Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32967F5EFF3B11EF92105480762E951A.roa
File: 32967F5EFF3B11EF92105480762E951A.roa (raw, json)
Hash identifier: JDagrvjBied+0xATD1CyavjBwpb+luwJa0k69q0dYU4=
Subject key identifier: FF:04:6C:B2:40:F0:47:69:11:F8:5D:31:E4:4F:F0:AA:ED:AD:0B:CD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01456D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32967F5EFF3B11EF92105480762E951A.roa
Signing time: Wed 12 Mar 2025 12:11:59 +0000
ROA not before: Wed 12 Mar 2025 12:11:55 +0000
ROA not after: Mon 05 May 2025 12:11:55 +0000
asID: 399195
IP address blocks: 156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83309 (0x1456d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 12 12:11:55 2025 GMT
Not After : May 5 12:11:55 2025 GMT
Subject: CN=67d17a0f-02d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b4:cb:78:45:44:6a:c4:6e:63:72:4c:dd:65:
59:d3:c4:31:45:a1:7d:4c:ff:64:99:03:d6:dc:31:
3b:e5:04:13:f9:92:ec:79:11:6b:19:61:82:d9:fc:
70:00:5d:a7:6f:31:02:f6:5c:c4:e8:41:7f:c2:12:
7a:50:1e:a3:25:42:1c:3b:6e:47:18:e7:45:de:04:
60:0f:dc:bd:7d:f7:8a:41:7d:34:07:cc:a9:1c:c1:
8b:da:73:c2:b0:3e:a8:38:25:84:d4:71:bb:4c:95:
e9:c2:15:fb:81:61:82:de:90:ae:4a:a2:d9:bf:81:
16:50:38:4c:48:a3:bc:e5:5e:01:a8:bc:cb:52:ee:
aa:a9:a0:de:86:ad:43:34:dc:c2:a3:82:3c:77:46:
e0:7d:b8:42:2e:af:e9:e4:74:00:1f:39:15:62:7d:
cc:9a:e1:a1:2b:ca:df:f3:0e:47:8c:8a:3d:1c:8e:
50:f0:47:89:1a:1e:93:83:49:16:50:77:7f:f8:a7:
53:0d:a6:61:34:6f:99:e1:72:3e:9f:65:36:16:8e:
c4:76:07:c7:5f:a9:71:90:57:65:de:c1:88:50:9b:
1e:1b:d4:b3:d6:2f:a6:76:11:29:7f:28:d5:ca:d9:
38:70:32:47:89:86:dc:db:a2:28:d8:4e:e8:a8:ad:
a1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:04:6C:B2:40:F0:47:69:11:F8:5D:31:E4:4F:F0:AA:ED:AD:0B:CD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/32967F5EFF3B11EF92105480762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0-156.229.223.255
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
11:aa:1d:41:16:69:22:e2:f1:09:61:ce:50:50:f6:77:e6:5f:
c2:d7:de:cb:04:83:4a:c5:3b:64:b6:b3:0f:fa:74:8b:70:e2:
d2:76:d5:8e:26:f9:5f:40:f3:a2:18:55:8f:cb:28:e0:cb:31:
a3:f1:30:02:16:66:34:c5:ed:dd:2e:c6:c9:86:3b:38:63:84:
43:28:70:57:47:d3:15:b4:52:18:e6:d2:05:e7:b8:22:aa:12:
83:84:22:16:1d:ed:d6:bc:b6:da:cb:6d:fb:47:2d:e3:d5:bd:
f4:01:90:c0:71:b5:37:2d:53:d6:8e:d1:65:59:75:ab:2a:0e:
f4:72:df:83:76:c6:cc:f2:22:cb:1d:44:aa:18:d9:2e:48:be:
64:7e:d5:6e:e4:fd:1e:34:2d:11:d3:46:6c:76:25:ff:2a:f9:
9e:1b:4c:ba:4e:e3:0c:16:47:6b:39:43:ca:56:54:09:8e:84:
81:89:da:f6:28:33:f6:8b:b2:e4:1d:b3:f6:0d:a1:08:77:f1:
ca:b1:eb:67:4b:0d:da:a3:65:0e:f7:10:fe:0f:3a:eb:70:0c:
cd:98:f5:e1:75:76:da:8f:bb:ce:b0:6f:cc:39:92:55:88:dd:
d2:2c:58:11:32:48:65:7b:c4:5d:51:62:0d:8a:d4:2b:22:2e:
12:ae:94:44
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAUVtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEyMTIxMTU1WhcNMjUwNTA1MTIxMTU1WjAYMRYw
FAYDVQQDEw02N2QxN2EwZi0wMmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwLTLeEVEasRuY3JM3WVZ08QxRaF9TP9kmQPW3DE75QQT+ZLseRFrGWGC
2fxwAF2nbzEC9lzE6EF/whJ6UB6jJUIcO25HGOdF3gRgD9y9ffeKQX00B8ypHMGL
2nPCsD6oOCWE1HG7TJXpwhX7gWGC3pCuSqLZv4EWUDhMSKO85V4BqLzLUu6qqaDe
hq1DNNzCo4I8d0bgfbhCLq/p5HQAHzkVYn3MmuGhK8rf8w5HjIo9HI5Q8EeJGh6T
g0kWUHd/+KdTDaZhNG+Z4XI+n2U2Fo7EdgfHX6lxkFdl3sGIUJseG9Sz1i+mdhEp
fyjVytk4cDJHiYbc26Io2E7oqK2hWwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFP8E
bLJA8EdpEfhdMeRP8KrtrQvNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMjk2N0Y1RUZGM0IxMUVGOTIxMDU0ODA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBASc5bADBAWc5cAwDAMEBJz8
kAMEBJz8oDANBgkqhkiG9w0BAQsFAAOCAQEAEaodQRZpIuLxCWHOUFD2d+Zfwtfe
ywSDSsU7ZLazD/p0i3Di0nbVjib5X0DzohhVj8so4Msxo/EwAhZmNMXt3S7GyYY7
OGOEQyhwV0fTFbRSGObSBee4IqoSg4QiFh3t1ry22stt+0ct49W99AGQwHG1Ny1T
1o7RZVl1qyoO9HLfg3bGzPIiyx1EqhjZLki+ZH7VbuT9HjQtEdNGbHYl/yr5nhtM
uk7jDBZHazlDylZUCY6EgYna9igz9ouy5B2z9g2hCHfxyrHrZ0sN2qNlDvcQ/g86
63AMzZj14XV22o+7zrBvzDmSVYjd0ixYETJIZXvEXVFiDYrUKyIuEq6URA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:41 2025 by rpki-client