Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F133AA6C95E11EF8AD2D48C762E951A.roa
File: 2F133AA6C95E11EF8AD2D48C762E951A.roa (raw, json)
Hash identifier: lNfNVECwuQQzOHJIp84DB+IcAJM7O7/y0jrWzlgpZ94=
Subject key identifier: A5:48:C8:F3:21:C3:FE:60:7B:EC:0B:53:BC:64:67:BC:6F:B4:E5:86
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F444
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F133AA6C95E11EF8AD2D48C762E951A.roa
Signing time: Thu 02 Jan 2025 23:06:23 +0000
ROA not before: Thu 02 Jan 2025 23:06:19 +0000
ROA not after: Sat 13 Dec 2025 23:06:19 +0000
asID: 984
IP address blocks: 156.226.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62532 (0xf444)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 23:06:19 2025 GMT
Not After : Dec 13 23:06:19 2025 GMT
Subject: CN=67771bee-0b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b1:46:18:4e:b0:c8:b7:f3:76:c0:32:68:01:
89:bc:f2:e0:18:b8:89:d7:10:c9:24:47:19:2f:0c:
b9:be:77:61:3f:db:71:9a:34:59:7e:67:7d:70:b9:
3d:69:2a:d6:96:1f:d2:9b:50:18:04:be:e7:3b:d3:
2a:b5:27:d7:d3:71:2e:76:dc:a1:ef:f7:1f:f5:06:
a7:d5:a4:53:ba:90:7c:02:fc:47:eb:20:e9:13:4f:
3b:ce:6f:48:df:c9:e9:3c:3a:9d:d7:75:de:4c:1f:
ed:e5:a8:61:cc:d7:72:03:19:c9:dd:37:52:93:00:
ed:5c:97:1b:f7:86:70:aa:12:40:6a:00:26:30:0f:
9f:e2:c8:a4:4c:d7:67:26:79:c7:f2:61:f3:a5:20:
ef:e1:42:9b:bd:7e:c7:47:5a:ba:50:dd:ae:74:48:
56:b3:81:c9:53:35:1a:e3:69:b0:60:71:55:95:7e:
33:b1:90:60:b4:e3:74:64:e5:3f:12:2c:42:f4:16:
67:a0:1b:89:ed:2c:51:45:64:7e:57:1c:f1:34:da:
06:ae:9b:f2:b8:7b:4b:f8:e1:7b:86:7f:85:f9:91:
c2:ed:b9:9b:28:70:0b:f0:d8:20:d8:c5:f3:9d:fd:
66:0e:36:a3:2d:d9:ff:69:5e:38:2b:13:8f:78:7f:
25:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:48:C8:F3:21:C3:FE:60:7B:EC:0B:53:BC:64:67:BC:6F:B4:E5:86
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2F133AA6C95E11EF8AD2D48C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.212.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:68:bf:4b:66:cc:59:d0:32:b8:fa:e7:2d:b4:d9:f6:20:b6:
19:84:8e:c8:ed:87:9a:75:87:8b:64:96:fc:af:64:d6:9f:51:
08:b9:26:bf:e8:8c:cb:52:c9:74:21:09:62:01:2d:6b:56:b4:
c3:bb:c8:eb:f0:d6:fe:ca:83:e9:05:22:10:c8:da:5d:60:52:
2f:2f:08:e6:81:d4:0f:4a:18:36:54:0f:36:41:d4:be:25:5c:
73:f8:14:25:98:b4:a5:ab:0a:e4:c6:e8:74:24:6b:33:7f:7b:
a7:37:7e:39:69:c8:a5:66:07:e6:a1:fe:d2:e9:fa:01:29:6c:
5a:d2:45:36:e2:d0:d9:b4:e8:19:bb:f7:06:a8:4a:68:f5:30:
93:95:ca:5b:94:a0:f7:94:96:98:6a:50:a8:29:d6:a9:98:48:
99:78:1c:75:67:83:66:6a:5b:f5:e0:dc:86:5c:a3:38:be:8d:
4d:1a:39:cd:c7:34:16:09:fb:00:e9:2d:e7:f6:8d:84:c0:e7:
86:a0:cb:8e:b2:52:0e:7c:66:b6:5e:2e:0a:83:e9:24:26:95:
26:a9:69:de:2c:8f:f4:1b:b7:23:56:45:02:80:c5:e5:29:b9:
14:72:2e:4c:61:b1:9a:54:cf:9f:f1:4f:e2:58:49:ea:a8:a0:
f1:37:ce:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPREMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjMwNjE5WhcNMjUxMjEzMjMwNjE5WjAYMRYw
FAYDVQQDEw02Nzc3MWJlZS0wYjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0rFGGE6wyLfzdsAyaAGJvPLgGLiJ1xDJJEcZLwy5vndhP9txmjRZfmd9
cLk9aSrWlh/Sm1AYBL7nO9MqtSfX03Eudtyh7/cf9Qan1aRTupB8AvxH6yDpE087
zm9I38npPDqd13XeTB/t5ahhzNdyAxnJ3TdSkwDtXJcb94ZwqhJAagAmMA+f4sik
TNdnJnnH8mHzpSDv4UKbvX7HR1q6UN2udEhWs4HJUzUa42mwYHFVlX4zsZBgtON0
ZOU/EixC9BZnoBuJ7SxRRWR+VxzxNNoGrpvyuHtL+OF7hn+F+ZHC7bmbKHAL8Ngg
2MXznf1mDjajLdn/aV44KxOPeH8lnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKVI
yPMhw/5ge+wLU7xkZ7xvtOWGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRjEzM0FBNkM5NUUxMUVGOEFEMkQ0OEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLUMA0GCSqGSIb3DQEBCwUA
A4IBAQANaL9LZsxZ0DK4+ucttNn2ILYZhI7I7YeadYeLZJb8r2TWn1EIuSa/6IzL
Usl0IQliAS1rVrTDu8jr8Nb+yoPpBSIQyNpdYFIvLwjmgdQPShg2VA82QdS+JVxz
+BQlmLSlqwrkxuh0JGszf3unN345acilZgfmof7S6foBKWxa0kU24tDZtOgZu/cG
qEpo9TCTlcpblKD3lJaYalCoKdapmEiZeBx1Z4Nmalv14NyGXKM4vo1NGjnNxzQW
CfsA6S3n9o2EwOeGoMuOslIOfGa2Xi4Kg+kkJpUmqWneLI/0G7cjVkUCgMXlKbkU
ci5MYbGaVM+f8U/iWEnqqKDxN87k
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:26 2025 by rpki-client