Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4211A25CF17011EF82EB1C74762E951A.roa
File: 4211A25CF17011EF82EB1C74762E951A.roa (raw, json)
Hash identifier: ZIEFDOm/x0EXn0TWfYg7ZaZSkiu6SUZRX9DNDWbB0dY=
Subject key identifier: B1:28:CA:A2:5B:7B:FE:EA:36:B3:60:9D:7B:67:32:6A:02:69:A7:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0129C4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4211A25CF17011EF82EB1C74762E951A.roa
Signing time: Sat 22 Feb 2025 22:56:32 +0000
ROA not before: Sat 22 Feb 2025 22:56:28 +0000
ROA not after: Sat 05 Apr 2025 22:56:28 +0000
asID: 138415
IP address blocks: 156.234.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 22:56:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76228 (0x129c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 22 22:56:28 2025 GMT
Not After : Apr 5 22:56:28 2025 GMT
Subject: CN=67ba5620-ce27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cd:63:ea:b3:8b:e2:68:f8:5a:7a:94:d8:23:
6c:1a:0a:4b:83:76:e1:5f:68:14:7e:dc:7f:7d:d3:
63:35:f7:03:97:c5:7e:fb:48:3f:cc:0f:a2:7e:13:
ac:b7:a8:5c:a3:a0:33:9f:2f:a7:e1:2a:66:22:cc:
5c:03:28:fb:7b:24:0a:89:06:92:eb:d2:7c:72:0e:
0e:69:d2:91:23:cb:0b:e8:75:b9:4a:66:d3:40:11:
e0:e7:0a:e7:e8:cb:22:a3:a9:33:8d:9c:75:1a:45:
55:9e:c7:29:30:c1:03:e8:d4:26:ff:96:0b:23:6d:
35:f2:c3:b4:80:87:e7:cd:95:bb:21:f6:a3:25:3a:
0c:91:be:ef:0e:3a:f6:17:1a:fd:c9:47:ac:f9:a3:
2b:67:95:b5:66:fc:e8:c3:fd:7f:db:c1:fb:99:48:
30:a2:0c:a2:5e:a9:72:a7:54:95:cf:e6:33:b9:3b:
01:89:31:29:78:11:8d:ce:8f:63:6b:5f:50:5c:43:
fa:1d:4b:f4:82:df:ed:e0:30:3e:5c:1f:bf:a5:5e:
cc:6a:37:1e:7e:a5:f9:ce:16:17:31:ae:06:6e:02:
82:0f:de:8f:55:48:94:31:34:57:74:34:38:fc:76:
7e:67:9f:e8:09:49:14:c5:59:52:e7:71:ee:6b:e1:
7a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:28:CA:A2:5B:7B:FE:EA:36:B3:60:9D:7B:67:32:6A:02:69:A7:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4211A25CF17011EF82EB1C74762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:0f:ca:07:2b:87:f7:3f:e6:d1:66:df:0e:9d:ee:4a:73:3a:
2e:92:24:fe:c5:e4:1e:7e:28:14:a0:3b:64:29:f4:c6:90:e0:
af:02:93:13:81:84:46:5d:91:06:35:d5:5a:ad:a2:ab:5f:a2:
da:a0:70:f2:9f:89:46:34:b9:f4:c7:04:4d:3f:da:9f:18:f9:
61:52:c2:92:cb:f4:79:59:f5:23:68:4a:b5:c9:00:77:ad:a6:
e4:c9:57:93:f1:01:cc:df:52:69:0c:53:93:2a:ab:c0:31:2d:
01:44:62:0f:d7:90:45:c5:c2:25:7f:b8:b5:14:81:bd:f2:85:
71:9e:38:12:6b:51:8e:83:af:7b:0e:34:47:19:ab:c5:01:aa:
a1:2b:00:fa:fb:ab:cd:95:e9:51:b3:ae:5d:3e:61:c8:67:00:
67:fd:ba:02:a4:95:ad:76:a0:9c:2e:ee:d9:d5:65:ca:0c:53:
09:97:8c:88:81:88:7b:59:76:54:31:6d:4f:d0:e5:cc:47:6b:
a8:95:78:7d:fc:8a:8b:22:19:1f:26:ba:93:f7:b1:e7:08:ba:
eb:aa:52:f2:cf:c5:80:93:85:77:c5:dd:17:48:da:83:5f:8b:
38:5d:a2:f7:d0:a7:2d:e4:92:65:31:26:8f:a5:3d:c5:f6:b8:
40:7a:d8:e9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDASnEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjIyMjI1NjI4WhcNMjUwNDA1MjI1NjI4WjAYMRYw
FAYDVQQDEw02N2JhNTYyMC1jZTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqc1j6rOL4mj4WnqU2CNsGgpLg3bhX2gUftx/fdNjNfcDl8V++0g/zA+i
fhOst6hco6Azny+n4SpmIsxcAyj7eyQKiQaS69J8cg4OadKRI8sL6HW5SmbTQBHg
5wrn6Msio6kzjZx1GkVVnscpMMED6NQm/5YLI2018sO0gIfnzZW7IfajJToMkb7v
Djr2Fxr9yUes+aMrZ5W1Zvzow/1/28H7mUgwogyiXqlyp1SVz+YzuTsBiTEpeBGN
zo9ja19QXEP6HUv0gt/t4DA+XB+/pV7MajcefqX5zhYXMa4GbgKCD96PVUiUMTRX
dDQ4/HZ+Z5/oCUkUxVlS53Hua+F6KQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFLEo
yqJbe/7qNrNgnXtnMmoCaacSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MjExQTI1Q0YxNzAxMUVGODJFQjFDNzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOowDQYJKoZIhvcNAQELBQAD
ggEBAAcPygcrh/c/5tFm3w6d7kpzOi6SJP7F5B5+KBSgO2Qp9MaQ4K8CkxOBhEZd
kQY11VqtoqtfotqgcPKfiUY0ufTHBE0/2p8Y+WFSwpLL9HlZ9SNoSrXJAHetpuTJ
V5PxAczfUmkMU5Mqq8AxLQFEYg/XkEXFwiV/uLUUgb3yhXGeOBJrUY6Dr3sONEcZ
q8UBqqErAPr7q82V6VGzrl0+YchnAGf9ugKkla12oJwu7tnVZcoMUwmXjIiBiHtZ
dlQxbU/Q5cxHa6iVeH38iosiGR8mupP3secIuuuqUvLPxYCThXfF3RdI2oNfizhd
ovfQpy3kkmUxJo+lPcX2uEB62Ok=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:36 2025 by rpki-client