Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21726088F5DD11EFAC1F0868762E951A.roa
File: 21726088F5DD11EFAC1F0868762E951A.roa (raw, json)
Hash identifier: SLT+ie/Jp99DCkDpbO3aGdTuksiFq23yHewixBRTgEk=
Subject key identifier: 17:35:F6:5D:D6:8D:D0:B7:6B:42:B8:41:7C:58:D2:29:BE:DB:00:A3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E20
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21726088F5DD11EFAC1F0868762E951A.roa
Signing time: Fri 28 Feb 2025 14:05:57 +0000
ROA not before: Fri 28 Feb 2025 14:05:53 +0000
ROA not after: Fri 04 Apr 2025 14:05:53 +0000
asID: 60223
IP address blocks: 156.229.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Apr 2025 14:05:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81440 (0x13e20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 14:05:53 2025 GMT
Not After : Apr 4 14:05:53 2025 GMT
Subject: CN=67c1c2c5-734f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d1:3d:04:4f:a0:7e:a8:6b:50:3e:ce:64:3a:
27:df:00:05:db:2e:9e:e5:83:1c:a6:13:cb:32:10:
ff:16:33:1a:4c:de:7c:10:ca:b3:6e:fd:fc:da:ea:
24:20:91:86:e6:45:e3:39:be:13:e9:05:db:0b:3b:
b3:e1:3b:8a:68:d2:77:a1:60:5d:b6:ec:90:d1:3f:
82:3e:55:36:bf:03:92:47:79:63:82:99:e5:ca:78:
62:1c:d3:14:1f:c3:1a:05:b8:6e:68:f9:50:77:39:
64:2b:36:f8:6d:e0:0c:6a:b1:20:77:6d:eb:53:a3:
7b:c2:9c:f4:aa:f5:80:e2:b4:d5:3d:f3:9d:6e:03:
58:3d:10:51:00:af:15:a9:f0:91:68:80:ea:18:c5:
59:9d:19:26:df:6d:bb:1b:fb:73:32:89:2e:32:ee:
52:cf:10:6b:57:dd:56:07:1c:72:88:79:0f:01:69:
58:ed:66:5d:00:2a:f7:a0:d0:a1:3b:b8:1c:d5:37:
29:be:94:cc:7e:3a:a7:c6:c0:14:7d:7e:dd:41:c5:
34:f8:0b:6b:ca:79:f5:55:5e:bd:88:27:1e:74:80:
f8:60:b6:85:e0:18:5e:a8:59:cc:6a:5d:e7:13:d9:
69:57:6b:49:59:e3:0f:35:88:bb:d2:23:0c:18:9e:
34:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:35:F6:5D:D6:8D:D0:B7:6B:42:B8:41:7C:58:D2:29:BE:DB:00:A3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21726088F5DD11EFAC1F0868762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.248.0/22
Signature Algorithm: sha256WithRSAEncryption
58:4f:0e:f4:d0:20:5c:cd:85:3d:ab:de:4a:10:83:72:64:10:
04:9c:e9:9d:cd:e9:76:09:9b:d2:15:fb:48:d6:23:37:e6:d4:
97:43:16:f5:9d:71:a8:0f:6c:ca:1a:51:31:f6:2b:ca:7f:c3:
54:53:cd:c6:27:f8:49:ae:50:e8:82:53:56:60:10:68:bb:6e:
ae:77:8d:4c:60:cd:70:7b:ae:02:2f:38:61:70:0f:f8:2d:a2:
da:d0:b7:6c:cd:03:f4:74:ad:7b:07:42:05:f3:a0:f0:4d:3d:
34:a9:ee:f4:5c:0c:aa:37:e5:83:60:08:fd:32:e4:14:74:cb:
be:3d:51:fb:5b:bc:92:7e:b6:39:47:13:0d:14:ee:f4:c9:49:
08:5f:fe:ad:fa:cd:a2:28:a6:03:d3:7e:30:cb:7a:c4:00:27:
a8:36:08:38:02:9a:9e:cd:6c:5a:1b:ec:65:b7:6a:65:de:67:
01:3d:e4:41:f3:d7:db:17:89:9b:4b:61:82:07:0b:c8:e9:64:
94:cd:fb:9e:af:1f:8a:2a:bb:59:da:95:a3:27:f0:49:43:ec:
24:8a:59:36:1b:6d:fc:f4:a2:2a:d1:f6:e0:ad:dd:90:6d:e7:
68:db:e8:77:ce:71:8c:3f:d3:5d:3c:e7:c9:91:91:c0:38:81:
af:5b:95:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT4gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTQwNTUzWhcNMjUwNDA0MTQwNTUzWjAYMRYw
FAYDVQQDEw02N2MxYzJjNS03MzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx9E9BE+gfqhrUD7OZDon3wAF2y6e5YMcphPLMhD/FjMaTN58EMqzbv38
2uokIJGG5kXjOb4T6QXbCzuz4TuKaNJ3oWBdtuyQ0T+CPlU2vwOSR3ljgpnlynhi
HNMUH8MaBbhuaPlQdzlkKzb4beAMarEgd23rU6N7wpz0qvWA4rTVPfOdbgNYPRBR
AK8VqfCRaIDqGMVZnRkm3227G/tzMokuMu5SzxBrV91WBxxyiHkPAWlY7WZdACr3
oNChO7gc1TcpvpTMfjqnxsAUfX7dQcU0+Atrynn1VV69iCcedID4YLaF4BheqFnM
al3nE9lpV2tJWeMPNYi70iMMGJ40nwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBc1
9l3WjdC3a0K4QXxY0im+2wCjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMTcyNjA4OEY1REQxMUVGQUMxRjA4Njg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOX4MA0GCSqGSIb3DQEBCwUA
A4IBAQBYTw700CBczYU9q95KEINyZBAEnOmdzel2CZvSFftI1iM35tSXQxb1nXGo
D2zKGlEx9ivKf8NUU83GJ/hJrlDoglNWYBBou26ud41MYM1we64CLzhhcA/4LaLa
0LdszQP0dK17B0IF86DwTT00qe70XAyqN+WDYAj9MuQUdMu+PVH7W7ySfrY5RxMN
FO70yUkIX/6t+s2iKKYD034wy3rEACeoNgg4ApqezWxaG+xlt2pl3mcBPeRB89fb
F4mbS2GCBwvI6WSUzfuerx+KKrtZ2pWjJ/BJQ+wkilk2G2389KIq0fbgrd2Qbedo
2+h3znGMP9NdPOfJkZHAOIGvW5W6
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:29:44 2025 by rpki-client