Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E9DBC76F42D11EF89E17941762E951A.roa
File: 4E9DBC76F42D11EF89E17941762E951A.roa (raw, json)
Hash identifier: BULNb+nWFwq9/cVXjhRygZflc0kuix1Xw77ixve44uQ=
Subject key identifier: 84:06:7E:16:59:5A:BC:57:63:3C:A6:DE:D5:98:D9:CE:4E:A1:A6:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01312A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E9DBC76F42D11EF89E17941762E951A.roa
Signing time: Wed 26 Feb 2025 10:34:50 +0000
ROA not before: Wed 26 Feb 2025 10:34:47 +0000
ROA not after: Thu 19 Feb 2026 10:34:47 +0000
asID: 984
IP address blocks: 156.252.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78122 (0x1312a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:34:47 2025 GMT
Not After : Feb 19 10:34:47 2026 GMT
Subject: CN=67beee4a-8586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:48:01:68:49:6b:a2:c7:13:9e:f2:4b:36:96:
18:39:b2:08:3f:0c:6d:15:a7:e6:7d:77:bb:0b:41:
7f:6b:2c:75:e3:0a:dc:5e:00:25:79:90:03:7f:13:
1b:df:25:3c:6a:d3:ce:53:15:b2:b0:b0:51:1c:f7:
5c:26:b2:a7:5a:50:c7:36:90:e5:d0:ad:2a:31:ad:
b4:a4:c0:b9:d7:34:c4:80:e7:38:f5:23:04:c8:be:
50:0f:6f:36:fd:32:f5:97:02:f7:fc:ab:6f:ab:79:
46:fa:5a:0f:e8:fb:48:f2:79:c0:20:8d:2c:76:31:
ef:68:c5:4f:26:fd:51:18:e2:f5:f2:c6:02:4c:41:
e0:e4:34:f7:e5:ae:45:83:89:89:e5:be:9d:04:f6:
4e:6f:06:4b:d8:c3:d5:73:93:78:17:fe:2b:e7:17:
04:48:3a:15:11:50:9f:98:18:cd:cf:ce:2d:bf:b6:
64:ac:e3:e3:ef:4f:8b:9a:17:a0:46:b0:cb:0a:2b:
a7:07:73:70:98:22:5c:af:18:d3:e2:1c:f2:88:c4:
cb:c6:1c:9f:20:51:70:70:ad:10:2e:cf:a0:3c:82:
27:3c:3c:0f:85:2a:20:9c:51:46:1b:3b:d7:67:be:
7e:79:12:ed:76:5e:52:ab:82:7f:86:fa:e6:db:94:
1a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:06:7E:16:59:5A:BC:57:63:3C:A6:DE:D5:98:D9:CE:4E:A1:A6:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E9DBC76F42D11EF89E17941762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.92.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:77:2d:dd:cb:d7:85:01:09:56:46:8e:94:04:16:3b:a3:47:
15:ed:d7:49:f2:47:4a:f1:48:8d:80:b3:85:a1:47:1b:3b:e8:
ff:46:cc:54:6a:d7:66:14:b6:4f:a2:1a:b4:df:df:cb:39:bc:
b2:ab:0c:20:2a:7f:7d:d8:82:1d:73:fe:6e:56:8e:1c:5a:90:
4b:b2:27:2e:7a:1b:61:5d:2e:30:08:5d:e7:f4:57:67:41:b9:
95:a4:ed:90:b9:f4:49:50:b5:75:60:00:cd:67:62:0e:71:34:
c2:82:73:bb:f1:96:90:c0:8d:ae:ec:0b:3a:6f:85:fd:8b:2c:
3c:e1:a4:05:d9:02:c4:01:2b:a8:20:cb:03:1b:d4:cf:ff:55:
97:bb:68:ea:7e:24:49:3b:9f:8f:3a:47:58:29:ef:1d:74:bf:
01:25:18:a9:07:16:ea:17:3b:08:b3:4f:e1:5b:c0:07:d0:72:
5f:ff:72:47:14:db:73:b5:aa:9f:bf:b1:13:49:86:ef:bb:86:
bb:d7:e1:e6:1d:4c:f3:0b:70:35:b8:82:59:24:7b:d2:c1:0c:
35:12:61:48:5d:ac:bc:0e:c6:e5:42:b4:fd:5b:9e:0c:c4:c5:
9f:3f:14:63:d4:ab:30:2f:98:7d:2b:84:58:d2:4b:70:85:b2:
4d:21:9d:44
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATEqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTAzNDQ3WhcNMjYwMjE5MTAzNDQ3WjAYMRYw
FAYDVQQDEw02N2JlZWU0YS04NTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw0gBaElroscTnvJLNpYYObIIPwxtFafmfXe7C0F/ayx14wrcXgAleZAD
fxMb3yU8atPOUxWysLBRHPdcJrKnWlDHNpDl0K0qMa20pMC51zTEgOc49SMEyL5Q
D282/TL1lwL3/Ktvq3lG+loP6PtI8nnAII0sdjHvaMVPJv1RGOL18sYCTEHg5DT3
5a5Fg4mJ5b6dBPZObwZL2MPVc5N4F/4r5xcESDoVEVCfmBjNz84tv7ZkrOPj70+L
mhegRrDLCiunB3NwmCJcrxjT4hzyiMTLxhyfIFFwcK0QLs+gPIInPDwPhSognFFG
GzvXZ75+eRLtdl5Sq4J/hvrm25QaGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIQG
fhZZWrxXYzym3tWY2c5OoaY9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RTlEQkM3NkY0MkQxMUVGODlFMTc5NDE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPxcMA0GCSqGSIb3DQEBCwUA
A4IBAQCzdy3dy9eFAQlWRo6UBBY7o0cV7ddJ8kdK8UiNgLOFoUcbO+j/RsxUatdm
FLZPohq039/LObyyqwwgKn992IIdc/5uVo4cWpBLsicuehthXS4wCF3n9FdnQbmV
pO2QufRJULV1YADNZ2IOcTTCgnO78ZaQwI2u7As6b4X9iyw84aQF2QLEASuoIMsD
G9TP/1WXu2jqfiRJO5+POkdYKe8ddL8BJRipBxbqFzsIs0/hW8AH0HJf/3JHFNtz
taqfv7ETSYbvu4a71+HmHUzzC3A1uIJZJHvSwQw1EmFIXay8DsblQrT9W54MxMWf
PxRj1KswL5h9K4RY0ktwhbJNIZ1E
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:20 2025 by rpki-client