Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/631A87F0F48D11EFB9C2DD5F762E951A.roa
File: 631A87F0F48D11EFB9C2DD5F762E951A.roa (raw, json)
Hash identifier: O4K05jpqlDbRRb+2mIBLvEfS9qGoA4ZHoE3C/JKOBYo=
Subject key identifier: 4D:4B:EE:EC:49:29:8A:6E:79:C8:59:BE:10:03:8C:8B:41:E3:5A:35
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013809
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/631A87F0F48D11EFB9C2DD5F762E951A.roa
Signing time: Wed 26 Feb 2025 22:02:36 +0000
ROA not before: Wed 26 Feb 2025 22:02:33 +0000
ROA not after: Thu 19 Feb 2026 22:02:33 +0000
asID: 984
IP address blocks: 156.232.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79881 (0x13809)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 22:02:33 2025 GMT
Not After : Feb 19 22:02:33 2026 GMT
Subject: CN=67bf8f7c-66dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b4:0e:6a:1f:2b:2c:fc:e4:b5:ef:81:08:db:
e2:35:73:2f:30:3e:dd:1f:d6:d4:7e:86:01:9e:0d:
0d:dd:e8:97:d5:49:15:cf:7c:40:45:48:06:8f:28:
ce:a7:c7:f4:85:56:1b:b5:63:fc:bf:48:33:37:35:
01:81:09:9d:c0:39:a9:75:d7:bd:45:7f:c7:90:0b:
e0:78:4f:93:58:18:e3:08:67:5c:d1:83:a4:b0:b1:
ba:8e:14:fc:89:69:28:1b:bd:38:06:21:f5:e3:34:
3c:48:a6:6c:a4:5b:37:df:9a:31:3a:f2:5b:94:65:
fb:22:0a:dd:fe:c2:12:b3:60:a9:89:83:25:66:1a:
8b:dc:2d:b8:72:3d:ba:34:20:55:b7:8e:b8:b8:8e:
f0:f3:28:55:74:fb:3d:20:c1:0f:80:1d:b2:70:c7:
b4:1e:f6:46:78:0a:6a:0d:0a:1e:8a:ac:5c:dc:20:
ec:3d:e9:14:e9:c0:4e:3e:2e:25:7d:bb:d8:d3:31:
aa:3a:11:a8:3a:63:49:98:05:5d:95:82:c4:ec:a7:
66:81:cd:e2:81:9d:18:2b:4e:34:77:74:5a:67:36:
12:32:65:7e:fa:20:ec:7b:3f:b8:c2:33:2d:d9:01:
7d:a6:43:6a:3e:f1:89:a0:bf:b3:bf:f1:70:69:63:
83:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4B:EE:EC:49:29:8A:6E:79:C8:59:BE:10:03:8C:8B:41:E3:5A:35
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/631A87F0F48D11EFB9C2DD5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.40.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:75:1d:db:34:c5:e4:43:02:b6:dc:6d:23:13:1d:3e:66:54:
29:fc:d1:6a:dc:d8:a8:09:9f:b7:fd:72:45:dd:db:10:8d:96:
be:ab:27:aa:da:4a:cc:f0:79:48:03:9e:77:75:18:2f:f0:11:
9c:4a:c3:3b:3f:18:f6:c1:f9:18:40:e6:73:3b:fc:f4:7a:ff:
8d:41:78:71:18:7a:99:51:0f:5d:ed:8a:53:38:e1:f6:84:9d:
11:74:ba:18:c0:9b:81:7d:d3:b2:10:6f:c9:7b:66:3e:3a:e0:
49:75:b6:0e:7d:da:d8:91:29:fe:1e:68:3a:de:9c:eb:fc:34:
da:fc:67:58:79:6d:48:99:c3:57:8b:7e:e7:08:dd:5f:ea:41:
61:56:70:64:f0:7b:15:15:1a:16:df:1f:d8:b0:22:5a:42:29:
36:85:9f:48:df:0b:6d:4b:2e:76:7e:21:fa:fa:88:8e:be:17:
ed:ed:f2:1f:97:2f:c8:95:c4:65:4c:38:ac:6a:14:c8:87:51:
33:c2:ae:41:77:49:bf:02:12:33:2c:20:42:b3:f4:f4:58:95:
60:eb:9b:2b:84:68:48:88:6f:fa:ca:48:80:48:9b:ad:e1:e3:
7b:04:37:1b:1b:4a:29:47:32:21:cd:00:f1:eb:e3:79:d5:17:
78:7e:6d:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATgJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MjIwMjMzWhcNMjYwMjE5MjIwMjMzWjAYMRYw
FAYDVQQDEw02N2JmOGY3Yy02NmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyrQOah8rLPzkte+BCNviNXMvMD7dH9bUfoYBng0N3eiX1UkVz3xARUgG
jyjOp8f0hVYbtWP8v0gzNzUBgQmdwDmpdde9RX/HkAvgeE+TWBjjCGdc0YOksLG6
jhT8iWkoG704BiH14zQ8SKZspFs335oxOvJblGX7Igrd/sISs2CpiYMlZhqL3C24
cj26NCBVt464uI7w8yhVdPs9IMEPgB2ycMe0HvZGeApqDQoeiqxc3CDsPekU6cBO
Pi4lfbvY0zGqOhGoOmNJmAVdlYLE7Kdmgc3igZ0YK040d3RaZzYSMmV++iDsez+4
wjMt2QF9pkNqPvGJoL+zv/FwaWODFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE1L
7uxJKYpuechZvhADjItB41o1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MzFBODdGMEY0OEQxMUVGQjlDMkRENUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOgoMA0GCSqGSIb3DQEBCwUA
A4IBAQCqdR3bNMXkQwK23G0jEx0+ZlQp/NFq3NioCZ+3/XJF3dsQjZa+qyeq2krM
8HlIA553dRgv8BGcSsM7Pxj2wfkYQOZzO/z0ev+NQXhxGHqZUQ9d7YpTOOH2hJ0R
dLoYwJuBfdOyEG/Je2Y+OuBJdbYOfdrYkSn+Hmg63pzr/DTa/GdYeW1ImcNXi37n
CN1f6kFhVnBk8HsVFRoW3x/YsCJaQik2hZ9I3wttSy52fiH6+oiOvhft7fIfly/I
lcRlTDisahTIh1Ezwq5Bd0m/AhIzLCBCs/T0WJVg65srhGhIiG/6ykiASJut4eN7
BDcbG0opRzIhzQDx6+N51Rd4fm1G
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:04 2025 by rpki-client