Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40CC8A50F42811EF9B06969E762E951A.roa
File: 40CC8A50F42811EF9B06969E762E951A.roa (raw, json)
Hash identifier: IezD+x57h6K0srJzPPDEsLPwHfv45J2IUMK9kIQrWrw=
Subject key identifier: 64:D1:52:64:FE:A7:89:42:08:2C:9D:18:68:FA:9C:E6:2D:65:6A:D4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0130BC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40CC8A50F42811EF9B06969E762E951A.roa
Signing time: Wed 26 Feb 2025 09:58:40 +0000
ROA not before: Wed 26 Feb 2025 09:58:36 +0000
ROA not after: Thu 19 Feb 2026 09:58:36 +0000
asID: 984
IP address blocks: 156.252.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78012 (0x130bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 09:58:36 2025 GMT
Not After : Feb 19 09:58:36 2026 GMT
Subject: CN=67bee5cf-63bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:35:9c:94:04:66:13:94:2a:7d:25:37:57:10:
8f:41:b7:e2:a3:11:7b:59:1e:50:2c:25:ac:c7:19:
ad:e3:f8:36:67:07:d2:22:6f:75:63:03:51:fd:3f:
ae:cf:4f:ba:ff:ed:5a:45:d0:96:03:a9:13:80:e2:
f3:c7:e9:31:9b:f9:68:3e:54:bb:5b:0c:11:70:7a:
7a:4f:ce:82:95:04:2b:b9:32:9d:61:6c:50:86:7e:
2f:6d:c9:f9:d2:43:a4:df:ed:bc:5b:b8:80:5c:52:
8e:1f:02:86:24:57:24:58:a1:b8:1a:1a:1a:d3:ab:
29:5c:51:47:b4:40:dc:99:08:ed:57:4d:5a:c6:08:
60:63:21:79:5b:e2:04:a6:5d:b2:cc:5a:83:f2:2f:
38:6e:21:a9:05:42:c9:04:bf:82:ca:97:ce:c2:cb:
43:7d:40:b7:76:72:12:23:95:f4:1f:f3:09:c2:02:
ea:43:0f:10:c9:70:1b:85:ce:07:b0:f3:e9:b6:81:
e4:ca:6f:ce:19:3e:c5:cb:be:af:d9:71:43:f7:ea:
ff:d6:12:50:ff:f3:56:15:c7:13:5c:ab:29:49:f1:
09:21:1c:a7:5e:db:06:78:62:df:08:ad:99:cc:19:
ef:61:3c:47:21:db:71:59:f6:7f:a0:61:c3:43:97:
d3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D1:52:64:FE:A7:89:42:08:2C:9D:18:68:FA:9C:E6:2D:65:6A:D4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40CC8A50F42811EF9B06969E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.74.0/24
Signature Algorithm: sha256WithRSAEncryption
02:fa:2a:93:c8:ff:33:62:d3:0b:b7:0a:01:6f:40:c8:4b:f6:
f4:e5:5e:ab:4c:3c:df:74:31:bd:2f:e1:d8:8d:23:7b:1a:e8:
b6:2b:17:80:ac:b4:ae:27:de:15:f3:05:bc:64:32:52:37:2b:
82:d1:6f:bd:96:30:ff:46:82:0f:f3:24:da:b2:ff:0b:10:f9:
d5:e6:4c:48:77:1c:41:66:6b:e3:74:13:b4:34:a2:7e:2a:36:
a6:74:70:e8:77:ae:7e:8d:30:5f:47:32:61:5b:3a:82:89:e7:
01:03:25:65:69:d5:4c:e9:8a:c8:24:8a:35:23:b1:5f:29:e9:
8e:6a:ed:89:be:e2:ef:13:5f:8e:14:2e:4b:ca:f8:73:53:cc:
9e:1b:5c:27:08:9b:74:c0:98:66:c8:23:cd:78:0a:7f:da:26:
a1:a0:0e:10:ff:d9:fe:30:d0:00:25:f6:26:53:4e:f1:d9:66:
00:60:72:0b:3a:73:2c:e6:d3:84:bc:fc:f3:88:df:78:e7:19:
75:28:73:38:64:3e:8c:08:72:a0:b5:f9:7f:eb:74:84:97:1b:
cd:70:58:f0:d7:db:5c:88:5b:71:f9:19:f8:fe:8d:79:cc:0c:
5c:4d:cd:10:e1:5a:a4:53:e8:85:7a:a8:9b:6a:f8:3e:e6:14:
f4:5b:b7:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATC8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDk1ODM2WhcNMjYwMjE5MDk1ODM2WjAYMRYw
FAYDVQQDEw02N2JlZTVjZi02M2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsTWclARmE5QqfSU3VxCPQbfioxF7WR5QLCWsxxmt4/g2ZwfSIm91YwNR
/T+uz0+6/+1aRdCWA6kTgOLzx+kxm/loPlS7WwwRcHp6T86ClQQruTKdYWxQhn4v
bcn50kOk3+28W7iAXFKOHwKGJFckWKG4Ghoa06spXFFHtEDcmQjtV01axghgYyF5
W+IEpl2yzFqD8i84biGpBULJBL+CypfOwstDfUC3dnISI5X0H/MJwgLqQw8QyXAb
hc4HsPPptoHkym/OGT7Fy76v2XFD9+r/1hJQ//NWFccTXKspSfEJIRynXtsGeGLf
CK2ZzBnvYTxHIdtxWfZ/oGHDQ5fTrwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGTR
UmT+p4lCCCydGGj6nOYtZWrUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MENDOEE1MEY0MjgxMUVGOUIwNjk2OUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPxKMA0GCSqGSIb3DQEBCwUA
A4IBAQAC+iqTyP8zYtMLtwoBb0DIS/b05V6rTDzfdDG9L+HYjSN7Gui2KxeArLSu
J94V8wW8ZDJSNyuC0W+9ljD/RoIP8yTasv8LEPnV5kxIdxxBZmvjdBO0NKJ+Kjam
dHDod65+jTBfRzJhWzqCiecBAyVladVM6YrIJIo1I7FfKemOau2JvuLvE1+OFC5L
yvhzU8yeG1wnCJt0wJhmyCPNeAp/2iahoA4Q/9n+MNAAJfYmU07x2WYAYHILOnMs
5tOEvPzziN945xl1KHM4ZD6MCHKgtfl/63SElxvNcFjw19tciFtx+Rn4/o15zAxc
Tc0Q4VqkU+iFeqibavg+5hT0W7cy
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:42 2025 by rpki-client