Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/026708B400C411F0AC19B25D762E951A.roa
File: 026708B400C411F0AC19B25D762E951A.roa (raw, json)
Hash identifier: Ot7arlBI9EHVwNlIfQgwLpNX0mmAWoOq47Z2VXvZeQs=
Subject key identifier: E6:47:AE:D8:22:0D:D2:9F:C2:8D:A3:C6:22:6A:C1:85:CA:5F:58:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014600
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/026708B400C411F0AC19B25D762E951A.roa
Signing time: Fri 14 Mar 2025 11:03:50 +0000
ROA not before: Fri 14 Mar 2025 11:03:46 +0000
ROA not after: Tue 08 Apr 2025 11:03:46 +0000
asID: 141372
IP address blocks: 156.238.82.0/24 maxlen: 24
156.238.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83456 (0x14600)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 14 11:03:46 2025 GMT
Not After : Apr 8 11:03:46 2025 GMT
Subject: CN=67d40d16-76e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:69:df:80:94:45:f9:b8:c9:c8:37:fe:52:3f:
4f:30:3a:4d:38:c3:75:f6:50:3b:cd:c0:3a:17:a6:
4a:a1:8b:33:a1:b8:61:94:75:a2:3b:81:69:57:3f:
4f:3f:48:be:98:c2:d3:ff:d5:e3:c6:7d:13:90:11:
5e:d2:c9:af:a7:d1:9e:d4:e0:39:48:a7:ee:61:39:
84:49:44:8b:f9:a9:7f:c5:c4:22:48:ad:be:6d:9b:
70:19:8a:66:9f:75:47:88:4b:e6:24:9f:15:62:53:
4c:63:7f:ef:de:2a:ff:51:65:17:72:31:b3:8d:c1:
a7:a2:0f:44:c7:77:df:5c:9d:3a:d1:1b:30:b1:57:
05:d9:1a:c2:97:aa:21:1f:c1:23:ab:0a:1b:75:98:
86:09:54:a8:8c:90:9c:44:2a:5b:8e:59:22:0b:b0:
7e:76:cc:b9:ae:0e:70:43:c8:e2:6e:c3:c7:de:1b:
ff:4e:cc:13:bb:f7:54:1e:32:87:a5:70:42:72:ee:
60:84:0c:0d:39:d8:6a:dc:2b:19:17:03:57:3d:45:
99:df:62:68:95:f4:c2:6f:69:f3:08:87:2f:7f:5a:
17:e9:36:fa:b7:8c:01:1f:74:27:f5:d8:cb:f5:5e:
95:04:52:89:31:29:92:1b:a4:f1:2d:db:c7:e6:a9:
7d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:47:AE:D8:22:0D:D2:9F:C2:8D:A3:C6:22:6A:C1:85:CA:5F:58:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/026708B400C411F0AC19B25D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.82.0/23
Signature Algorithm: sha256WithRSAEncryption
79:74:b7:1a:ff:e9:6b:d6:0f:ee:96:ac:17:a6:08:2a:69:d4:
e1:46:1c:93:14:23:cb:ba:86:99:32:9e:36:2e:28:2d:c7:a8:
8b:9b:af:c1:c3:d8:43:de:65:67:c1:50:7b:9d:cf:32:94:73:
67:bf:69:30:ca:8a:67:ff:d2:75:8d:ee:2c:37:09:10:ed:f0:
f3:a8:b4:dd:40:77:a7:9c:5a:04:f4:76:e6:fd:30:0f:3d:5f:
cb:e4:63:e1:4c:7f:2c:8c:8e:fa:b7:e2:b4:9f:da:f5:ee:a9:
75:a4:c7:c5:a7:fb:08:be:07:eb:16:f4:b8:44:8c:f5:35:19:
f5:8b:75:5a:56:c8:df:6c:45:c6:01:e7:cf:8e:93:86:0a:15:
a4:50:e8:c8:5f:23:1c:58:50:b5:65:b5:0f:a6:92:77:c8:c5:
02:80:9f:f0:4f:42:cd:e7:16:ba:55:b8:f7:46:6c:9c:ad:ba:
55:3b:e8:e0:bc:ac:d6:7e:5e:1c:81:fc:5e:ae:d4:80:92:47:
36:3d:da:4b:0f:d8:22:46:a3:11:48:d5:61:d9:54:d4:59:f9:
4d:14:83:27:88:ea:7f:b9:19:2a:58:a7:13:c5:af:7f:66:ef:
20:aa:b9:21:92:15:4f:05:e5:fe:ea:99:38:f0:fc:12:a0:e1:
01:f6:ea:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUYAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE0MTEwMzQ2WhcNMjUwNDA4MTEwMzQ2WjAYMRYw
FAYDVQQDEw02N2Q0MGQxNi03NmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw2nfgJRF+bjJyDf+Uj9PMDpNOMN19lA7zcA6F6ZKoYszobhhlHWiO4Fp
Vz9PP0i+mMLT/9Xjxn0TkBFe0smvp9Ge1OA5SKfuYTmESUSL+al/xcQiSK2+bZtw
GYpmn3VHiEvmJJ8VYlNMY3/v3ir/UWUXcjGzjcGnog9Ex3ffXJ060RswsVcF2RrC
l6ohH8EjqwobdZiGCVSojJCcRCpbjlkiC7B+dsy5rg5wQ8jibsPH3hv/TswTu/dU
HjKHpXBCcu5ghAwNOdhq3CsZFwNXPUWZ32JolfTCb2nzCIcvf1oX6Tb6t4wBH3Qn
9djL9V6VBFKJMSmSG6TxLdvH5ql9AQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOZH
rtgiDdKfwo2jxiJqwYXKX1ggMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMjY3MDhCNDAwQzQxMUYwQUMxOUIyNUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO5SMA0GCSqGSIb3DQEBCwUA
A4IBAQB5dLca/+lr1g/ulqwXpggqadThRhyTFCPLuoaZMp42Ligtx6iLm6/Bw9hD
3mVnwVB7nc8ylHNnv2kwyopn/9J1je4sNwkQ7fDzqLTdQHennFoE9Hbm/TAPPV/L
5GPhTH8sjI76t+K0n9r17ql1pMfFp/sIvgfrFvS4RIz1NRn1i3VaVsjfbEXGAefP
jpOGChWkUOjIXyMcWFC1ZbUPppJ3yMUCgJ/wT0LN5xa6Vbj3RmycrbpVO+jgvKzW
fl4cgfxertSAkkc2PdpLD9giRqMRSNVh2VTUWflNFIMniOp/uRkqWKcTxa9/Zu8g
qrkhkhVPBeX+6pk48PwSoOEB9uon
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:50 2025 by rpki-client