Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25EC351CF45211EF9005CA46762E951A.roa
File: 25EC351CF45211EF9005CA46762E951A.roa (raw, json)
Hash identifier: rrwBVXAuvP/HVwCCGZXlZj9ilDeeKvWQFPCLnwixTaU=
Subject key identifier: B8:67:54:D0:EF:47:4D:C9:F4:82:A6:1E:11:72:18:05:FB:F3:20:88
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013404
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25EC351CF45211EF9005CA46762E951A.roa
Signing time: Wed 26 Feb 2025 14:58:33 +0000
ROA not before: Wed 26 Feb 2025 14:58:30 +0000
ROA not after: Thu 19 Feb 2026 14:58:30 +0000
asID: 984
IP address blocks: 156.252.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78852 (0x13404)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 14:58:30 2025 GMT
Not After : Feb 19 14:58:30 2026 GMT
Subject: CN=67bf2c19-4d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:01:35:a5:33:9f:1a:92:38:b5:16:96:1d:99:
e6:a2:9b:e0:4e:e4:a4:83:6b:e7:f3:a8:cd:c7:c4:
ce:ba:a4:e2:b0:3a:26:c8:7f:c6:48:b2:a3:15:3f:
03:aa:e7:79:66:6a:b9:de:49:02:f5:b8:0f:b3:9a:
df:0d:c5:f4:c9:d0:12:a0:42:61:c6:58:3a:b5:28:
af:da:fd:bc:54:7e:51:75:ab:66:71:68:49:f2:33:
b9:bb:93:2c:e0:a1:ee:a3:f8:a7:af:d2:50:43:b6:
38:63:63:5b:f2:6f:61:74:e8:16:5c:98:fc:8b:33:
44:a9:6d:4c:e0:15:36:01:0f:3a:2f:33:d0:e4:7d:
56:71:7a:68:2a:a7:80:26:9a:7c:7c:43:58:49:79:
e7:43:ee:e3:b3:d5:20:97:24:1c:06:5d:d0:25:20:
55:30:0d:0e:54:0d:c8:85:31:57:4a:ef:dc:2d:ff:
07:4e:5a:55:79:ec:9e:78:a1:be:6f:1a:b6:2a:a7:
77:a6:98:d8:e5:8f:07:ad:e1:f1:f0:a0:5a:0b:c5:
22:de:ec:85:db:c3:da:42:05:94:ad:24:8f:05:c4:
50:f4:29:a8:08:e7:d4:43:89:38:c8:fb:69:48:ee:
f1:44:05:35:33:23:d7:4a:2a:54:e8:bf:ef:a2:85:
6e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:67:54:D0:EF:47:4D:C9:F4:82:A6:1E:11:72:18:05:FB:F3:20:88
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25EC351CF45211EF9005CA46762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.203.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:43:df:12:af:5c:eb:e5:b7:62:9b:a5:60:0c:14:33:35:09:
12:e1:69:a4:19:21:e1:68:49:72:59:71:bb:41:60:74:e0:89:
3d:db:23:bf:9a:d4:5c:a3:03:f5:63:75:85:75:b9:f0:f5:b2:
24:b2:59:52:a6:0e:9d:01:29:26:73:26:b3:c2:ad:17:7e:e9:
49:a0:ce:7d:f8:ae:cc:08:dd:b4:73:67:d5:11:01:1f:83:28:
a5:2c:6b:e8:fc:b5:0b:7a:05:b4:03:eb:0a:33:fe:f9:c4:d3:
4e:54:79:9e:cb:3b:85:d7:8b:d4:8a:1b:8e:fc:f6:6e:03:e1:
ef:86:dc:14:a4:29:2b:a0:0b:f3:21:ba:67:18:d1:3c:8a:4d:
1d:59:31:c6:50:11:b9:d4:0b:72:25:c2:af:2a:53:a0:a0:31:
e6:9a:e6:ef:f7:d9:2e:25:80:93:0b:3f:1d:f0:9c:c9:99:af:
7b:89:1c:53:b8:4e:c2:12:d4:b9:44:91:47:7b:82:40:48:6c:
77:53:15:43:0e:52:ec:ee:e0:04:64:df:ff:b0:38:3e:3e:25:
05:e7:80:81:8a:2c:c3:b4:3d:a2:ec:75:bc:38:dc:80:8c:31:
9f:fb:c8:ca:85:d6:af:f1:99:f1:c0:f3:0f:b0:0a:ff:56:7e:
cd:bc:13:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATQEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTQ1ODMwWhcNMjYwMjE5MTQ1ODMwWjAYMRYw
FAYDVQQDEw02N2JmMmMxOS00ZDc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0gE1pTOfGpI4tRaWHZnmopvgTuSkg2vn86jNx8TOuqTisDomyH/GSLKj
FT8Dqud5Zmq53kkC9bgPs5rfDcX0ydASoEJhxlg6tSiv2v28VH5RdatmcWhJ8jO5
u5Ms4KHuo/inr9JQQ7Y4Y2Nb8m9hdOgWXJj8izNEqW1M4BU2AQ86LzPQ5H1WcXpo
KqeAJpp8fENYSXnnQ+7js9UglyQcBl3QJSBVMA0OVA3IhTFXSu/cLf8HTlpVeeye
eKG+bxq2Kqd3ppjY5Y8HreHx8KBaC8Ui3uyF28PaQgWUrSSPBcRQ9CmoCOfUQ4k4
yPtpSO7xRAU1MyPXSipU6L/vooVuVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLhn
VNDvR03J9IKmHhFyGAX78yCIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNUVDMzUxQ0Y0NTIxMUVGOTAwNUNBNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPzLMA0GCSqGSIb3DQEBCwUA
A4IBAQAeQ98Sr1zr5bdim6VgDBQzNQkS4WmkGSHhaElyWXG7QWB04Ik92yO/mtRc
owP1Y3WFdbnw9bIksllSpg6dASkmcyazwq0XfulJoM59+K7MCN20c2fVEQEfgyil
LGvo/LULegW0A+sKM/75xNNOVHmeyzuF14vUihuO/PZuA+HvhtwUpCkroAvzIbpn
GNE8ik0dWTHGUBG51AtyJcKvKlOgoDHmmubv99kuJYCTCz8d8JzJma97iRxTuE7C
EtS5RJFHe4JASGx3UxVDDlLs7uAEZN//sDg+PiUF54CBiizDtD2i7HW8ONyAjDGf
+8jKhdav8ZnxwPMPsAr/Vn7NvBPl
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:06 2025 by rpki-client