23:cd:8d:26:b5:31:79:e5:92:ad:58:a4:fd:b0:fd:a2:29:29:
83:17:92:a0:af:cf:3f:6d:55:fa:78:17:f6:7d:19:af:0a:90:
d8:21:5b:4e:ba:45:24:73:2a:68:d0:cf:75:7f:51:2a:66:e3:
e6:71:2f:1d:8d:e8:bc:76:9c:9a:e7:96:b9:f3:8a:74:25:03:
06:35:82:ba:3f:93:a1:e3:b9:17:7d:9f:9a:35:f0:b3:6a:79:
7c:ea:04:ba:e4:8c:0a:63:10:bb:13:fd:4b:05:ce:22:8b:31:
10:f0:45:52:11:2f:6e:5d:75:46:35:70:03:20:96:57:ce:0a:
a9:a1:03:4c:35:2e:4b:d6:58:6a:38:fb:8e:5f:a4:ae:4b:87:
8d:00:c6:fe:bd:2c:ad:c6:db:09:cb:f2:f9:b0:c3:af:7b:ea:
0d:af:5d:06:d0:17:24:ca:42:e6:cc:62:cb:b9:d9:81:d3:70:
d7:14:bb:e5:54:2a:6c:24:2e:34:f2:15:c5:21:81:67:2c:b1:
49:19:2a:91:59:41:66:8c:dc:a9:25:75:a7:12:3f:af:07:15:
d5:a1:83:de
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAU5iMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI0MTMxNTQzWhcNMjUwNTIxMTMxNTQzWjAYMRYw
FAYDVQQDEw02ODBhMzk4NC0zNGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAotlfxUn3jQr+DgkduHn0h84lKXn7yl+/8yZJMTb2w1EyH3xUvEKs/NnK
9f0Ux5zrA6fcmaMKT0YF6+hjUS/55f5g+JBr7swtL6tBRznUxqlytSpxVDj9KH0p
iGm75miRMo/dEeVEExZpIPqb84tmjltrxytE2OD9zouLtErxVLgnEl7YMqZtB6I/
Jc3RxZWgCnfWV7bXGoCYUh0uNzSsbrw8yEiyyS3X2Op0rWaOUalB7zi53/FSG5qM
vx18LXrBeEdciYfDovAIjm86nmH3SXSDe8anVHcIGpO2vHj8/m1bW+LcDNeQTb09
yYrhDLzYn5FvlqzA+m+EX+EmoTqODwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFN8w
tJaFKfZsZ6pP4wigrU2Ee7HMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQ0M5MDc1RTIxMEUxMUYwODZBNTAzOTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQGnONAMAwDBAWc/iADBAWc/kAw
DQYJKoZIhvcNAQELBQADggEBAExXQl53ItdLjtZHZUhsfmVW0mQDhxqv6cBL07je
UT8MJRIpNSPNjSa1MXnlkq1YpP2w/aIpKYMXkqCvzz9tVfp4F/Z9Ga8KkNghW066
RSRzKmjQz3V/USpm4+ZxLx2N6Lx2nJrnlrnzinQlAwY1gro/k6HjuRd9n5o18LNq
eXzqBLrkjApjELsT/UsFziKLMRDwRVIRL25ddUY1cAMgllfOCqmhA0w1LkvWWGo4
+45fpK5Lh40Axv69LK3G2wnL8vmww6976g2vXQbQFyTKQubMYsu52YHTcNcUu+VU
KmwkLjTyFcUhgWcssUkZKpFZQWaM3KkldacSP68HFdWhg94=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:19:08 2025 by rpki-client