Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40D7C5F4E92511EF9790E07F762E951A.roa
File: 40D7C5F4E92511EF9790E07F762E951A.roa (raw, json)
Hash identifier: 2LWlLs/2I8Rh9GDrQP5vEnC0s1SOwRFVbmozpq9Dt48=
Subject key identifier: 38:85:4B:31:67:CE:11:EB:7C:92:84:90:46:C9:D3:BE:18:53:C1:D4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012155
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40D7C5F4E92511EF9790E07F762E951A.roa
Signing time: Wed 12 Feb 2025 09:39:28 +0000
ROA not before: Wed 12 Feb 2025 09:39:25 +0000
ROA not after: Thu 24 Apr 2025 09:39:25 +0000
asID: 13335
IP address blocks: 156.255.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74069 (0x12155)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 12 09:39:25 2025 GMT
Not After : Apr 24 09:39:25 2025 GMT
Subject: CN=67ac6c50-a579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1c:ac:0e:f8:06:a4:91:2c:b3:78:d9:d2:31:
6f:e0:49:35:1d:75:46:ad:63:ae:af:19:37:09:ff:
48:23:17:3a:24:22:b8:4b:2c:9e:30:82:3f:64:e9:
57:80:07:84:40:15:a2:ea:12:f1:5b:81:56:b7:a2:
24:be:84:cc:6f:71:4a:7f:08:6a:69:f8:20:89:8d:
bb:e7:1e:cd:c6:06:83:97:62:83:73:06:95:53:f4:
cb:68:22:c8:e9:43:79:c2:b6:4f:6d:11:79:eb:23:
2a:ee:b4:7c:73:cc:f4:c9:02:50:d3:e5:f3:be:da:
4c:7c:18:6f:bf:e2:4b:e5:47:cc:05:2a:e3:7e:a8:
21:dd:1e:88:c7:5e:e0:a2:15:29:1c:91:d3:0a:54:
0b:2c:97:1e:83:e9:96:20:94:2f:0b:af:d1:94:90:
c6:2f:ea:de:66:16:47:d9:ca:a3:71:fb:39:1e:32:
ea:f7:9a:a4:13:df:b1:75:6e:54:c5:3c:a4:2f:bd:
e4:24:d6:98:6c:b0:19:aa:8f:84:9f:fb:d6:ba:ea:
2c:d9:64:df:ff:6b:f9:bf:c5:7d:45:25:d2:18:d8:
45:ed:1a:bb:78:ee:94:76:e0:c7:b9:8e:31:4b:bb:
07:05:6a:1d:fb:4b:67:27:61:9b:1d:6f:ac:4d:25:
ca:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:85:4B:31:67:CE:11:EB:7C:92:84:90:46:C9:D3:BE:18:53:C1:D4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40D7C5F4E92511EF9790E07F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.123.0/24
Signature Algorithm: sha256WithRSAEncryption
06:0b:5f:d7:12:84:0b:98:62:76:3b:f3:02:01:8e:10:09:06:
ed:14:9e:ac:70:5c:5b:72:72:2f:3f:5e:74:63:c7:09:59:54:
54:f6:8e:de:7a:cd:7e:fd:ae:6c:81:98:3c:76:fd:4e:61:db:
d4:db:e5:94:ea:c6:5d:03:18:e7:0f:0a:df:02:e0:b1:cd:e9:
20:78:a6:29:a1:3e:72:85:f6:80:4f:66:75:01:25:d1:87:ae:
93:da:3b:f2:44:3f:ba:1d:37:b2:0e:8c:fe:fe:84:f1:ba:4c:
09:24:d6:af:b7:00:ee:21:0f:00:7b:48:5a:fd:d2:0e:72:9c:
ca:ac:69:72:aa:28:9e:29:1c:e1:9d:bb:4b:f2:de:b9:38:96:
41:6e:da:b9:c6:42:3c:04:39:7d:fa:ee:23:66:83:5a:7b:44:
e8:1d:2e:f9:87:2b:00:cc:20:51:56:f4:38:b4:af:9e:8d:74:
e1:5a:3f:0f:52:24:b5:99:c3:e7:5c:13:a8:2e:39:90:42:23:
1a:ca:f3:a9:66:f4:62:ac:97:72:c6:e2:56:84:8c:86:9c:49:
92:92:98:80:40:98:e5:35:b0:16:bf:3a:9e:0b:2e:4c:56:37:
ed:13:79:04:d6:0c:73:81:bb:6f:12:ab:38:08:00:95:e6:58:
13:75:e3:be
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASFVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjEyMDkzOTI1WhcNMjUwNDI0MDkzOTI1WjAYMRYw
FAYDVQQDEw02N2FjNmM1MC1hNTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArBysDvgGpJEss3jZ0jFv4Ek1HXVGrWOurxk3Cf9IIxc6JCK4SyyeMII/
ZOlXgAeEQBWi6hLxW4FWt6IkvoTMb3FKfwhqafggiY275x7NxgaDl2KDcwaVU/TL
aCLI6UN5wrZPbRF56yMq7rR8c8z0yQJQ0+XzvtpMfBhvv+JL5UfMBSrjfqgh3R6I
x17gohUpHJHTClQLLJceg+mWIJQvC6/RlJDGL+reZhZH2cqjcfs5HjLq95qkE9+x
dW5UxTykL73kJNaYbLAZqo+En/vWuuos2WTf/2v5v8V9RSXSGNhF7Rq7eO6UduDH
uY4xS7sHBWod+0tnJ2GbHW+sTSXKCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDiF
SzFnzhHrfJKEkEbJ074YU8HUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MEQ3QzVGNEU5MjUxMUVGOTc5MEUwN0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP97MA0GCSqGSIb3DQEBCwUA
A4IBAQAGC1/XEoQLmGJ2O/MCAY4QCQbtFJ6scFxbcnIvP150Y8cJWVRU9o7ees1+
/a5sgZg8dv1OYdvU2+WU6sZdAxjnDwrfAuCxzekgeKYpoT5yhfaAT2Z1ASXRh66T
2jvyRD+6HTeyDoz+/oTxukwJJNavtwDuIQ8Ae0ha/dIOcpzKrGlyqiieKRzhnbtL
8t65OJZBbtq5xkI8BDl9+u4jZoNae0ToHS75hysAzCBRVvQ4tK+ejXThWj8PUiS1
mcPnXBOoLjmQQiMayvOpZvRirJdyxuJWhIyGnEmSkpiAQJjlNbAWvzqeCy5MVjft
E3kE1gxzgbtvEqs4CACV5lgTdeO+
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:33:28 2025 by rpki-client