Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02F2B78AFE4C11EFBE258C7E762E951A.roa
File: 02F2B78AFE4C11EFBE258C7E762E951A.roa (raw, json)
Hash identifier: FwLOnzZCjtRwj1Qe9/Kjw+hL9DdlSZGwRFik9/DjRBw=
Subject key identifier: D8:62:ED:A9:F6:05:D3:B3:58:22:ED:84:D1:C4:3C:6F:5D:4D:4C:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0144D5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02F2B78AFE4C11EFBE258C7E762E951A.roa
Signing time: Tue 11 Mar 2025 07:39:49 +0000
ROA not before: Tue 11 Mar 2025 07:39:45 +0000
ROA not after: Mon 21 Apr 2025 07:39:45 +0000
asID: 42689
IP address blocks: 156.233.152.0/21 maxlen: 24
156.233.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83157 (0x144d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 11 07:39:45 2025 GMT
Not After : Apr 21 07:39:45 2025 GMT
Subject: CN=67cfe8c5-787d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cb:3a:6c:a7:df:c0:96:e6:f8:09:c6:3b:87:
a6:09:63:53:59:26:cf:83:ca:0c:ae:93:46:ba:77:
be:8a:de:29:a5:01:ac:a7:4d:a4:da:57:62:92:8f:
a8:9b:0e:e9:6d:e8:11:43:22:b4:e4:25:85:58:46:
77:6d:ce:ad:ec:99:2a:c0:a7:2d:4d:07:e7:9e:dd:
b6:4f:77:1f:88:45:b5:8f:8b:b4:d0:ad:1b:cd:ef:
01:b4:92:92:85:19:32:da:33:2f:ec:e8:ab:1c:5a:
3c:97:48:7b:e2:96:60:c4:a2:2d:83:ac:d3:65:fb:
65:0b:d2:d8:c6:70:53:98:03:a5:ea:f5:89:a2:cb:
82:6e:7d:e2:d9:59:d3:31:8b:cd:77:de:71:bf:ca:
45:3b:0a:59:ef:48:84:1e:0d:7a:86:1e:be:77:49:
89:37:b6:27:e4:fd:d3:73:91:24:20:72:92:85:d3:
f0:a3:cd:f3:35:1b:7b:9a:58:3b:3b:69:2e:69:7b:
96:7b:d7:60:5e:14:c2:a8:df:ac:a7:16:2c:1a:eb:
55:89:23:48:d3:9a:5f:d9:1c:dd:65:f6:e6:9b:a7:
a6:b1:d6:1e:b5:17:61:7e:b1:4e:ec:25:dc:08:b8:
55:e8:0c:af:bc:e9:65:2a:c8:44:90:ae:3a:71:04:
81:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:62:ED:A9:F6:05:D3:B3:58:22:ED:84:D1:C4:3C:6F:5D:4D:4C:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02F2B78AFE4C11EFBE258C7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.152.0-156.233.175.255
Signature Algorithm: sha256WithRSAEncryption
2a:de:42:2d:57:a8:72:2a:94:bc:2a:84:6f:6f:0b:cf:12:26:
43:92:f1:78:ed:5a:01:f2:52:ea:81:74:05:48:bd:51:03:f0:
fb:6b:6e:fa:7a:8d:9b:74:f6:2d:00:13:5b:f9:e2:f4:33:8f:
39:49:38:cf:22:a7:d0:96:5e:09:34:d7:61:62:e3:d8:db:90:
56:eb:3d:9e:ee:b4:26:f7:45:e2:5f:d3:c3:cd:bb:09:bd:53:
bb:4e:20:a5:44:e5:f1:64:1c:af:9f:46:48:42:a1:d8:63:c1:
0b:8a:e8:6b:5b:1e:10:f2:e3:78:f7:44:11:80:b2:ed:3f:7b:
7b:fd:b8:54:a3:29:71:91:c8:17:25:fa:cb:27:89:09:44:26:
59:80:e7:e3:c3:0e:9b:79:f9:1c:83:21:b3:d9:99:2d:0b:22:
6c:fa:30:c3:73:f1:42:f8:a8:8b:2a:f9:9c:f0:e8:c7:1e:ab:
53:49:a2:51:18:b5:99:71:6e:87:41:74:72:5d:c0:6b:19:25:
f9:51:81:d9:19:4b:53:c7:47:84:9c:48:09:b9:72:a0:cf:90:
d6:a9:5a:19:a1:15:74:0a:cf:89:a5:9c:a4:75:fa:5e:42:a6:
d7:16:b2:80:1f:50:9f:1e:90:97:a5:de:4e:42:e9:3f:de:d8:
83:99:71:68
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUTVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzExMDczOTQ1WhcNMjUwNDIxMDczOTQ1WjAYMRYw
FAYDVQQDEw02N2NmZThjNS03ODdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuss6bKffwJbm+AnGO4emCWNTWSbPg8oMrpNGune+it4ppQGsp02k2ldi
ko+omw7pbegRQyK05CWFWEZ3bc6t7JkqwKctTQfnnt22T3cfiEW1j4u00K0bze8B
tJKShRky2jMv7OirHFo8l0h74pZgxKItg6zTZftlC9LYxnBTmAOl6vWJosuCbn3i
2VnTMYvNd95xv8pFOwpZ70iEHg16hh6+d0mJN7Yn5P3Tc5EkIHKShdPwo83zNRt7
mlg7O2kuaXuWe9dgXhTCqN+spxYsGutViSNI05pf2RzdZfbmm6emsdYetRdhfrFO
7CXcCLhV6AyvvOllKshEkK46cQSB8wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNhi
7an2BdOzWCLthNHEPG9dTUyvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMkYyQjc4QUZFNEMxMUVGQkUyNThDN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc6ZgDBASc6aAwDQYJKoZI
hvcNAQELBQADggEBACreQi1XqHIqlLwqhG9vC88SJkOS8XjtWgHyUuqBdAVIvVED
8Ptrbvp6jZt09i0AE1v54vQzjzlJOM8ip9CWXgk012Fi49jbkFbrPZ7utCb3ReJf
08PNuwm9U7tOIKVE5fFkHK+fRkhCodhjwQuK6GtbHhDy43j3RBGAsu0/e3v9uFSj
KXGRyBcl+ssniQlEJlmA5+PDDpt5+RyDIbPZmS0LImz6MMNz8UL4qIsq+Zzw6Mce
q1NJolEYtZlxbodBdHJdwGsZJflRgdkZS1PHR4ScSAm5cqDPkNapWhmhFXQKz4ml
nKR1+l5CptcWsoAfUJ8ekJel3k5C6T/e2IOZcWg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:06 2025 by rpki-client