Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3816D8D2F45211EF899BD146762E951A.roa
File: 3816D8D2F45211EF899BD146762E951A.roa (raw, json)
Hash identifier: y1y+QI8cB4AnrzWTe7IyCP9eeIo77T8wVjFO0qUFY6E=
Subject key identifier: 67:B8:C8:9E:28:D1:91:3B:D9:B8:34:0C:05:93:39:92:B7:ED:D4:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013406
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3816D8D2F45211EF899BD146762E951A.roa
Signing time: Wed 26 Feb 2025 14:59:04 +0000
ROA not before: Wed 26 Feb 2025 14:59:00 +0000
ROA not after: Thu 19 Feb 2026 14:59:00 +0000
asID: 984
IP address blocks: 156.231.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78854 (0x13406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 14:59:00 2025 GMT
Not After : Feb 19 14:59:00 2026 GMT
Subject: CN=67bf2c38-28fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e7:7d:c5:49:67:10:aa:ba:43:63:f6:88:dd:
ea:f8:f0:5b:b9:4d:25:34:28:30:67:14:4f:b2:e0:
25:23:c1:34:17:18:f2:41:4e:4f:35:85:33:75:5b:
7c:00:9a:bb:57:1f:ea:9d:0f:e0:a1:e9:82:71:39:
51:49:c5:57:f4:66:8e:2d:fa:75:99:a9:3b:fe:92:
0e:70:a1:0e:b2:db:5f:c0:5e:ca:a0:86:96:37:7d:
75:ff:27:c1:f1:da:0c:f0:9b:1b:9b:95:3d:3f:79:
ae:d0:94:19:b8:23:a6:e5:d6:64:fe:6c:f6:8e:9e:
de:7e:54:67:7b:34:d5:6f:7f:8b:e0:4b:97:ec:02:
fa:5f:d4:8f:e2:f0:05:a6:41:5c:f4:0d:4f:77:b8:
f8:1e:f7:f8:44:6c:c9:6c:cd:ca:fc:b0:0e:18:1f:
00:26:f7:da:25:c2:b3:ac:fc:ab:00:47:19:88:29:
1e:04:b8:82:3e:0e:dc:e5:26:a1:f3:cc:c7:4c:7f:
2e:c4:14:24:87:28:2f:e8:c5:17:e8:99:55:74:b4:
22:e6:86:42:18:92:7f:37:dd:24:7f:01:fd:d9:51:
f3:5d:1e:a0:d8:c0:3a:05:cf:c8:c6:45:7c:90:d1:
f7:f1:fb:97:83:0e:ba:c2:fc:c1:af:16:d3:a1:49:
3e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B8:C8:9E:28:D1:91:3B:D9:B8:34:0C:05:93:39:92:B7:ED:D4:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3816D8D2F45211EF899BD146762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.199.0/24
Signature Algorithm: sha256WithRSAEncryption
71:a1:81:1d:ba:25:bb:2e:b0:da:d7:00:36:91:c6:a7:9c:83:
8d:2e:93:c7:2d:db:76:57:0c:d7:af:86:99:53:ae:c3:78:ee:
0c:91:c4:03:32:ee:bb:84:fe:0b:fa:d4:75:9d:11:8e:a6:e5:
0e:5a:e6:a2:5a:db:7b:a9:41:39:36:e2:1b:48:ac:4c:c0:6a:
1b:43:15:35:9e:51:ef:94:16:c3:67:ec:03:da:92:69:97:d1:
df:a8:bc:37:8b:5b:aa:bd:e9:cd:67:ea:7c:6d:86:59:fa:02:
87:64:98:1a:94:1e:84:a0:eb:e4:e3:d8:ac:6f:07:bd:68:20:
eb:c7:ce:f6:b9:b0:87:ec:b7:19:dc:6a:c9:20:06:9f:70:9e:
07:5a:60:c7:d4:d3:b1:68:a1:12:5e:bc:36:34:e1:2d:07:88:
66:c3:74:83:3b:6f:81:6f:c1:98:21:9d:0c:6b:13:85:cf:fa:
cc:fe:93:f0:ba:b5:18:d8:f1:23:11:b1:a3:87:61:b0:55:f0:
01:b0:88:24:3f:fe:6d:da:c5:18:d0:f0:39:83:5b:d3:5d:c9:
9d:90:ff:0a:32:f2:57:13:13:0e:97:8b:ca:fa:18:1d:21:d0:
fe:13:f4:eb:f9:71:2e:91:af:6d:6b:78:d7:5d:58:94:02:69:
c6:38:3c:df
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATQGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTQ1OTAwWhcNMjYwMjE5MTQ1OTAwWjAYMRYw
FAYDVQQDEw02N2JmMmMzOC0yOGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5ed9xUlnEKq6Q2P2iN3q+PBbuU0lNCgwZxRPsuAlI8E0FxjyQU5PNYUz
dVt8AJq7Vx/qnQ/goemCcTlRScVX9GaOLfp1mak7/pIOcKEOsttfwF7KoIaWN311
/yfB8doM8Jsbm5U9P3mu0JQZuCOm5dZk/mz2jp7eflRnezTVb3+L4EuX7AL6X9SP
4vAFpkFc9A1Pd7j4Hvf4RGzJbM3K/LAOGB8AJvfaJcKzrPyrAEcZiCkeBLiCPg7c
5Sah88zHTH8uxBQkhygv6MUX6JlVdLQi5oZCGJJ/N90kfwH92VHzXR6g2MA6Bc/I
xkV8kNH38fuXgw66wvzBrxbToUk+TwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGe4
yJ4o0ZE72bg0DAWTOZK37dTuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zODE2RDhEMkY0NTIxMUVGODk5QkQxNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOfHMA0GCSqGSIb3DQEBCwUA
A4IBAQBxoYEduiW7LrDa1wA2kcannIONLpPHLdt2VwzXr4aZU67DeO4MkcQDMu67
hP4L+tR1nRGOpuUOWuaiWtt7qUE5NuIbSKxMwGobQxU1nlHvlBbDZ+wD2pJpl9Hf
qLw3i1uqvenNZ+p8bYZZ+gKHZJgalB6EoOvk49isbwe9aCDrx872ubCH7LcZ3GrJ
IAafcJ4HWmDH1NOxaKESXrw2NOEtB4hmw3SDO2+Bb8GYIZ0MaxOFz/rM/pPwurUY
2PEjEbGjh2GwVfABsIgkP/5t2sUY0PA5g1vTXcmdkP8KMvJXExMOl4vK+hgdIdD+
E/Tr+XEuka9ta3jXXViUAmnGODzf
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:21 2025 by rpki-client