Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/384395C4F99E11EFB8D3766F762E951A.roa
File: 384395C4F99E11EFB8D3766F762E951A.roa (raw, json)
Hash identifier: qC1vN5mkV9h8s8T7LZR6zOD0DCiww36/rHCRfmcy6no=
Subject key identifier: B6:C8:33:CA:F0:C9:CB:82:48:FA:1E:7A:48:F1:C6:D8:93:A0:CE:92
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01433E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/384395C4F99E11EFB8D3766F762E951A.roa
Signing time: Wed 05 Mar 2025 08:45:42 +0000
ROA not before: Wed 05 Mar 2025 08:45:38 +0000
ROA not after: Wed 31 Dec 2025 08:45:38 +0000
asID: 17561
IP address blocks: 156.254.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82750 (0x1433e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 5 08:45:38 2025 GMT
Not After : Dec 31 08:45:38 2025 GMT
Subject: CN=67c80f35-5a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:40:36:d8:b8:5b:50:6a:23:0b:6b:89:59:7a:
e1:dc:a2:b6:a6:9e:1f:cf:37:47:99:a1:63:16:e2:
ca:5f:c5:b5:8f:f4:b5:99:52:7f:e6:f1:72:de:ba:
f9:07:e5:cb:c5:2b:2b:aa:d0:45:64:70:f2:b6:47:
ac:ec:6a:2d:30:60:3f:4a:c3:8e:e2:df:8a:b4:92:
56:50:51:01:45:03:97:d9:e7:89:cf:5c:0f:4b:16:
36:13:cb:ce:49:51:6c:c1:39:32:7e:8f:5b:63:e0:
be:94:bd:5d:04:8b:15:a7:a3:38:da:00:6f:71:c9:
f5:7b:8d:07:02:52:14:60:2a:ad:34:13:3e:7e:5c:
21:dc:01:33:a2:3d:c3:23:4d:9b:71:a3:68:4c:a5:
f7:f0:a7:67:a0:f9:47:d1:8d:31:e4:20:f2:51:48:
c6:15:bc:2d:c5:74:47:42:4e:54:92:49:40:76:69:
34:e5:0f:c4:3f:e1:e1:14:4a:11:34:6a:6d:4b:21:
08:ed:25:af:b5:cf:c4:15:eb:5b:05:c1:f0:b0:33:
96:7e:b1:55:4e:d7:1c:5d:00:42:fe:c4:6c:34:0e:
6a:9d:29:21:ee:61:a3:0d:d4:25:4c:1b:c3:97:c6:
79:73:b9:aa:90:47:9b:51:7a:ad:ab:9a:d3:04:6b:
b2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C8:33:CA:F0:C9:CB:82:48:FA:1E:7A:48:F1:C6:D8:93:A0:CE:92
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/384395C4F99E11EFB8D3766F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.96.0/20
Signature Algorithm: sha256WithRSAEncryption
61:a5:ae:60:b3:f7:37:4b:86:4e:5e:01:5c:ad:8e:3e:1e:d1:
3c:05:d0:b3:54:97:07:d5:e5:50:67:02:cd:88:ff:68:72:36:
00:58:bf:df:5f:64:1c:bc:b7:5f:3a:81:31:ea:e9:08:27:f0:
be:15:4b:b9:f7:ca:db:5d:fd:fd:75:7b:a2:30:57:ce:ca:37:
3c:e4:7a:b9:bf:f0:4d:34:25:c9:56:8e:a0:0f:92:4e:42:5d:
c4:89:78:db:a8:93:5d:5e:62:09:ee:27:cc:6c:47:97:02:ce:
1b:37:a2:b5:63:4f:49:e8:d4:b3:42:96:eb:c6:f8:d9:5a:bd:
3b:ca:f0:b3:2b:b6:d4:4c:08:c0:4c:df:ee:53:85:1e:fe:2c:
cd:30:09:5c:38:3b:0f:cc:a4:17:2b:3f:8b:bc:69:4d:59:c5:
39:2f:67:4c:af:30:73:02:66:d5:06:bc:61:80:e6:4b:4c:ee:
95:58:93:cd:4f:4d:79:a5:42:42:15:e3:e5:9a:dc:a2:43:3d:
c2:6b:92:c6:60:c9:5b:b8:3d:7e:2d:a7:d5:f0:93:2c:4b:10:
40:1a:d7:34:7c:20:76:5d:42:0f:4e:ad:93:00:43:27:2d:e3:
fe:90:e2:c8:40:c2:87:55:a3:16:1d:8a:e1:d3:97:68:3b:04:
00:0f:77:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUM+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA1MDg0NTM4WhcNMjUxMjMxMDg0NTM4WjAYMRYw
FAYDVQQDEw02N2M4MGYzNS01YTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs0A22LhbUGojC2uJWXrh3KK2pp4fzzdHmaFjFuLKX8W1j/S1mVJ/5vFy
3rr5B+XLxSsrqtBFZHDytkes7GotMGA/SsOO4t+KtJJWUFEBRQOX2eeJz1wPSxY2
E8vOSVFswTkyfo9bY+C+lL1dBIsVp6M42gBvccn1e40HAlIUYCqtNBM+flwh3AEz
oj3DI02bcaNoTKX38KdnoPlH0Y0x5CDyUUjGFbwtxXRHQk5UkklAdmk05Q/EP+Hh
FEoRNGptSyEI7SWvtc/EFetbBcHwsDOWfrFVTtccXQBC/sRsNA5qnSkh7mGjDdQl
TBvDl8Z5c7mqkEebUXqtq5rTBGuy4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLbI
M8rwycuCSPoeekjxxtiToM6SMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zODQzOTVDNEY5OUUxMUVGQjhEMzc2NkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnP5gMA0GCSqGSIb3DQEBCwUA
A4IBAQBhpa5gs/c3S4ZOXgFcrY4+HtE8BdCzVJcH1eVQZwLNiP9ocjYAWL/fX2Qc
vLdfOoEx6ukIJ/C+FUu598rbXf39dXuiMFfOyjc85Hq5v/BNNCXJVo6gD5JOQl3E
iXjbqJNdXmIJ7ifMbEeXAs4bN6K1Y09J6NSzQpbrxvjZWr07yvCzK7bUTAjATN/u
U4Ue/izNMAlcODsPzKQXKz+LvGlNWcU5L2dMrzBzAmbVBrxhgOZLTO6VWJPNT015
pUJCFePlmtyiQz3Ca5LGYMlbuD1+LafV8JMsSxBAGtc0fCB2XUIPTq2TAEMnLeP+
kOLIQMKHVaMWHYrh05doOwQAD3cP
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:24 2025 by rpki-client