Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A50A516F5DF11EFBAF07D79762E951A.roa
File: 5A50A516F5DF11EFBAF07D79762E951A.roa (raw, json)
Hash identifier: BVgw4VFu7+R+tSNog4znEIhujO27oulrfd+1YJ8lhyE=
Subject key identifier: D8:A8:17:0A:3C:E3:1B:CD:0D:37:77:C7:F0:CE:29:7A:99:FC:83:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E3F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A50A516F5DF11EFBAF07D79762E951A.roa
Signing time: Fri 28 Feb 2025 14:21:51 +0000
ROA not before: Fri 28 Feb 2025 14:21:48 +0000
ROA not after: Sun 13 Apr 2025 14:21:48 +0000
asID: 138915
IP address blocks: 156.244.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81471 (0x13e3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 14:21:48 2025 GMT
Not After : Apr 13 14:21:48 2025 GMT
Subject: CN=67c1c67f-af8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:36:aa:78:e8:56:73:81:25:9f:6c:46:7f:60:
69:ab:c9:5e:1b:ca:d2:3e:3e:e2:84:bf:cc:a7:df:
36:bc:f0:ef:b6:e5:6e:69:b9:0b:5c:98:c3:79:13:
b5:2f:33:48:f3:bd:30:8d:40:50:e7:71:09:f0:f4:
c7:54:8e:d3:ce:4a:ba:fe:44:3c:ac:4c:72:b8:7d:
8b:05:bc:8f:13:b1:e0:8e:b5:04:0b:98:63:74:aa:
f3:31:8c:64:33:10:0d:23:03:da:03:88:64:f3:a7:
7d:3a:b7:e3:17:ba:9d:65:4c:6b:92:5a:0b:7e:73:
1d:3c:f6:53:40:2b:66:ee:6f:65:32:12:ec:2c:f8:
9a:cd:fb:22:ed:83:a2:df:7e:0f:5a:92:78:20:c5:
39:83:23:29:db:cd:18:b8:3a:0f:95:15:a6:2f:24:
ae:9d:36:cb:18:59:e0:14:33:d1:00:85:fc:f4:40:
25:08:dc:18:c2:cd:33:57:a1:04:0b:e5:22:b1:e0:
f6:90:bf:95:90:6d:56:72:c4:5a:28:22:58:42:7d:
c2:45:b2:8a:f8:c1:4a:2e:85:11:38:cd:94:16:22:
34:74:ce:6f:45:0a:4e:30:be:3f:fe:c1:c4:38:ff:
50:27:c0:f8:33:2a:36:2e:dc:2e:fb:9f:65:1f:46:
10:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A8:17:0A:3C:E3:1B:CD:0D:37:77:C7:F0:CE:29:7A:99:FC:83:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A50A516F5DF11EFBAF07D79762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.30.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:a1:2f:7d:0b:a5:5f:30:17:54:6e:bf:72:20:a0:86:b1:fc:
77:73:29:d4:f4:1b:5f:4b:2b:a8:ca:94:2a:40:e6:32:1e:29:
ee:e9:14:31:f0:e6:41:4b:3f:4c:a0:d5:fb:66:0f:68:88:cc:
b1:9c:95:47:02:09:d1:59:34:41:ef:0d:1c:75:ac:3f:6b:6a:
76:ae:2a:c1:02:51:7e:cc:3f:4f:43:18:62:ae:eb:fd:15:0a:
96:0f:b9:2f:0e:97:ca:ba:10:3d:2e:ee:35:0e:26:54:54:d7:
05:df:dd:ab:78:aa:dd:9d:3a:28:33:9e:2f:57:a6:5a:92:07:
74:d8:2e:5c:a1:95:3b:93:e3:e6:a3:b5:2a:ed:6f:de:c4:41:
a1:00:c1:11:57:bf:25:53:c6:17:77:de:ad:fd:e6:7e:6c:f0:
f1:db:ec:7f:4a:1e:a1:a0:e2:52:4a:bd:fe:9f:48:b1:27:52:
75:7e:4e:18:68:5a:d9:b1:f2:06:7a:06:a4:d2:f6:00:a3:db:
c5:9e:48:22:89:69:c8:38:df:87:01:72:31:e6:28:8c:cf:41:
0d:35:05:aa:68:b8:4d:a0:b4:e4:64:ca:0c:5e:03:ca:f2:50:
3e:46:80:60:19:0c:42:0f:13:a0:a1:e1:0d:b3:e2:63:a6:f2:
0c:6d:05:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT4/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTQyMTQ4WhcNMjUwNDEzMTQyMTQ4WjAYMRYw
FAYDVQQDEw02N2MxYzY3Zi1hZjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzTaqeOhWc4Eln2xGf2Bpq8leG8rSPj7ihL/Mp982vPDvtuVuabkLXJjD
eRO1LzNI870wjUBQ53EJ8PTHVI7Tzkq6/kQ8rExyuH2LBbyPE7HgjrUEC5hjdKrz
MYxkMxANIwPaA4hk86d9OrfjF7qdZUxrkloLfnMdPPZTQCtm7m9lMhLsLPiazfsi
7YOi334PWpJ4IMU5gyMp280YuDoPlRWmLySunTbLGFngFDPRAIX89EAlCNwYws0z
V6EEC+UiseD2kL+VkG1WcsRaKCJYQn3CRbKK+MFKLoUROM2UFiI0dM5vRQpOML4/
/sHEOP9QJ8D4Myo2Ltwu+59lH0YQeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNio
Fwo84xvNDTd3x/DOKXqZ/IN0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTUwQTUxNkY1REYxMUVGQkFGMDdENzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQeMA0GCSqGSIb3DQEBCwUA
A4IBAQCdoS99C6VfMBdUbr9yIKCGsfx3cynU9BtfSyuoypQqQOYyHinu6RQx8OZB
Sz9MoNX7Zg9oiMyxnJVHAgnRWTRB7w0cdaw/a2p2rirBAlF+zD9PQxhiruv9FQqW
D7kvDpfKuhA9Lu41DiZUVNcF392reKrdnTooM54vV6Zakgd02C5coZU7k+Pmo7Uq
7W/exEGhAMERV78lU8YXd96t/eZ+bPDx2+x/Sh6hoOJSSr3+n0ixJ1J1fk4YaFrZ
sfIGegak0vYAo9vFnkgiiWnION+HAXIx5iiMz0ENNQWqaLhNoLTkZMoMXgPK8lA+
RoBgGQxCDxOgoeENs+JjpvIMbQWP
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:11:56 2025 by rpki-client