Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/328F4BD20A1F11F0908FCC8F762E951A.roa
File: 328F4BD20A1F11F0908FCC8F762E951A.roa (raw, json)
Hash identifier: NgDd4DdX8LNj1tqsrUNq5S9M8rnZu7GGPau3ahnpFY4=
Subject key identifier: 8A:4A:60:78:08:52:E4:2E:3C:83:5F:AC:A0:68:91:6C:3C:11:96:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01484A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/328F4BD20A1F11F0908FCC8F762E951A.roa
Signing time: Wed 26 Mar 2025 08:49:16 +0000
ROA not before: Wed 26 Mar 2025 08:49:12 +0000
ROA not after: Tue 29 Apr 2025 08:49:12 +0000
asID: 5068
IP address blocks: 156.245.192.0/24 maxlen: 24
156.245.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84042 (0x1484a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 26 08:49:12 2025 GMT
Not After : Apr 29 08:49:12 2025 GMT
Subject: CN=67e3bf8c-c39b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:25:1b:14:c4:32:4a:68:c7:2f:ea:80:bd:eb:
97:5e:56:8f:56:ba:89:9f:94:4d:31:02:87:42:a6:
75:ff:f1:b1:50:71:c8:9f:7d:c6:90:af:d4:19:d7:
dd:cd:66:68:63:2e:20:f1:56:ec:66:6f:92:5a:ee:
3a:5e:ea:5e:74:70:fd:42:4d:83:f2:39:7d:11:78:
ca:30:48:41:47:63:a6:21:c1:58:41:56:4b:ee:a9:
b6:53:d4:f1:38:f4:a2:28:f1:a7:58:48:99:ba:28:
c4:ca:52:be:99:b0:31:49:58:9a:7f:6c:2c:81:e3:
12:4f:10:26:7a:64:b9:4f:7d:39:fc:86:82:90:ee:
0e:3d:da:a2:92:ee:45:b6:02:6e:05:ec:e8:86:46:
7a:68:47:29:27:2c:31:5c:fe:21:c2:44:db:40:5a:
42:08:eb:48:30:3f:74:d7:9f:4a:c5:c0:af:7f:44:
9e:fb:12:db:5a:b5:b4:a8:ef:49:6e:16:1c:61:da:
e2:5a:17:f2:74:d8:ff:a9:30:6c:1d:90:10:10:1d:
a5:97:97:68:25:02:24:66:e5:0b:8b:26:7f:9d:9a:
54:62:e6:19:ee:3d:23:de:e3:7d:22:d8:57:a4:19:
10:91:c8:9c:7a:ba:a3:af:ee:80:9c:40:c4:be:42:
6f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4A:60:78:08:52:E4:2E:3C:83:5F:AC:A0:68:91:6C:3C:11:96:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/328F4BD20A1F11F0908FCC8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.192.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:39:57:46:40:a2:9c:7a:9a:9e:72:2d:81:d6:7b:68:37:b2:
f6:ab:4b:65:4d:30:54:4b:68:94:eb:bf:6a:35:1d:8b:b8:3c:
e2:05:7e:03:fc:39:46:dd:e8:1d:b5:84:33:c1:65:70:09:b4:
16:51:51:6d:1b:74:53:bd:51:2b:10:2f:b8:e9:93:08:86:53:
25:29:aa:bb:03:e5:c8:e9:d4:4a:71:81:33:f5:7a:d7:ce:39:
f9:43:1a:6f:27:28:73:11:e4:9a:4c:64:2b:26:13:6d:ff:35:
6c:a8:1b:04:19:35:e4:9f:53:60:2e:7d:c9:21:67:38:10:ff:
cb:48:49:b9:d0:8b:42:52:9f:88:e8:c1:23:e3:5d:fb:54:d6:
ba:2a:6e:0c:2f:c0:de:22:f8:00:19:77:70:63:cf:87:1b:d9:
c7:9a:7f:9e:65:44:63:9f:53:df:72:33:7c:38:31:16:f7:bd:
cd:bd:a5:6c:5b:c7:f8:fc:f0:a1:67:f8:d1:b4:83:fb:34:06:
8b:6f:3b:ba:72:c7:a0:7f:30:32:9d:71:b9:54:1f:bc:10:95:
37:46:e2:b0:19:50:3a:cd:e2:7e:3a:67:9a:0d:3a:38:43:f6:
79:e6:87:3c:05:f4:2c:64:7d:3a:fc:b4:cb:f4:b1:78:a7:12:
89:00:b1:68
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUhKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI2MDg0OTEyWhcNMjUwNDI5MDg0OTEyWjAYMRYw
FAYDVQQDEw02N2UzYmY4Yy1jMzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxiUbFMQySmjHL+qAveuXXlaPVrqJn5RNMQKHQqZ1//GxUHHIn33GkK/U
GdfdzWZoYy4g8VbsZm+SWu46XupedHD9Qk2D8jl9EXjKMEhBR2OmIcFYQVZL7qm2
U9TxOPSiKPGnWEiZuijEylK+mbAxSViaf2wsgeMSTxAmemS5T305/IaCkO4OPdqi
ku5FtgJuBezohkZ6aEcpJywxXP4hwkTbQFpCCOtIMD90159KxcCvf0Se+xLbWrW0
qO9JbhYcYdriWhfydNj/qTBsHZAQEB2ll5doJQIkZuULiyZ/nZpUYuYZ7j0j3uN9
IthXpBkQkcicerqjr+6AnEDEvkJviQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIpK
YHgIUuQuPINfrKBokWw8EZaaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMjhGNEJEMjBBMUYxMUYwOTA4RkNDOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXAMA0GCSqGSIb3DQEBCwUA
A4IBAQBNOVdGQKKcepqeci2B1ntoN7L2q0tlTTBUS2iU679qNR2LuDziBX4D/DlG
3egdtYQzwWVwCbQWUVFtG3RTvVErEC+46ZMIhlMlKaq7A+XI6dRKcYEz9XrXzjn5
QxpvJyhzEeSaTGQrJhNt/zVsqBsEGTXkn1NgLn3JIWc4EP/LSEm50ItCUp+I6MEj
4137VNa6Km4ML8DeIvgAGXdwY8+HG9nHmn+eZURjn1PfcjN8ODEW973NvaVsW8f4
/PChZ/jRtIP7NAaLbzu6csegfzAynXG5VB+8EJU3RuKwGVA6zeJ+OmeaDTo4Q/Z5
5oc8BfQsZH06/LTL9LF4pxKJALFo
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:05 2025 by rpki-client