Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/138EA464F44C11EFB421609A762E951A.roa
File: 138EA464F44C11EFB421609A762E951A.roa (raw, json)
Hash identifier: zrtbEuiJOH9PRjKUzXnL1ay4ZL7JmNZ1WkeVG/tNQWE=
Subject key identifier: 30:68:8B:BB:84:88:48:42:C2:A8:1A:B2:F2:A0:40:D4:B4:8D:EE:B0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0133A3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/138EA464F44C11EFB421609A762E951A.roa
Signing time: Wed 26 Feb 2025 14:15:06 +0000
ROA not before: Wed 26 Feb 2025 14:15:02 +0000
ROA not after: Thu 19 Feb 2026 14:15:02 +0000
asID: 984
IP address blocks: 156.252.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78755 (0x133a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 14:15:02 2025 GMT
Not After : Feb 19 14:15:02 2026 GMT
Subject: CN=67bf21e9-2be4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9b:87:e1:1c:e4:d0:53:34:10:06:00:34:65:
d2:0e:eb:a5:a3:7a:18:c6:72:54:43:9a:be:50:c7:
25:6d:8a:7e:3b:5f:b7:f2:6e:24:f3:6c:7b:4c:3a:
a9:9e:be:2e:d3:52:82:f7:a9:a8:b3:34:d7:99:34:
ba:cf:61:c1:b2:0f:34:17:de:1d:59:58:ac:40:32:
a9:70:52:6f:1d:35:19:ea:7b:d4:e3:0b:89:71:d1:
72:58:a0:1a:89:44:46:d3:eb:6b:be:83:f3:25:ab:
e7:f4:37:27:3d:c9:2d:41:05:c9:83:7b:bf:f9:a7:
bd:e1:9e:8b:cd:2c:e9:05:46:67:f1:6d:c4:c8:58:
d8:6c:dc:b5:5f:0a:fd:d4:f2:eb:6c:03:6c:83:37:
15:52:ac:2a:3d:7e:4a:23:ad:25:c4:7a:b9:6f:66:
06:18:7f:ce:d7:69:bf:73:2e:a8:e3:7a:02:63:72:
21:93:52:4a:91:28:35:1d:1f:4e:d2:07:ef:8b:1a:
a5:33:22:6f:e6:b8:e9:c6:31:1e:ab:42:26:47:30:
bd:3c:d3:2c:b1:8d:b5:74:7d:cc:90:05:d6:be:07:
9e:4a:47:61:bb:0a:5f:63:8e:b2:a6:5a:45:68:34:
d8:34:44:17:ad:0c:c0:3f:d8:cd:50:45:58:38:6e:
6e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:68:8B:BB:84:88:48:42:C2:A8:1A:B2:F2:A0:40:D4:B4:8D:EE:B0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/138EA464F44C11EFB421609A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.187.0/24
Signature Algorithm: sha256WithRSAEncryption
99:91:fe:dc:e2:33:2c:c2:fa:6f:47:4e:54:1e:8b:81:e3:2b:
60:11:5b:c2:30:a3:9f:75:ca:b7:89:c5:57:0d:2c:4f:1b:a0:
c6:e3:17:8b:74:23:fe:06:fd:b2:b9:83:6f:48:64:c5:d6:e9:
c8:b0:8b:88:f6:dc:5b:ca:ac:29:1f:51:74:42:2e:8a:01:06:
25:6a:57:25:ea:cd:41:7b:3a:b3:97:9a:87:c1:cf:6c:ee:98:
12:35:de:04:42:2c:37:68:a4:2c:05:6a:cc:84:94:fc:05:62:
f8:8c:4e:91:8e:06:49:09:3c:b3:36:ba:07:6e:bf:90:a7:aa:
69:e4:c1:f6:e7:20:59:cd:c5:96:68:c8:85:db:f4:0e:05:5d:
44:60:9c:a3:06:2d:f8:44:5f:57:e8:35:d7:e7:0b:12:b0:a4:
a3:bc:df:fc:af:6f:b0:f2:90:2f:48:be:1b:79:48:a9:92:01:
63:76:26:64:5d:a2:3c:5d:10:b3:d1:7b:0f:ad:89:48:f9:ee:
b3:9d:0e:a1:8f:af:21:d9:68:f5:bb:91:48:61:c7:ff:7a:0f:
04:a5:93:e0:f7:cf:cf:61:1b:d5:fa:7c:6d:1f:ee:7b:53:21:
fa:b9:a0:d5:a1:d0:1c:5f:75:10:38:7c:84:20:11:4a:75:ac:
23:10:b4:33
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATOjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTQxNTAyWhcNMjYwMjE5MTQxNTAyWjAYMRYw
FAYDVQQDEw02N2JmMjFlOS0yYmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA25uH4Rzk0FM0EAYANGXSDuulo3oYxnJUQ5q+UMclbYp+O1+38m4k82x7
TDqpnr4u01KC96moszTXmTS6z2HBsg80F94dWVisQDKpcFJvHTUZ6nvU4wuJcdFy
WKAaiURG0+trvoPzJavn9DcnPcktQQXJg3u/+ae94Z6LzSzpBUZn8W3EyFjYbNy1
Xwr91PLrbANsgzcVUqwqPX5KI60lxHq5b2YGGH/O12m/cy6o43oCY3Ihk1JKkSg1
HR9O0gfvixqlMyJv5rjpxjEeq0ImRzC9PNMssY21dH3MkAXWvgeeSkdhuwpfY46y
plpFaDTYNEQXrQzAP9jNUEVYOG5u2QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDBo
i7uEiEhCwqgasvKgQNS0je6wMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMzhFQTQ2NEY0NEMxMUVGQjQyMTYwOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPy7MA0GCSqGSIb3DQEBCwUA
A4IBAQCZkf7c4jMswvpvR05UHouB4ytgEVvCMKOfdcq3icVXDSxPG6DG4xeLdCP+
Bv2yuYNvSGTF1unIsIuI9txbyqwpH1F0Qi6KAQYlalcl6s1Bezqzl5qHwc9s7pgS
Nd4EQiw3aKQsBWrMhJT8BWL4jE6RjgZJCTyzNroHbr+Qp6pp5MH25yBZzcWWaMiF
2/QOBV1EYJyjBi34RF9X6DXX5wsSsKSjvN/8r2+w8pAvSL4beUipkgFjdiZkXaI8
XRCz0XsPrYlI+e6znQ6hj68h2Wj1u5FIYcf/eg8EpZPg98/PYRvV+nxtH+57UyH6
uaDVodAcX3UQOHyEIBFKdawjELQz
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:24:53 2025 by rpki-client