Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D3EFA9EF45011EFB757D7B6762E951A.roa
File: 3D3EFA9EF45011EFB757D7B6762E951A.roa (raw, json)
Hash identifier: 9y+8mcxDBy0ycjLsf+HxN4gpcnBXBmXmDDtlogaCJlE=
Subject key identifier: 5C:07:D9:B1:E7:E0:7D:64:9E:65:C7:41:04:96:5F:79:BF:0C:84:4F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0133E5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D3EFA9EF45011EFB757D7B6762E951A.roa
Signing time: Wed 26 Feb 2025 14:44:53 +0000
ROA not before: Wed 26 Feb 2025 14:44:50 +0000
ROA not after: Thu 19 Feb 2026 14:44:50 +0000
asID: 984
IP address blocks: 156.252.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78821 (0x133e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 14:44:50 2025 GMT
Not After : Feb 19 14:44:50 2026 GMT
Subject: CN=67bf28e5-7b34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bd:e5:10:07:43:86:91:97:f8:b6:49:3b:d9:
a5:85:2c:47:28:69:19:93:64:a5:d6:6d:44:5a:50:
0c:6b:5f:18:7a:b7:7d:27:f5:81:03:18:35:5c:7e:
9f:07:87:e6:0a:f0:b0:86:f9:b4:7b:a3:b6:bd:0d:
5e:04:bf:2f:fc:fc:60:b4:30:2c:ef:e7:6a:96:b0:
20:6d:3a:75:25:8a:37:ea:e6:9d:82:ba:16:46:87:
fb:14:ef:e1:48:39:86:d5:88:37:07:fd:6c:e0:21:
98:1d:77:c7:52:a1:28:0f:b8:58:de:69:12:f8:6c:
92:e2:5f:9d:25:bf:9e:e1:64:5b:5c:79:7a:f8:7f:
11:e8:bd:03:17:b8:22:ec:f2:2c:47:e5:da:23:c4:
41:31:5e:05:bf:10:de:4b:47:34:19:e9:74:af:bb:
7d:be:71:a4:4e:0d:fc:76:ce:24:9e:8f:45:d3:17:
12:62:2f:9d:80:0e:f2:27:6b:b7:4d:05:39:6f:79:
f6:9c:0e:63:94:3d:55:df:86:76:bf:bb:27:dd:47:
3f:55:9c:fe:7b:a2:fb:09:d2:49:43:f3:d9:53:c2:
bf:d6:ad:26:fb:03:9e:8e:12:3c:af:66:7f:2d:05:
e3:81:c0:b1:74:70:fa:ff:47:ac:f8:ef:63:cc:ba:
f5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:07:D9:B1:E7:E0:7D:64:9E:65:C7:41:04:96:5F:79:BF:0C:84:4F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3D3EFA9EF45011EFB757D7B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.198.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:10:46:6c:9c:17:bd:00:ab:a1:d9:80:6f:f5:10:a7:a6:ec:
d7:e4:a3:ff:83:f0:c3:d0:93:c8:cd:da:88:f0:c6:3f:aa:e6:
a6:b7:64:b0:c9:8a:ca:84:94:94:1a:8a:62:3f:bf:55:ab:f2:
89:eb:d6:35:e6:45:59:d2:4b:cb:45:ff:21:09:08:c9:2b:32:
10:56:1c:53:e6:21:cc:b2:95:91:f8:96:5e:ab:16:e8:09:c9:
5e:32:c3:7c:84:ab:e2:cf:58:1c:b8:2b:45:24:15:df:62:03:
14:19:8d:3a:bf:20:ff:76:2a:e6:2a:63:2d:45:4d:87:e4:48:
9a:d9:6a:d1:69:a3:c1:9c:ec:4b:d0:5d:4f:68:17:21:95:89:
02:92:7d:fe:37:d5:80:88:b7:a6:b7:e6:19:7d:08:89:43:5c:
45:e2:c4:22:12:b4:5f:4d:4b:c0:55:96:b1:73:13:65:ee:56:
89:70:b6:8d:3e:51:ee:91:2a:d4:62:12:60:c4:cd:02:d6:d1:
0c:e3:7f:19:55:2b:51:00:b9:53:55:ac:fe:f8:69:d5:f6:86:
64:7b:66:ba:fa:0e:0b:d3:94:0c:15:b7:d2:15:76:ea:72:2c:
74:d8:e8:d1:cb:06:dd:3a:93:14:34:0a:81:51:e7:e2:80:47:
24:b1:27:af
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATPlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTQ0NDUwWhcNMjYwMjE5MTQ0NDUwWjAYMRYw
FAYDVQQDEw02N2JmMjhlNS03YjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtb3lEAdDhpGX+LZJO9mlhSxHKGkZk2Sl1m1EWlAMa18Yerd9J/WBAxg1
XH6fB4fmCvCwhvm0e6O2vQ1eBL8v/PxgtDAs7+dqlrAgbTp1JYo36uadgroWRof7
FO/hSDmG1Yg3B/1s4CGYHXfHUqEoD7hY3mkS+GyS4l+dJb+e4WRbXHl6+H8R6L0D
F7gi7PIsR+XaI8RBMV4FvxDeS0c0Gel0r7t9vnGkTg38ds4kno9F0xcSYi+dgA7y
J2u3TQU5b3n2nA5jlD1V34Z2v7sn3Uc/VZz+e6L7CdJJQ/PZU8K/1q0m+wOejhI8
r2Z/LQXjgcCxdHD6/0es+O9jzLr1owIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFwH
2bHn4H1knmXHQQSWX3m/DIRPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRDNFRkE5RUY0NTAxMUVGQjc1N0Q3QjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPzGMA0GCSqGSIb3DQEBCwUA
A4IBAQCbEEZsnBe9AKuh2YBv9RCnpuzX5KP/g/DD0JPIzdqI8MY/quamt2SwyYrK
hJSUGopiP79Vq/KJ69Y15kVZ0kvLRf8hCQjJKzIQVhxT5iHMspWR+JZeqxboCcle
MsN8hKviz1gcuCtFJBXfYgMUGY06vyD/dirmKmMtRU2H5Eia2WrRaaPBnOxL0F1P
aBchlYkCkn3+N9WAiLemt+YZfQiJQ1xF4sQiErRfTUvAVZaxcxNl7laJcLaNPlHu
kSrUYhJgxM0C1tEM438ZVStRALlTVaz++GnV9oZke2a6+g4L05QMFbfSFXbqcix0
2OjRywbdOpMUNAqBUefigEcksSev
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:32 2025 by rpki-client