Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39D0DEDCF4A411EFAE6FBE75762E951A.roa
File: 39D0DEDCF4A411EFAE6FBE75762E951A.roa (raw, json)
Hash identifier: Wo9U66kdfHuZPZmz9Taf4YCW77KU3VUIyp6/e9PmJWQ=
Subject key identifier: 25:24:D5:D1:41:41:F8:74:55:54:A3:90:61:FB:91:CD:59:BC:D6:DB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01388B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39D0DEDCF4A411EFAE6FBE75762E951A.roa
Signing time: Thu 27 Feb 2025 00:46:05 +0000
ROA not before: Thu 27 Feb 2025 00:00:02 +0000
ROA not after: Sat 19 Feb 2028 00:00:02 +0000
asID: 17561
IP address blocks: 156.229.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80011 (0x1388b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 27 00:00:02 2025 GMT
Not After : Feb 19 00:00:02 2028 GMT
Subject: CN=67bfb5cd-f057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9f:36:e9:20:3d:0a:68:ba:bc:7b:13:5d:7b:
ea:3d:30:73:86:97:af:18:77:ae:b2:ed:fa:5a:64:
8c:90:a1:89:96:0a:95:c0:cb:4c:44:9f:3e:b0:49:
23:cd:b2:eb:6d:8b:7a:15:d7:b6:fd:bd:39:7e:ab:
1b:8e:47:46:2d:86:69:cd:43:39:b5:f6:23:2e:88:
20:29:bb:0a:5a:56:a1:07:31:a2:d3:df:0e:e9:26:
6a:0a:b2:92:ba:fd:f9:31:21:e7:8d:b7:65:98:7d:
4d:f4:21:d9:54:23:ad:39:3c:4d:35:e2:9d:8b:29:
9c:bd:51:58:ef:f5:1a:13:09:b1:48:39:c8:3c:55:
c2:5c:dc:5f:7b:75:6c:39:70:7a:11:33:61:2f:47:
81:3a:c1:2a:57:0c:56:b5:d7:f7:a0:79:b3:35:f2:
11:d9:9a:85:dc:e5:1b:2d:53:a0:d8:d7:30:10:51:
67:89:55:08:0b:9b:56:37:d2:32:e3:13:56:87:27:
62:d9:4d:13:64:51:74:de:05:b5:55:e0:75:60:40:
5a:55:d6:34:4b:8c:ef:c6:b1:7d:58:d8:87:3d:08:
98:dc:73:22:90:de:8c:ab:09:6f:6b:2d:66:4a:f4:
9f:99:6a:f9:82:dd:d0:ea:ce:3c:88:d1:48:b2:80:
2d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:24:D5:D1:41:41:F8:74:55:54:A3:90:61:FB:91:CD:59:BC:D6:DB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/39D0DEDCF4A411EFAE6FBE75762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.120.0/24
Signature Algorithm: sha256WithRSAEncryption
67:1a:e1:2d:9a:b5:4a:c9:40:f6:35:35:29:99:45:3f:20:76:
41:fa:9f:4b:71:5c:6a:5b:ab:eb:2d:a6:e7:b5:06:a3:f2:62:
09:5d:b0:b5:e2:11:97:fc:e1:e3:19:d4:5a:83:bc:84:cd:ef:
93:cc:64:17:54:94:b8:14:19:d3:52:b6:e4:9c:d7:fb:87:76:
57:ca:19:37:71:21:aa:56:ae:6e:78:20:4a:00:a5:77:5f:dc:
d3:e0:de:02:5f:6e:72:27:88:a5:be:05:b8:da:6f:7b:c8:69:
e7:73:ac:03:1a:4f:19:59:fb:51:c7:e7:ad:3f:a3:50:af:95:
10:37:cf:04:a7:bc:62:61:7c:fc:77:41:4c:6f:dd:db:29:56:
f3:f2:7b:2e:90:cb:ae:b2:30:65:99:56:e3:56:61:fa:eb:72:
f7:e8:20:aa:ef:0d:d5:c9:6b:8d:d7:28:04:f4:87:84:7d:ca:
22:58:e3:80:54:86:67:24:80:35:6d:be:85:92:e5:4a:0b:99:
d8:98:7a:7d:a0:2a:2d:72:9a:43:e0:34:42:e8:b1:6b:5f:eb:
3e:3d:7b:f9:1a:6f:3b:72:67:2d:fa:b7:82:29:e5:d5:8a:b6:
72:e7:21:df:a6:da:b5:5c:7d:cc:a8:89:9d:1b:0c:25:10:e9:
99:93:e6:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATiLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI3MDAwMDAyWhcNMjgwMjE5MDAwMDAyWjAYMRYw
FAYDVQQDEw02N2JmYjVjZC1mMDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArZ826SA9Cmi6vHsTXXvqPTBzhpevGHeusu36WmSMkKGJlgqVwMtMRJ8+
sEkjzbLrbYt6Fde2/b05fqsbjkdGLYZpzUM5tfYjLoggKbsKWlahBzGi098O6SZq
CrKSuv35MSHnjbdlmH1N9CHZVCOtOTxNNeKdiymcvVFY7/UaEwmxSDnIPFXCXNxf
e3VsOXB6ETNhL0eBOsEqVwxWtdf3oHmzNfIR2ZqF3OUbLVOg2NcwEFFniVUIC5tW
N9Iy4xNWhydi2U0TZFF03gW1VeB1YEBaVdY0S4zvxrF9WNiHPQiY3HMikN6Mqwlv
ay1mSvSfmWr5gt3Q6s48iNFIsoAtuQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCUk
1dFBQfh0VVSjkGH7kc1ZvNbbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zOUQwREVEQ0Y0QTQxMUVGQUU2RkJFNzU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOV4MA0GCSqGSIb3DQEBCwUA
A4IBAQBnGuEtmrVKyUD2NTUpmUU/IHZB+p9LcVxqW6vrLabntQaj8mIJXbC14hGX
/OHjGdRag7yEze+TzGQXVJS4FBnTUrbknNf7h3ZXyhk3cSGqVq5ueCBKAKV3X9zT
4N4CX25yJ4ilvgW42m97yGnnc6wDGk8ZWftRx+etP6NQr5UQN88Ep7xiYXz8d0FM
b93bKVbz8nsukMuusjBlmVbjVmH663L36CCq7w3VyWuN1ygE9IeEfcoiWOOAVIZn
JIA1bb6FkuVKC5nYmHp9oCotcppD4DRC6LFrX+s+PXv5Gm87cmct+reCKeXVirZy
5yHfptq1XH3MqImdGwwlEOmZk+Yy
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:16:53 2025 by rpki-client