Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24E05860F46B11EF90EFEE73762E951A.roa
File: 24E05860F46B11EF90EFEE73762E951A.roa (raw, json)
Hash identifier: mE/+9/MvIaPKcx9Qf6jhTJ4DwkaOYzqGqjNhG5cXl4w=
Subject key identifier: 81:EC:07:B3:2D:6F:6F:D0:7F:3E:51:DD:7D:C1:0B:BF:EC:83:8A:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0135FF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24E05860F46B11EF90EFEE73762E951A.roa
Signing time: Wed 26 Feb 2025 17:57:29 +0000
ROA not before: Wed 26 Feb 2025 17:57:25 +0000
ROA not after: Thu 19 Feb 2026 17:57:25 +0000
asID: 984
IP address blocks: 156.228.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79359 (0x135ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 17:57:25 2025 GMT
Not After : Feb 19 17:57:25 2026 GMT
Subject: CN=67bf5609-bd12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e3:88:c1:9d:64:96:4c:7b:13:87:42:3b:3a:
8b:81:39:7f:56:a8:ed:1a:2a:07:40:68:fe:b4:c9:
33:b3:86:80:96:1f:2f:c7:60:34:ad:ed:4e:c6:d8:
2c:44:67:76:83:a8:db:8b:a9:e6:2c:bc:3c:22:01:
b3:31:f3:ad:38:28:b2:7a:88:79:3f:c2:91:7c:e2:
66:35:9e:4d:54:0a:f3:4a:6e:31:92:ec:93:62:2c:
40:c2:38:ae:d8:57:23:d0:54:0d:9f:74:4a:af:2b:
1c:c0:81:31:e0:f1:6c:38:08:8a:83:c9:91:d9:b8:
ed:6f:d0:93:1c:93:27:7a:06:26:17:94:73:cb:bf:
be:78:86:33:48:b5:53:de:de:5f:36:79:31:f6:e9:
69:b5:ed:64:20:81:e4:5d:ac:26:d7:1d:5f:1d:0c:
ec:57:ca:db:a4:7c:1e:a9:9e:38:e1:d2:8b:5d:e2:
ab:67:40:1b:48:20:8a:2a:a0:e6:61:3c:e6:cb:5f:
6b:83:29:6b:6f:af:8a:16:86:ef:d0:f6:1e:b7:4d:
ae:1d:4e:74:18:e5:30:a4:a1:b2:60:7c:e1:70:ca:
6c:71:11:bc:4d:c2:91:7f:7d:7d:29:56:6b:17:ff:
a1:c1:ad:64:83:71:06:52:1b:c6:c0:1a:8d:7a:58:
98:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EC:07:B3:2D:6F:6F:D0:7F:3E:51:DD:7D:C1:0B:BF:EC:83:8A:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/24E05860F46B11EF90EFEE73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.136.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a0:c2:62:17:c3:a9:6f:1e:a3:32:af:46:56:59:05:d1:79:
30:b2:db:0d:03:36:6d:a4:6a:89:ac:1a:02:8f:e7:d7:fe:0b:
6d:60:21:b3:8d:c0:34:77:a8:0d:ad:a1:54:ce:89:23:c2:10:
8a:b2:45:48:60:68:2b:d5:6a:6f:71:d4:0d:98:e6:0d:14:9d:
e3:3a:e3:48:a8:49:fe:93:96:0f:a0:a2:8c:f5:20:7b:e5:c4:
3b:8a:69:a6:1a:53:8a:53:14:76:68:c2:c9:bb:2d:d8:6b:1f:
f7:ba:30:93:c1:f4:76:1c:7f:1c:f3:c3:3b:7d:2b:1d:4a:55:
a6:c3:00:ce:d5:e2:e5:f1:50:52:5b:4e:c5:29:67:c5:99:1f:
b7:a2:a0:b8:98:85:e1:33:75:62:1b:9a:9a:2f:a6:8a:89:65:
2a:3e:40:69:b1:bb:27:b0:8d:c2:a8:9d:f0:0d:85:35:8b:19:
73:1a:78:e2:5d:f4:c2:b9:74:c5:7a:25:17:22:5c:8f:a8:36:
63:93:a2:72:83:95:9e:26:88:8b:98:93:a0:66:bf:36:d4:b7:
5d:d8:6f:15:99:c1:fe:78:08:23:b6:99:b4:80:a4:f3:a8:a9:
d5:7e:f5:bb:0f:85:a2:50:b4:23:0c:dc:6a:c6:c6:94:e6:b4:
24:d3:74:4c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATX/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTc1NzI1WhcNMjYwMjE5MTc1NzI1WjAYMRYw
FAYDVQQDEw02N2JmNTYwOS1iZDEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoeOIwZ1klkx7E4dCOzqLgTl/VqjtGioHQGj+tMkzs4aAlh8vx2A0re1O
xtgsRGd2g6jbi6nmLLw8IgGzMfOtOCiyeoh5P8KRfOJmNZ5NVArzSm4xkuyTYixA
wjiu2Fcj0FQNn3RKryscwIEx4PFsOAiKg8mR2bjtb9CTHJMnegYmF5Rzy7++eIYz
SLVT3t5fNnkx9ulpte1kIIHkXawm1x1fHQzsV8rbpHweqZ444dKLXeKrZ0AbSCCK
KqDmYTzmy19rgylrb6+KFobv0PYet02uHU50GOUwpKGyYHzhcMpscRG8TcKRf319
KVZrF/+hwa1kg3EGUhvGwBqNeliYoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIHs
B7Mtb2/Qfz5R3X3BC7/sg4o9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNEUwNTg2MEY0NkIxMUVGOTBFRkVFNzM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOSIMA0GCSqGSIb3DQEBCwUA
A4IBAQA3oMJiF8Opbx6jMq9GVlkF0XkwstsNAzZtpGqJrBoCj+fX/gttYCGzjcA0
d6gNraFUzokjwhCKskVIYGgr1WpvcdQNmOYNFJ3jOuNIqEn+k5YPoKKM9SB75cQ7
immmGlOKUxR2aMLJuy3Yax/3ujCTwfR2HH8c88M7fSsdSlWmwwDO1eLl8VBSW07F
KWfFmR+3oqC4mIXhM3ViG5qaL6aKiWUqPkBpsbsnsI3CqJ3wDYU1ixlzGnjiXfTC
uXTFeiUXIlyPqDZjk6Jyg5WeJoiLmJOgZr821Ldd2G8VmcH+eAgjtpm0gKTzqKnV
fvW7D4WiULQjDNxqxsaU5rQk03RM
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:03 2025 by rpki-client