Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BBD1F0407B511F08DF09156762E951A.roa
File: 1BBD1F0407B511F08DF09156762E951A.roa (raw, json)
Hash identifier: TM9bL0kn/ndehjGf3/nL7/HDfkAuLaUSWkDNT38jumk=
Subject key identifier: 25:82:44:86:DA:C2:C5:E0:22:D7:D7:C7:E4:6B:1B:84:D2:10:02:DA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0147BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BBD1F0407B511F08DF09156762E951A.roa
Signing time: Sun 23 Mar 2025 07:04:48 +0000
ROA not before: Sun 23 Mar 2025 07:04:44 +0000
ROA not after: Sat 26 Apr 2025 07:04:44 +0000
asID: 274728
IP address blocks: 156.235.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83898 (0x147ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 23 07:04:44 2025 GMT
Not After : Apr 26 07:04:44 2025 GMT
Subject: CN=67dfb290-7753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:41:b7:9f:44:2f:42:09:7a:2c:a1:19:53:73:
7d:b8:db:01:2a:54:8c:da:a4:9f:dd:df:77:fc:9e:
a6:3e:1e:ff:25:42:29:9b:0f:a1:da:bc:4d:9d:e5:
18:fc:8c:3f:05:0a:b5:3c:c2:86:66:00:d1:51:31:
df:10:2f:b8:25:c4:90:3f:36:d7:4a:dd:9f:e3:3a:
5c:12:fd:89:6a:8e:5e:84:53:85:d5:22:28:ce:c2:
5f:3a:32:01:6c:a6:0b:80:85:49:e2:20:1f:dc:93:
bb:31:4e:41:24:3d:c5:ea:72:83:d6:11:f6:c7:e1:
e6:4b:f0:01:81:d9:28:7f:29:8b:7c:69:8c:5a:fe:
f5:b3:52:08:ea:4a:b5:cb:1f:42:6a:45:10:37:ca:
3e:b0:84:07:ed:08:f3:22:fe:c8:c5:19:2f:32:fe:
ba:2c:ef:cc:e2:db:db:ce:67:39:19:84:0b:ec:43:
7a:05:3f:1e:dd:f8:8e:de:a6:cc:28:f9:6b:1b:45:
f8:9c:5c:27:20:29:7e:08:7a:27:9d:9b:e0:fd:c9:
03:59:52:c9:ca:49:49:60:e1:5c:56:fc:b7:5a:20:
97:31:f4:c5:e5:5c:d7:76:3b:e5:c2:79:ab:9f:f4:
16:29:41:7a:05:1d:45:3e:26:24:42:be:e7:44:0b:
e2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:82:44:86:DA:C2:C5:E0:22:D7:D7:C7:E4:6B:1B:84:D2:10:02:DA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BBD1F0407B511F08DF09156762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.49.0/24
Signature Algorithm: sha256WithRSAEncryption
26:8d:cd:f5:d3:58:6b:d8:5e:ea:1d:e9:4e:68:da:5d:72:8b:
a9:bc:c5:22:e7:5a:eb:34:2f:96:38:ae:35:bd:6d:27:f4:46:
ce:7c:04:83:6d:69:70:4e:82:3e:71:9f:d5:90:76:a6:b9:04:
76:aa:2b:86:9a:5c:a8:dd:8f:9a:22:a7:e3:7a:cf:c3:d7:8c:
f6:e8:66:df:4b:ae:a9:57:bd:00:1e:cf:82:ce:38:15:67:db:
10:a6:45:6d:c2:19:5f:0d:06:2f:ae:32:bb:ea:01:0c:bd:2a:
3e:a4:11:bb:ca:cc:06:c3:4e:f2:2c:5f:ec:6a:8f:35:a3:50:
f5:b4:76:b4:c4:c9:33:0f:c3:ed:3f:36:61:ff:fd:a5:ab:a3:
85:90:f8:ba:6c:2f:c8:30:ee:cb:70:f1:68:18:1f:96:e6:28:
22:f9:cb:76:3e:42:b2:b1:bf:8b:a7:d3:eb:59:fd:82:9d:53:
e9:74:bc:8c:10:0f:9f:db:59:d8:f9:14:fa:1e:be:3d:0e:52:
22:62:7d:b2:95:c4:b4:1c:67:83:9e:bb:5b:e5:13:1d:fb:fa:
c2:0b:42:22:d3:de:bf:e6:ff:02:d3:7f:32:9c:65:23:51:2b:
43:f1:eb:cb:f5:91:7a:5f:d0:3c:89:38:81:00:8c:20:f0:72:
88:ea:52:0d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUe6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzIzMDcwNDQ0WhcNMjUwNDI2MDcwNDQ0WjAYMRYw
FAYDVQQDEw02N2RmYjI5MC03NzUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUG3n0QvQgl6LKEZU3N9uNsBKlSM2qSf3d93/J6mPh7/JUIpmw+h2rxN
neUY/Iw/BQq1PMKGZgDRUTHfEC+4JcSQPzbXSt2f4zpcEv2Jao5ehFOF1SIozsJf
OjIBbKYLgIVJ4iAf3JO7MU5BJD3F6nKD1hH2x+HmS/ABgdkofymLfGmMWv71s1II
6kq1yx9CakUQN8o+sIQH7QjzIv7IxRkvMv66LO/M4tvbzmc5GYQL7EN6BT8e3fiO
3qbMKPlrG0X4nFwnICl+CHonnZvg/ckDWVLJyklJYOFcVvy3WiCXMfTF5VzXdjvl
wnmrn/QWKUF6BR1FPiYkQr7nRAviKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCWC
RIbawsXgItfXx+RrG4TSEALaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQkJEMUYwNDA3QjUxMUYwOERGMDkxNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOsxMA0GCSqGSIb3DQEBCwUA
A4IBAQAmjc3101hr2F7qHelOaNpdcoupvMUi51rrNC+WOK41vW0n9EbOfASDbWlw
ToI+cZ/VkHamuQR2qiuGmlyo3Y+aIqfjes/D14z26GbfS66pV70AHs+CzjgVZ9sQ
pkVtwhlfDQYvrjK76gEMvSo+pBG7yswGw07yLF/sao81o1D1tHa0xMkzD8PtPzZh
//2lq6OFkPi6bC/IMO7LcPFoGB+W5igi+ct2PkKysb+Lp9PrWf2CnVPpdLyMEA+f
21nY+RT6Hr49DlIiYn2ylcS0HGeDnrtb5RMd+/rCC0Ii096/5v8C038ynGUjUStD
8evL9ZF6X9A8iTiBAIwg8HKI6lIN
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:53:32 2025 by rpki-client