Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09B8B0EAF5E311EFAA281991762E951A.roa
File: 09B8B0EAF5E311EFAA281991762E951A.roa (raw, json)
Hash identifier: xDsAucMUU8qYMB4dUD3/lLHKbZSyT2NE10tfxHpM85c=
Subject key identifier: 6D:B1:9B:80:76:EB:C3:D5:58:04:40:20:1A:E9:BB:B2:5F:B8:2B:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E73
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09B8B0EAF5E311EFAA281991762E951A.roa
Signing time: Fri 28 Feb 2025 14:48:14 +0000
ROA not before: Fri 28 Feb 2025 14:48:10 +0000
ROA not after: Sun 13 Apr 2025 14:48:10 +0000
asID: 138915
IP address blocks: 156.244.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81523 (0x13e73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 14:48:10 2025 GMT
Not After : Apr 13 14:48:10 2025 GMT
Subject: CN=67c1ccae-0aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:88:37:b6:e5:00:c6:ca:43:97:1e:cc:bb:49:
95:5f:59:dc:ab:47:95:18:96:25:08:7b:19:08:d4:
88:96:66:d5:d1:38:64:b3:1e:81:1e:62:d2:9e:6f:
6d:6c:ab:e1:66:74:ea:27:5c:4b:46:09:c1:23:ab:
39:92:4a:7a:6d:6a:e3:cf:ba:43:1c:f7:ad:b9:7b:
59:25:2a:ef:a0:7f:76:89:38:36:7b:fa:02:a5:bc:
dd:1f:69:90:a6:72:4b:5f:bd:c6:3c:4f:a0:0d:e1:
43:b1:76:5c:ed:30:b0:cc:a2:74:f8:1a:c0:e8:38:
b7:5e:64:a1:e4:00:6f:5d:85:59:55:58:13:be:d8:
6b:61:65:d9:42:9c:47:49:75:91:d6:2a:9b:6d:72:
0b:73:ff:41:83:63:7b:22:ee:12:f9:d8:dc:3d:aa:
04:2b:1a:22:7c:fb:d5:0b:c4:07:7f:87:76:40:db:
9a:5d:a5:87:46:a4:e1:34:8f:ef:5c:b7:0b:30:1e:
4d:75:40:a5:06:4d:aa:19:5d:0f:65:9b:3e:93:98:
83:65:54:12:5b:91:ac:15:b7:6c:28:6c:11:04:9f:
12:89:7d:13:29:20:ce:70:56:43:77:c8:c3:a2:7e:
93:45:7b:43:77:4e:03:e7:ad:49:a5:23:68:09:c8:
23:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B1:9B:80:76:EB:C3:D5:58:04:40:20:1A:E9:BB:B2:5F:B8:2B:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/09B8B0EAF5E311EFAA281991762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.19.0/24
Signature Algorithm: sha256WithRSAEncryption
07:e3:5d:da:ac:1c:52:ce:d9:a8:e5:5f:4a:3d:36:b9:24:62:
6d:6d:bc:4f:c5:96:b7:4f:9a:8a:e1:b9:aa:cc:27:37:64:0d:
de:2a:94:a9:30:7d:f6:dc:9f:ec:0b:a4:f8:4e:c6:06:d4:f4:
97:15:93:96:f0:c5:90:3e:ee:ef:2d:78:7e:06:db:6c:e9:a4:
05:b3:1e:7d:0e:30:0d:b4:03:7a:22:c0:45:ed:74:c5:23:47:
de:f2:20:a1:37:be:0f:e9:99:8a:7e:8a:e5:c1:aa:f1:12:96:
dc:60:14:b6:58:94:84:8e:31:14:70:39:45:ba:5b:d0:ef:2e:
96:51:5a:11:3f:78:6f:8d:41:6a:99:f5:d8:7f:04:67:f0:30:
8b:6c:9c:4d:32:59:32:da:64:32:97:c3:41:b5:ce:2c:be:39:
64:e6:a8:e7:ef:ba:01:57:22:60:e0:c7:cc:86:ff:d1:a4:b2:
e4:10:6f:16:75:57:ae:f1:9b:0c:2b:1e:a7:b7:5c:c9:4a:da:
be:39:4a:5f:4a:61:ec:20:7b:73:b2:5a:92:79:f2:38:f3:be:
2b:da:30:cc:5b:25:7b:b7:33:14:71:3a:7a:54:55:f6:1d:7c:
73:7d:6a:c7:09:81:61:31:57:0e:69:f0:9e:6e:20:13:cf:44:
ac:12:62:14
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT5zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTQ0ODEwWhcNMjUwNDEzMTQ0ODEwWjAYMRYw
FAYDVQQDEw02N2MxY2NhZS0wYWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA14g3tuUAxspDlx7Mu0mVX1ncq0eVGJYlCHsZCNSIlmbV0Thksx6BHmLS
nm9tbKvhZnTqJ1xLRgnBI6s5kkp6bWrjz7pDHPetuXtZJSrvoH92iTg2e/oCpbzd
H2mQpnJLX73GPE+gDeFDsXZc7TCwzKJ0+BrA6Di3XmSh5ABvXYVZVVgTvthrYWXZ
QpxHSXWR1iqbbXILc/9Bg2N7Iu4S+djcPaoEKxoifPvVC8QHf4d2QNuaXaWHRqTh
NI/vXLcLMB5NdUClBk2qGV0PZZs+k5iDZVQSW5GsFbdsKGwRBJ8SiX0TKSDOcFZD
d8jDon6TRXtDd04D561JpSNoCcgj4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG2x
m4B268PVWARAIBrpu7JfuCviMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOUI4QjBFQUY1RTMxMUVGQUEyODE5OTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQTMA0GCSqGSIb3DQEBCwUA
A4IBAQAH413arBxSztmo5V9KPTa5JGJtbbxPxZa3T5qK4bmqzCc3ZA3eKpSpMH32
3J/sC6T4TsYG1PSXFZOW8MWQPu7vLXh+Btts6aQFsx59DjANtAN6IsBF7XTFI0fe
8iChN74P6ZmKforlwarxEpbcYBS2WJSEjjEUcDlFulvQ7y6WUVoRP3hvjUFqmfXY
fwRn8DCLbJxNMlky2mQyl8NBtc4svjlk5qjn77oBVyJg4MfMhv/RpLLkEG8WdVeu
8ZsMKx6nt1zJStq+OUpfSmHsIHtzslqSefI4874r2jDMWyV7tzMUcTp6VFX2HXxz
fWrHCYFhMVcOafCebiATz0SsEmIU
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:52:33 2025 by rpki-client