Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AB11F820CD311F08B7B6B9F762E951A.roa
File: 3AB11F820CD311F08B7B6B9F762E951A.roa (raw, json)
Hash identifier: HI2nkYLHteGBxLdHuNLD2MSSAuycWzL4SAP1iBYRJVQ=
Subject key identifier: 8B:B3:B7:85:F1:37:AE:06:C8:B3:7B:41:EB:26:75:0B:41:C1:62:BF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014900
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AB11F820CD311F08B7B6B9F762E951A.roa
Signing time: Sat 29 Mar 2025 19:23:01 +0000
ROA not before: Sat 29 Mar 2025 19:22:57 +0000
ROA not after: Mon 07 Apr 2025 19:22:57 +0000
asID: 7018
IP address blocks: 156.233.0.0/23 maxlen: 24
156.238.0.0/23 maxlen: 24
156.246.26.0/23 maxlen: 24
156.248.92.0/22 maxlen: 24
156.248.104.0/22 maxlen: 24
156.248.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:26:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84224 (0x14900)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 29 19:22:57 2025 GMT
Not After : Apr 7 19:22:57 2025 GMT
Subject: CN=67e84895-bdc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:73:64:fe:f8:89:58:b4:bc:47:46:2e:41:
80:15:d0:25:d3:6f:f8:0b:e4:78:c4:c0:08:a0:80:
c7:83:2b:31:98:9f:18:8b:b6:0f:a2:2b:14:7b:f2:
5e:8b:41:ec:e9:1d:46:95:28:97:03:2f:eb:a3:38:
6d:4d:2e:be:73:a3:de:df:7d:0a:a6:05:a8:10:00:
28:2e:5b:94:50:20:42:b9:63:3b:5f:84:55:f3:b2:
db:ce:63:e8:34:48:b5:3a:47:64:5f:cc:9e:64:fc:
15:3f:f1:e6:24:54:cc:3f:8e:c4:11:04:c9:ad:51:
74:2c:ab:91:6f:43:25:1d:4a:29:62:10:c2:09:22:
11:44:44:ff:1d:30:40:ca:2a:15:bb:b2:1c:dc:3e:
24:a0:1c:72:4e:c2:80:b8:5b:13:96:ff:9d:67:22:
f8:9e:6b:d9:c8:b4:a0:93:87:b7:15:d5:2d:41:84:
c8:67:2a:6d:78:47:3c:e7:8d:3e:f9:9a:3c:72:5f:
6e:d7:9b:59:ce:8b:51:87:56:e5:c0:d0:6b:a5:8c:
20:75:aa:b6:70:6c:69:6b:8c:75:5d:e9:92:2c:0b:
dd:6e:2b:71:99:e9:cd:b3:7b:54:cd:d6:f6:8a:9d:
41:10:35:94:15:f6:a4:0f:68:fb:3a:1a:2c:cc:dc:
a8:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B3:B7:85:F1:37:AE:06:C8:B3:7B:41:EB:26:75:0B:41:C1:62:BF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3AB11F820CD311F08B7B6B9F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.0.0/23
156.238.0.0/23
156.246.26.0/23
156.248.92.0/22
156.248.104.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:c1:ea:a1:50:2e:87:29:7b:be:9f:da:65:db:4a:ad:37:cb:
2d:01:ed:85:0a:c6:01:6b:fe:91:85:59:25:ea:ee:b3:8a:9e:
9e:c2:4a:fe:dd:1c:56:01:27:1f:15:1a:0d:d3:8b:4e:69:2e:
45:fa:09:8b:90:91:3e:f7:66:82:fb:cc:9b:ca:ea:0c:bd:b4:
f0:42:dc:c7:ed:d2:89:ec:21:3b:9d:c8:4f:1c:ca:a5:38:85:
c0:d4:71:06:fd:c8:ed:b8:af:77:e9:dd:a6:37:2e:b5:19:5b:
72:e0:e9:79:2f:18:84:bb:9d:83:f1:44:6c:cc:dc:5d:e2:80:
47:a6:01:30:80:a4:8f:c9:d3:c1:6a:9f:72:0f:14:d1:a4:c0:
17:94:0c:a2:5b:8a:0f:5f:4c:74:cd:bb:97:80:63:4c:2c:04:
d6:62:94:35:98:4f:9c:fb:7f:e5:7b:ac:ce:a4:c0:c2:ef:97:
8e:1e:a8:56:d5:00:e2:9c:f2:08:56:e1:3b:d0:80:99:f0:f4:
95:ea:53:4b:0f:2b:e3:f3:5e:42:80:be:c7:1d:70:07:f5:d8:
80:a1:5c:b3:28:c7:1b:21:0f:18:9a:9d:a8:5e:d4:6f:3b:bf:
e4:9f:39:f9:e3:59:e6:1d:61:33:c1:8e:5b:7a:c8:8e:e9:91:
67:75:76:2e
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIDAUkAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTkyMjU3WhcNMjUwNDA3MTkyMjU3WjAYMRYw
FAYDVQQDEw02N2U4NDg5NS1iZGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApwtzZP74iVi0vEdGLkGAFdAl02/4C+R4xMAIoIDHgysxmJ8Yi7YPoisU
e/Jei0Hs6R1GlSiXAy/rozhtTS6+c6Pe330KpgWoEAAoLluUUCBCuWM7X4RV87Lb
zmPoNEi1OkdkX8yeZPwVP/HmJFTMP47EEQTJrVF0LKuRb0MlHUopYhDCCSIRRET/
HTBAyioVu7Ic3D4koBxyTsKAuFsTlv+dZyL4nmvZyLSgk4e3FdUtQYTIZypteEc8
540++Zo8cl9u15tZzotRh1blwNBrpYwgdaq2cGxpa4x1XemSLAvdbitxmenNs3tU
zdb2ip1BEDWUFfakD2j7OhoszNyo2wIDAQABo4ICujCCArYwHQYDVR0OBBYEFIuz
t4XxN64GyLN7QesmdQtBwWK/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQUIxMUY4MjBDRDMxMUYwOEI3QjZCOUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBnOkAAwQBnO4AAwQBnPYaAwQC
nPhcAwQDnPhoMA0GCSqGSIb3DQEBCwUAA4IBAQAsweqhUC6HKXu+n9pl20qtN8st
Ae2FCsYBa/6RhVkl6u6zip6ewkr+3RxWAScfFRoN04tOaS5F+gmLkJE+92aC+8yb
yuoMvbTwQtzH7dKJ7CE7nchPHMqlOIXA1HEG/cjtuK936d2mNy61GVty4Ol5LxiE
u52D8URszNxd4oBHpgEwgKSPydPBap9yDxTRpMAXlAyiW4oPX0x0zbuXgGNMLATW
YpQ1mE+c+3/le6zOpMDC75eOHqhW1QDinPIIVuE70ICZ8PSV6lNLDyvj815CgL7H
HXAH9diAoVyzKMcbIQ8Ymp2oXtRvO7/knzn541nmHWEzwY5besiO6ZFndXYu
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:47:52 2025 by rpki-client