Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33B0C2B2F42011EF9996E064762E951A.roa
File: 33B0C2B2F42011EF9996E064762E951A.roa (raw, json)
Hash identifier: ExuYkhOnKpiC3f50Afxy7/qaHUeoJkQ7IEC5uKYO4BQ=
Subject key identifier: E3:D0:7A:46:82:A4:67:1E:3D:FC:A5:BA:DB:A0:EC:07:EF:B4:D0:F6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013040
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33B0C2B2F42011EF9996E064762E951A.roa
Signing time: Wed 26 Feb 2025 09:01:01 +0000
ROA not before: Wed 26 Feb 2025 09:00:58 +0000
ROA not after: Thu 19 Feb 2026 09:00:58 +0000
asID: 984
IP address blocks: 156.252.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77888 (0x13040)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 09:00:58 2025 GMT
Not After : Feb 19 09:00:58 2026 GMT
Subject: CN=67bed84d-201b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3d:79:a6:36:2f:c8:68:07:4a:01:53:9b:84:
4f:b4:17:4d:cb:fa:6e:ab:18:40:31:3c:1f:e0:5c:
50:90:e9:b3:ff:0b:a3:c9:c8:ed:32:0f:4d:7f:28:
a3:89:8b:17:f5:d8:f6:53:3a:d0:84:a0:a7:9e:aa:
c8:3b:c6:c5:f2:7a:5b:5c:cd:a2:8f:de:a4:78:36:
af:9b:a2:7b:db:dc:04:e9:39:af:de:89:5c:df:97:
33:d6:dd:0c:8e:8b:7d:01:2f:8a:6a:ed:e8:68:a4:
13:56:ba:a0:d1:05:ff:47:21:6d:27:4b:7f:ec:b5:
07:17:fc:ec:fe:a3:23:39:d1:d2:6d:41:dc:13:cb:
76:9a:9e:08:fc:7e:57:94:c3:92:6d:01:a2:1f:04:
d7:d2:ad:f2:bd:de:91:e6:65:05:30:2b:7e:e6:01:
dd:92:8b:05:1c:45:e7:1c:ce:2d:d9:c5:0d:fd:cf:
46:47:21:0a:b5:a9:3c:e7:1d:96:77:70:26:db:8a:
c1:20:c6:82:f4:c2:b1:bd:16:e6:bf:80:d6:8d:30:
d7:49:59:50:4d:95:11:a8:77:b1:ca:32:37:e7:af:
4d:95:c7:8d:fc:8c:a1:00:2b:28:66:75:d5:7d:26:
58:63:2e:83:67:54:fc:29:07:c2:4e:c0:2c:2b:ff:
66:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D0:7A:46:82:A4:67:1E:3D:FC:A5:BA:DB:A0:EC:07:EF:B4:D0:F6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33B0C2B2F42011EF9996E064762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.39.0/24
Signature Algorithm: sha256WithRSAEncryption
41:e3:e1:a9:b6:16:f6:b6:a5:63:1c:f4:95:dd:d4:b5:8d:48:
13:37:9a:ba:4b:6b:40:1b:f3:e6:04:de:3b:5a:5c:64:37:82:
70:14:2c:ed:c6:65:1f:d5:59:d4:74:28:03:1d:4b:4a:5a:0c:
1e:6b:ba:02:78:ad:3c:63:50:a3:5d:f5:4a:26:62:a2:5f:cb:
f9:8b:f9:a8:65:aa:52:89:ca:88:89:c1:1f:a1:1a:99:51:cc:
d5:de:41:b1:b0:54:9c:24:db:98:d6:5e:76:ec:b0:db:25:96:
e7:8c:b4:cc:53:ec:32:43:32:2d:25:00:c5:c6:c4:21:6d:7f:
92:f5:99:c4:82:7c:1c:dd:70:e3:82:27:f9:1f:d6:f2:3d:38:
51:f1:e5:f7:69:32:76:88:76:73:68:a3:a6:4e:05:da:8e:ea:
b9:e1:25:ed:d3:a0:cc:f8:6b:73:f3:4b:76:79:bb:a6:cb:84:
fa:a8:0e:ed:a1:9b:f4:83:95:fd:85:39:a1:e1:05:d2:b5:f6:
0b:50:f5:ed:50:14:12:6f:e9:aa:70:13:7a:cf:5f:a0:45:76:
19:96:26:26:0b:24:a7:37:82:49:f2:d6:a8:72:ca:43:e5:94:
3a:08:1e:bf:8f:ca:5e:b0:44:ef:b9:71:bd:20:0e:5e:c7:16:
0a:db:1f:de
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATBAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDkwMDU4WhcNMjYwMjE5MDkwMDU4WjAYMRYw
FAYDVQQDEw02N2JlZDg0ZC0yMDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzD15pjYvyGgHSgFTm4RPtBdNy/puqxhAMTwf4FxQkOmz/wujycjtMg9N
fyijiYsX9dj2UzrQhKCnnqrIO8bF8npbXM2ij96keDavm6J729wE6Tmv3olc35cz
1t0Mjot9AS+Kau3oaKQTVrqg0QX/RyFtJ0t/7LUHF/zs/qMjOdHSbUHcE8t2mp4I
/H5XlMOSbQGiHwTX0q3yvd6R5mUFMCt+5gHdkosFHEXnHM4t2cUN/c9GRyEKtak8
5x2Wd3Am24rBIMaC9MKxvRbmv4DWjTDXSVlQTZURqHexyjI3569NlceN/IyhACso
ZnXVfSZYYy6DZ1T8KQfCTsAsK/9m8wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOPQ
ekaCpGcePfylutug7AfvtND2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zM0IwQzJCMkY0MjAxMUVGOTk5NkUwNjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwnMA0GCSqGSIb3DQEBCwUA
A4IBAQBB4+Gpthb2tqVjHPSV3dS1jUgTN5q6S2tAG/PmBN47WlxkN4JwFCztxmUf
1VnUdCgDHUtKWgwea7oCeK08Y1CjXfVKJmKiX8v5i/moZapSicqIicEfoRqZUczV
3kGxsFScJNuY1l527LDbJZbnjLTMU+wyQzItJQDFxsQhbX+S9ZnEgnwc3XDjgif5
H9byPThR8eX3aTJ2iHZzaKOmTgXajuq54SXt06DM+Gtz80t2ebumy4T6qA7toZv0
g5X9hTmh4QXStfYLUPXtUBQSb+mqcBN6z1+gRXYZliYmCySnN4JJ8taocspD5ZQ6
CB6/j8pesETvuXG9IA5exxYK2x/e
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:00 2025 by rpki-client