Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12E0DF98F8DC11EF87CDDB4D762E951A.roa
File: 12E0DF98F8DC11EF87CDDB4D762E951A.roa (raw, json)
Hash identifier: Tmt9E6BsS5VVou/a5U2grfTIKi6WK8G0fnDwrGwVUNs=
Subject key identifier: 1D:F6:E3:63:5A:E7:E4:D5:9A:E6:E4:B6:EB:A1:96:78:EA:13:D0:F0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0142F4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12E0DF98F8DC11EF87CDDB4D762E951A.roa
Signing time: Tue 04 Mar 2025 09:35:57 +0000
ROA not before: Tue 04 Mar 2025 09:35:53 +0000
ROA not after: Mon 21 Apr 2025 09:35:53 +0000
asID: 138915
IP address blocks: 156.225.117.0/24 maxlen: 24
156.229.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82676 (0x142f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 4 09:35:53 2025 GMT
Not After : Apr 21 09:35:53 2025 GMT
Subject: CN=67c6c97c-a3a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:3b:1f:13:60:88:00:f7:61:19:f3:8b:22:
df:6d:b4:c9:54:f7:98:b1:ef:69:84:f4:96:da:a2:
68:91:14:bd:ce:76:8f:8d:db:85:90:68:c3:f4:69:
1c:4b:ce:46:93:8c:c8:84:96:f2:78:0a:26:ec:af:
68:ce:48:72:49:34:a1:2e:61:2e:f2:14:52:17:81:
99:47:92:5a:cd:69:b4:49:df:a6:73:92:f7:43:b0:
fb:00:2c:43:16:62:3b:29:59:15:bd:b7:fb:45:ee:
9f:b7:a3:14:20:34:da:50:33:c2:86:78:d0:25:e6:
91:09:5d:1c:f9:71:2e:65:95:f4:6c:4c:00:82:37:
10:62:69:8c:2a:1d:3d:71:2d:cd:1f:02:3c:9e:8c:
60:33:77:2f:ff:26:f9:b0:d8:67:fe:f1:b1:ba:65:
58:9f:aa:91:15:26:ba:04:13:13:af:4b:da:9e:53:
9c:7c:1e:f6:89:69:0a:1a:79:e1:43:fa:4a:2d:f4:
59:06:0e:cf:4a:c1:d2:e2:16:48:c0:b0:ce:93:dd:
10:68:50:18:9f:a0:9d:7e:f1:75:a9:4d:11:5c:ec:
b3:d5:b5:94:db:57:c4:fd:70:99:42:2d:ad:09:d3:
3d:11:a0:4d:04:f9:1a:f7:38:cd:34:8c:84:1e:b8:
35:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F6:E3:63:5A:E7:E4:D5:9A:E6:E4:B6:EB:A1:96:78:EA:13:D0:F0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12E0DF98F8DC11EF87CDDB4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.117.0/24
156.229.51.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ee:49:14:94:f1:38:17:e3:b2:01:c4:75:3b:7f:94:3c:e7:
f4:23:0f:be:8e:e6:bb:2b:c4:33:5d:cf:a3:88:c9:bb:b6:86:
85:40:df:24:8b:61:ff:b8:7f:05:bf:59:ec:26:a6:e8:bd:27:
b5:2b:9a:5d:98:61:3d:1b:4b:9b:a9:bd:e5:91:06:37:aa:18:
c3:57:cd:73:22:7e:c0:27:f8:53:9c:d9:bd:d8:23:cc:41:ec:
b9:85:b9:55:17:5a:f7:da:1e:56:5b:66:23:d0:29:cb:9d:58:
7a:3f:df:26:87:d1:f2:7d:41:80:90:c4:ed:75:04:4b:87:b5:
bd:b1:9d:ef:3b:42:73:73:45:84:ec:ae:61:47:6a:96:77:e6:
67:a1:38:b9:c1:4b:cc:22:54:1c:d9:ed:53:48:49:a2:00:ad:
e8:55:e5:eb:da:85:4d:e4:b0:f8:7f:ad:f1:0e:ad:58:ed:75:
27:34:52:25:65:23:72:bf:85:13:9a:8d:0f:b1:60:d0:51:67:
c3:fd:b9:aa:9a:53:29:4a:06:af:1b:c6:10:9f:1b:86:0b:0e:
4d:fd:24:95:49:23:e5:be:c5:37:04:df:18:12:79:9c:89:25:
57:9c:11:0f:15:0f:5e:04:d3:50:0f:a5:14:80:dc:17:a2:c1:
98:be:fb:36
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUL0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA0MDkzNTUzWhcNMjUwNDIxMDkzNTUzWjAYMRYw
FAYDVQQDEw02N2M2Yzk3Yy1hM2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArp47HxNgiAD3YRnziyLfbbTJVPeYse9phPSW2qJokRS9znaPjduFkGjD
9GkcS85Gk4zIhJbyeAom7K9ozkhySTShLmEu8hRSF4GZR5JazWm0Sd+mc5L3Q7D7
ACxDFmI7KVkVvbf7Re6ft6MUIDTaUDPChnjQJeaRCV0c+XEuZZX0bEwAgjcQYmmM
Kh09cS3NHwI8noxgM3cv/yb5sNhn/vGxumVYn6qRFSa6BBMTr0vanlOcfB72iWkK
GnnhQ/pKLfRZBg7PSsHS4hZIwLDOk90QaFAYn6CdfvF1qU0RXOyz1bWU21fE/XCZ
Qi2tCdM9EaBNBPka9zjNNIyEHrg1xQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB32
42Na5+TVmubktuuhlnjqE9DwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMkUwREY5OEY4REMxMUVGODdDRERCNEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOF1AwQAnOUzMA0GCSqGSIb3
DQEBCwUAA4IBAQB67kkUlPE4F+OyAcR1O3+UPOf0Iw++jua7K8QzXc+jiMm7toaF
QN8ki2H/uH8Fv1nsJqbovSe1K5pdmGE9G0ubqb3lkQY3qhjDV81zIn7AJ/hTnNm9
2CPMQey5hblVF1r32h5WW2Yj0CnLnVh6P98mh9HyfUGAkMTtdQRLh7W9sZ3vO0Jz
c0WE7K5hR2qWd+ZnoTi5wUvMIlQc2e1TSEmiAK3oVeXr2oVN5LD4f63xDq1Y7XUn
NFIlZSNyv4UTmo0PsWDQUWfD/bmqmlMpSgavG8YQnxuGCw5N/SSVSSPlvsU3BN8Y
EnmciSVXnBEPFQ9eBNNQD6UUgNwXosGYvvs2
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:27 2025 by rpki-client