Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/481C1F26FF3D11EF93A34E8D762E951A.roa
File: 481C1F26FF3D11EF93A34E8D762E951A.roa (raw, json)
Hash identifier: FxANDjrO7OpWIUKKTS5BDqxzYlFHWRg2Ew3n7RX5YkU=
Subject key identifier: F2:28:87:9C:26:16:6C:C9:96:E1:73:14:B6:0C:F3:AB:CD:61:75:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014573
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/481C1F26FF3D11EF93A34E8D762E951A.roa
Signing time: Wed 12 Mar 2025 12:26:54 +0000
ROA not before: Wed 12 Mar 2025 12:26:50 +0000
ROA not after: Mon 05 May 2025 12:26:50 +0000
asID: 394432
IP address blocks: 156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83315 (0x14573)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 12 12:26:50 2025 GMT
Not After : May 5 12:26:50 2025 GMT
Subject: CN=67d17d8e-581d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b8:ac:08:40:3f:1a:e0:47:1b:99:ce:9c:45:
69:64:2e:3d:7d:62:8a:75:0b:3d:2b:c6:fe:0e:88:
f1:9f:77:ec:40:de:e3:23:79:28:f7:9d:05:84:82:
94:00:79:10:f8:b0:d4:0e:f8:94:a5:a6:d4:c6:9b:
39:4d:d7:67:0a:3f:9d:c9:ce:1c:05:59:a3:d0:db:
7e:71:19:03:b1:8d:47:ff:b2:cf:c3:94:5e:09:2d:
2e:a4:b5:4f:bf:78:1f:54:7d:f9:02:94:28:7d:5f:
c3:ed:5e:0b:15:86:d3:51:a7:4b:b4:b8:71:c7:ec:
02:3c:73:b8:b3:aa:26:9d:ab:89:3e:72:e0:4d:e9:
07:dd:d0:b1:21:a3:18:77:89:44:dc:9a:13:b8:c5:
55:ca:67:f6:81:67:89:11:af:d6:db:b6:57:7d:84:
bf:af:92:8c:0c:33:0b:48:e0:7b:f4:6e:82:23:5b:
81:5c:0e:78:14:75:4d:97:78:42:09:6f:99:42:86:
d7:01:28:bb:91:7c:e7:f4:0c:be:9e:f4:92:9e:53:
49:4b:ae:5b:dc:f5:03:43:6b:3e:f1:1a:4a:2a:1a:
41:9f:40:57:cc:fd:50:02:29:68:91:96:60:36:a1:
20:e7:34:bd:a9:cf:ba:59:e9:f3:d3:c7:30:b0:7f:
94:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:28:87:9C:26:16:6C:C9:96:E1:73:14:B6:0C:F3:AB:CD:61:75:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/481C1F26FF3D11EF93A34E8D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
11:d3:4c:54:68:98:1f:2c:1a:e3:23:ae:e1:fd:66:9f:f7:ec:
38:f1:1e:70:04:65:e6:f2:c8:08:a2:fb:bc:83:36:fa:a3:7d:
40:3a:76:03:b3:69:eb:e0:14:b7:b6:92:86:e5:d5:4a:7b:c4:
ba:87:74:40:cd:16:f9:22:08:0c:f6:40:0b:94:9b:ab:e7:b7:
76:df:9d:55:c9:3b:57:71:06:c9:52:b2:40:9d:cf:82:3f:27:
70:48:1c:58:b1:91:56:0e:55:4d:83:2c:ac:a0:b5:f2:21:3a:
30:27:0d:c2:f0:29:2b:1f:56:0d:d2:c5:79:97:d1:1d:06:17:
62:5d:7c:49:57:45:b2:89:ab:2e:57:31:bc:b8:4a:bf:d5:0f:
f1:cb:58:34:1e:49:62:9c:7a:7d:a4:a3:ad:e6:51:cb:f8:2e:
5d:9c:40:71:79:5f:20:02:1d:a9:b9:fd:96:8b:df:c0:f1:d0:
ed:9f:c9:5f:6b:dc:b4:8e:96:77:d8:d9:49:c4:4e:a0:e9:9f:
09:02:fe:b8:6d:11:5f:a3:cb:01:60:48:c9:79:e1:8a:33:90:
6a:ec:05:84:53:d8:40:ba:17:96:8e:5c:3f:02:f2:7d:c6:3a:
db:6a:33:f9:0b:ca:fd:9c:54:c5:dd:33:1b:d3:0e:b0:32:59:
ab:cd:16:79
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUVzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzEyMTIyNjUwWhcNMjUwNTA1MTIyNjUwWjAYMRYw
FAYDVQQDEw02N2QxN2Q4ZS01ODFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA47isCEA/GuBHG5nOnEVpZC49fWKKdQs9K8b+Dojxn3fsQN7jI3ko950F
hIKUAHkQ+LDUDviUpabUxps5TddnCj+dyc4cBVmj0Nt+cRkDsY1H/7LPw5ReCS0u
pLVPv3gfVH35ApQofV/D7V4LFYbTUadLtLhxx+wCPHO4s6omnauJPnLgTekH3dCx
IaMYd4lE3JoTuMVVymf2gWeJEa/W27ZXfYS/r5KMDDMLSOB79G6CI1uBXA54FHVN
l3hCCW+ZQobXASi7kXzn9Ay+nvSSnlNJS65b3PUDQ2s+8RpKKhpBn0BXzP1QAilo
kZZgNqEg5zS9qc+6Wenz08cwsH+UCQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPIo
h5wmFmzJluFzFLYM86vNYXVRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80ODFDMUYyNkZGM0QxMUVGOTNBMzRFOEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc/JADBASc/KAwDQYJKoZI
hvcNAQELBQADggEBABHTTFRomB8sGuMjruH9Zp/37DjxHnAEZebyyAii+7yDNvqj
fUA6dgOzaevgFLe2kobl1Up7xLqHdEDNFvkiCAz2QAuUm6vnt3bfnVXJO1dxBslS
skCdz4I/J3BIHFixkVYOVU2DLKygtfIhOjAnDcLwKSsfVg3SxXmX0R0GF2JdfElX
RbKJqy5XMby4Sr/VD/HLWDQeSWKcen2ko63mUcv4Ll2cQHF5XyACHam5/ZaL38Dx
0O2fyV9r3LSOlnfY2UnETqDpnwkC/rhtEV+jywFgSMl54YozkGrsBYRT2EC6F5aO
XD8C8n3GOttqM/kLyv2cVMXdMxvTDrAyWavNFnk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:04 2025 by rpki-client