Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42EB87E6F47811EF9E239A4D762E951A.roa
File: 42EB87E6F47811EF9E239A4D762E951A.roa (raw, json)
Hash identifier: asm+1rnBn/U//Q1DJlFwDPCqIqiLAA0IxQen1iBi27Y=
Subject key identifier: 93:2C:A7:BB:C6:8E:40:4D:CE:CB:AD:6B:B9:0E:10:9D:EC:BA:E8:42
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013711
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42EB87E6F47811EF9E239A4D762E951A.roa
Signing time: Wed 26 Feb 2025 19:31:23 +0000
ROA not before: Wed 26 Feb 2025 19:31:19 +0000
ROA not after: Thu 19 Feb 2026 19:31:19 +0000
asID: 984
IP address blocks: 156.247.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79633 (0x13711)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 19:31:19 2025 GMT
Not After : Feb 19 19:31:19 2026 GMT
Subject: CN=67bf6c0b-9f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:11:c3:3a:cd:14:48:f1:90:8d:94:cb:eb:56:
0a:31:3f:40:59:e7:88:da:63:c6:c0:a5:79:55:27:
73:b9:35:be:e2:d5:45:15:ef:46:04:55:b7:00:d7:
bf:fb:87:1a:70:67:3c:bb:53:59:14:20:2a:fe:03:
95:42:65:4a:f9:61:70:7c:13:f4:47:af:2e:1a:c1:
fe:d7:72:12:33:ae:8c:3e:b5:9e:7f:66:b2:50:e8:
ee:f2:c4:db:e4:ef:61:00:6b:1d:56:53:30:5a:2a:
cf:c9:01:13:11:8d:1b:0d:2b:2a:35:52:37:32:2f:
ea:dd:ba:07:e6:e3:24:c1:08:ae:51:2c:51:73:a3:
7b:24:13:f0:0b:e9:07:37:50:a8:b6:9e:18:bf:ad:
f5:81:ce:dc:7a:a2:26:b9:7f:43:26:94:4b:e9:3b:
f4:b2:d8:99:3f:d2:c0:84:ce:ba:94:f4:a0:db:60:
68:dc:75:02:d0:cf:51:ec:c8:2a:b9:5d:07:1c:64:
d2:85:d7:32:38:b7:1b:51:5f:70:12:6d:47:27:a8:
a3:bf:5b:16:bf:95:af:3b:73:fd:2a:71:4f:c6:48:
8b:4d:78:b3:f8:72:96:9b:95:8e:c7:d0:74:6b:b8:
f8:d8:34:e9:20:e2:cb:8c:d4:8f:e1:ab:20:63:49:
9f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2C:A7:BB:C6:8E:40:4D:CE:CB:AD:6B:B9:0E:10:9D:EC:BA:E8:42
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42EB87E6F47811EF9E239A4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.33.0/24
Signature Algorithm: sha256WithRSAEncryption
16:99:56:96:8d:02:52:65:29:0e:c1:4f:ee:b5:07:8f:dd:ea:
f6:d7:5e:e4:78:43:03:52:f0:74:7b:cc:89:ae:6f:a6:3a:71:
eb:67:ca:da:9d:0b:07:ed:bc:35:d2:ef:65:62:65:30:51:63:
fe:cf:60:f5:e4:65:e1:eb:c0:4c:ab:0c:8a:0e:fa:fc:ce:18:
a1:09:e1:5d:e8:5a:c4:52:4f:00:4c:0b:eb:39:c8:7b:27:7d:
63:f7:10:82:42:07:0b:a6:97:b3:e0:8d:28:1c:33:84:e1:23:
1e:f2:36:81:23:a3:55:29:67:6e:58:9b:f0:54:19:a1:af:fe:
fc:02:5a:c5:2e:8c:1d:26:af:12:ab:5b:03:4f:3d:bf:92:f5:
6a:f1:3b:9a:5f:5e:31:cd:80:01:2d:35:50:11:16:09:3f:ec:
68:4a:ca:05:ff:ba:80:d7:fa:dd:2f:2f:d0:d8:d5:66:3b:28:
7d:98:79:c3:c3:a6:b9:3f:fb:4a:fe:6a:88:01:ed:89:20:f2:
63:09:0c:8b:6b:8c:1e:1d:6c:be:86:a6:07:8b:86:7c:61:a3:
42:28:97:a9:88:e6:da:9a:04:ea:5a:e3:f6:a5:e7:7e:a1:bc:
76:68:90:92:e6:c0:9b:fc:ad:c3:e8:b2:1b:b7:4e:ab:66:0d:
da:fa:d3:1f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATcRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTkzMTE5WhcNMjYwMjE5MTkzMTE5WjAYMRYw
FAYDVQQDEw02N2JmNmMwYi05ZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5BHDOs0USPGQjZTL61YKMT9AWeeI2mPGwKV5VSdzuTW+4tVFFe9GBFW3
ANe/+4cacGc8u1NZFCAq/gOVQmVK+WFwfBP0R68uGsH+13ISM66MPrWef2ayUOju
8sTb5O9hAGsdVlMwWirPyQETEY0bDSsqNVI3Mi/q3boH5uMkwQiuUSxRc6N7JBPw
C+kHN1Cotp4Yv631gc7ceqImuX9DJpRL6Tv0stiZP9LAhM66lPSg22Bo3HUC0M9R
7MgquV0HHGTShdcyOLcbUV9wEm1HJ6ijv1sWv5WvO3P9KnFPxkiLTXiz+HKWm5WO
x9B0a7j42DTpIOLLjNSP4asgY0mflQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJMs
p7vGjkBNzsuta7kOEJ3suuhCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MkVCODdFNkY0NzgxMUVGOUUyMzlBNEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPchMA0GCSqGSIb3DQEBCwUA
A4IBAQAWmVaWjQJSZSkOwU/utQeP3er2117keEMDUvB0e8yJrm+mOnHrZ8ranQsH
7bw10u9lYmUwUWP+z2D15GXh68BMqwyKDvr8zhihCeFd6FrEUk8ATAvrOch7J31j
9xCCQgcLppez4I0oHDOE4SMe8jaBI6NVKWduWJvwVBmhr/78AlrFLowdJq8Sq1sD
Tz2/kvVq8TuaX14xzYABLTVQERYJP+xoSsoF/7qA1/rdLy/Q2NVmOyh9mHnDw6a5
P/tK/mqIAe2JIPJjCQyLa4weHWy+hqYHi4Z8YaNCKJepiObamgTqWuP2ped+obx2
aJCS5sCb/K3D6LIbt06rZg3a+tMf
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:59 2025 by rpki-client