Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F223FBCF47911EFBF136B56762E951A.roa
File: 5F223FBCF47911EFBF136B56762E951A.roa (raw, json)
Hash identifier: cIXqIHkVQsCgk7jgHPUWSHA7YMhyIaymHHI/PqxsKaQ=
Subject key identifier: 1E:1A:39:A7:55:64:BC:7B:9F:74:CF:23:3E:47:75:7E:5A:3C:3F:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013723
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F223FBCF47911EFBF136B56762E951A.roa
Signing time: Wed 26 Feb 2025 19:39:20 +0000
ROA not before: Wed 26 Feb 2025 19:39:16 +0000
ROA not after: Thu 19 Feb 2026 19:39:16 +0000
asID: 984
IP address blocks: 156.247.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79651 (0x13723)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 19:39:16 2025 GMT
Not After : Feb 19 19:39:16 2026 GMT
Subject: CN=67bf6de7-f5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5a:00:3b:ae:a7:ca:59:d5:f1:d1:c1:c5:00:
67:d1:45:3f:c0:c2:04:6a:0c:2d:36:54:dd:a5:71:
8b:be:c1:78:1d:27:ab:20:b8:cb:55:97:d1:19:e0:
e8:70:8a:98:07:c0:38:be:21:19:8f:08:8f:52:c3:
ab:e6:36:49:96:09:2c:24:ca:27:32:7c:2f:9f:92:
9d:7e:a1:c3:9c:d0:78:6a:02:dc:59:17:48:28:7c:
ab:13:d5:a7:19:5f:eb:5d:ba:d9:e1:1d:f9:df:74:
3c:0d:38:b2:7f:0e:a7:07:ef:c8:14:7c:76:74:fc:
00:a7:33:7c:3a:f9:c2:d5:87:a5:4c:17:a0:23:3b:
29:c4:b8:4b:01:b4:4e:9c:f2:1a:f1:82:95:f1:93:
ef:61:f8:be:15:3d:3d:bf:84:98:9e:f2:ff:f5:ef:
4a:d9:48:d7:4f:c4:ae:73:ae:e5:fa:94:07:94:9e:
e4:cf:b5:6a:96:ea:ae:7f:ee:b7:e4:b5:a4:53:23:
53:93:70:4a:90:d3:f0:d3:fb:ae:2c:02:df:4a:ac:
06:e9:79:23:09:4d:4f:03:e0:ed:65:60:64:d2:44:
f2:e4:2e:d6:f7:7e:7b:a9:b2:29:38:78:ed:9c:d7:
62:24:6e:94:64:52:4a:a7:a5:2b:ca:75:b0:08:a8:
9d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:1A:39:A7:55:64:BC:7B:9F:74:CF:23:3E:47:75:7E:5A:3C:3F:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F223FBCF47911EFBF136B56762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.36.0/24
Signature Algorithm: sha256WithRSAEncryption
84:79:b0:11:38:fd:50:45:27:ed:a8:c1:87:a5:5f:50:88:ed:
0c:c6:e4:4d:8d:b7:ff:c1:3b:0d:8f:9b:12:22:99:81:bb:e4:
99:07:8c:b4:3b:df:fa:54:3d:75:fc:3f:50:b3:aa:89:3e:4a:
a0:f3:9b:f7:2c:9a:83:b6:38:fc:1b:72:59:4d:40:b1:c6:d9:
cf:76:f1:26:f0:ce:b4:00:70:ff:8a:ad:26:ac:bb:b1:c0:08:
38:dc:e9:03:8e:1a:67:a9:e1:7d:30:15:22:5c:89:89:12:ba:
8d:01:c4:e5:f9:ac:06:ec:6a:3d:b6:de:0e:ee:c8:4c:a2:40:
a2:a1:14:0e:11:21:af:3b:75:67:60:09:6b:ff:db:97:e3:9e:
7f:71:d3:34:1e:99:35:f9:8a:c3:42:42:38:4c:3e:8f:53:e5:
22:91:f5:08:90:ad:c3:99:19:b5:05:56:e2:f7:89:76:a3:d9:
1f:53:6c:e9:5b:98:92:db:26:75:b3:da:93:d5:42:5c:ef:1a:
1f:c2:ff:a3:26:f4:d4:73:41:39:2b:52:cd:8f:31:65:b5:54:
dd:54:bf:67:c8:d5:f9:d5:77:c5:66:41:49:1c:4c:76:b8:22:
f3:d8:c3:8a:f9:52:23:e0:77:e6:c1:5c:56:7a:16:9c:df:6b:
67:eb:77:70
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATcjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTkzOTE2WhcNMjYwMjE5MTkzOTE2WjAYMRYw
FAYDVQQDEw02N2JmNmRlNy1mNWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA31oAO66nylnV8dHBxQBn0UU/wMIEagwtNlTdpXGLvsF4HSerILjLVZfR
GeDocIqYB8A4viEZjwiPUsOr5jZJlgksJMonMnwvn5KdfqHDnNB4agLcWRdIKHyr
E9WnGV/rXbrZ4R3533Q8DTiyfw6nB+/IFHx2dPwApzN8OvnC1YelTBegIzspxLhL
AbROnPIa8YKV8ZPvYfi+FT09v4SYnvL/9e9K2UjXT8Suc67l+pQHlJ7kz7Vqluqu
f+635LWkUyNTk3BKkNPw0/uuLALfSqwG6XkjCU1PA+DtZWBk0kTy5C7W9357qbIp
OHjtnNdiJG6UZFJKp6UrynWwCKidTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB4a
OadVZLx7n3TPIz5HdX5aPD/vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjIyM0ZCQ0Y0NzkxMUVGQkYxMzZCNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPckMA0GCSqGSIb3DQEBCwUA
A4IBAQCEebAROP1QRSftqMGHpV9QiO0MxuRNjbf/wTsNj5sSIpmBu+SZB4y0O9/6
VD11/D9Qs6qJPkqg85v3LJqDtjj8G3JZTUCxxtnPdvEm8M60AHD/iq0mrLuxwAg4
3OkDjhpnqeF9MBUiXImJErqNAcTl+awG7Go9tt4O7shMokCioRQOESGvO3VnYAlr
/9uX455/cdM0Hpk1+YrDQkI4TD6PU+UikfUIkK3DmRm1BVbi94l2o9kfU2zpW5iS
2yZ1s9qT1UJc7xofwv+jJvTUc0E5K1LNjzFltVTdVL9nyNX51XfFZkFJHEx2uCLz
2MOK+VIj4HfmwVxWehac32tn63dw
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:42 2025 by rpki-client