Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66351F82F67B11EFBDB8E8A6762E951A.roa
File: 66351F82F67B11EFBDB8E8A6762E951A.roa (raw, json)
Hash identifier: cSgG15hIBHUKOa/XxvX4dYVZ/gSN0PVWbLQBtNYlFgU=
Subject key identifier: C8:4F:5C:BD:09:19:AC:50:BB:D3:A8:0A:F9:05:CE:AF:7A:43:02:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013FD2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66351F82F67B11EFBDB8E8A6762E951A.roa
Signing time: Sat 01 Mar 2025 08:58:53 +0000
ROA not before: Sat 01 Mar 2025 08:58:49 +0000
ROA not after: Tue 24 Mar 2026 08:58:49 +0000
asID: 13335
IP address blocks: 156.243.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81874 (0x13fd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 1 08:58:49 2025 GMT
Not After : Mar 24 08:58:49 2026 GMT
Subject: CN=67c2cc4d-d600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0b:78:e3:b0:e5:14:3c:da:82:6d:df:02:07:
53:c5:3e:d3:7f:f2:a2:cf:33:2b:69:5a:4d:88:c6:
f7:59:bc:76:ac:2f:b2:f9:48:61:76:2d:a6:d0:65:
11:33:38:2b:60:c9:8f:e5:c3:df:10:20:fc:5c:bd:
4d:de:20:01:d6:0f:02:09:28:7a:63:16:aa:ae:5d:
2b:8f:cc:e7:29:57:ac:9e:b0:ba:5c:b7:7f:35:49:
0c:55:96:9e:16:57:8d:dc:d3:44:19:59:57:69:32:
4e:f3:e3:a6:2e:da:30:3b:18:27:ca:0b:f1:c2:9d:
73:2a:d5:bd:a3:b7:ac:ac:3c:70:ca:3a:2c:be:aa:
ae:78:b5:1a:19:d8:cf:30:43:1b:33:01:2d:b3:d7:
45:b1:15:92:62:e6:c6:7d:e5:75:8f:6e:35:d9:59:
8c:48:a6:6e:ee:3f:37:f3:1a:95:c3:f7:ca:67:f5:
61:4a:b5:7d:7e:3d:75:55:24:61:22:18:42:fc:0b:
8a:35:fd:8a:15:d9:ca:43:d9:9c:7b:5b:c4:36:f1:
8f:7f:76:c3:a2:47:49:84:3e:e9:6a:b4:aa:0e:6f:
f7:ff:9c:06:99:8b:64:3c:6f:af:d5:e7:e8:78:53:
ac:d8:35:41:9d:9e:99:da:c4:59:ab:cb:74:bf:34:
2d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4F:5C:BD:09:19:AC:50:BB:D3:A8:0A:F9:05:CE:AF:7A:43:02:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/66351F82F67B11EFBDB8E8A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.83.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:71:f2:21:53:78:9c:41:b7:ca:a7:a5:ee:47:16:26:cd:8e:
df:0f:0a:b5:7c:6a:16:c7:9b:0b:10:91:aa:0e:59:a1:d4:3a:
1a:e3:9f:1e:ad:05:e9:d1:c7:3e:a7:72:72:c5:4a:de:ec:2b:
7d:2c:0b:92:ef:ff:a4:43:18:78:e9:f6:d8:b4:64:5b:bd:d6:
fe:72:3b:d2:f7:83:28:9b:11:8e:db:c4:1b:ed:1d:7c:8e:98:
bd:e6:6e:95:5b:eb:2b:e3:c8:d5:4b:55:76:06:b6:7e:c3:92:
ab:58:14:cc:c1:7b:f5:3c:29:73:d5:e1:af:29:23:69:31:11:
d5:5d:c3:34:d3:ab:cf:8f:c6:a4:94:e2:e9:37:c4:33:86:ea:
35:88:75:df:4a:88:c4:cb:32:b3:00:7f:99:c4:95:d5:9c:25:
11:53:c6:c6:0a:92:09:37:3a:3b:af:c2:b3:a6:66:34:fd:72:
30:7a:aa:26:f2:61:13:a1:74:0c:56:d1:53:d0:6c:3e:8d:c5:
f2:2d:7c:51:4d:99:1a:f6:fd:9e:03:57:9c:99:cd:77:3c:6e:
2a:e6:86:f2:87:4c:33:30:c7:ab:ea:81:63:83:a5:1c:e3:3c:
0f:a8:8b:5f:1c:3c:a2:e5:67:fb:58:d3:7c:99:63:f9:68:27:
49:a3:03:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT/SMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAxMDg1ODQ5WhcNMjYwMzI0MDg1ODQ5WjAYMRYw
FAYDVQQDEw02N2MyY2M0ZC1kNjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzgt447DlFDzagm3fAgdTxT7Tf/KizzMraVpNiMb3Wbx2rC+y+Uhhdi2m
0GURMzgrYMmP5cPfECD8XL1N3iAB1g8CCSh6Yxaqrl0rj8znKVesnrC6XLd/NUkM
VZaeFleN3NNEGVlXaTJO8+OmLtowOxgnygvxwp1zKtW9o7esrDxwyjosvqqueLUa
GdjPMEMbMwEts9dFsRWSYubGfeV1j2412VmMSKZu7j838xqVw/fKZ/VhSrV9fj11
VSRhIhhC/AuKNf2KFdnKQ9mce1vENvGPf3bDokdJhD7parSqDm/3/5wGmYtkPG+v
1efoeFOs2DVBnZ6Z2sRZq8t0vzQtmwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMhP
XL0JGaxQu9OoCvkFzq96QwKBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NjM1MUY4MkY2N0IxMUVGQkRCOEU4QTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNTMA0GCSqGSIb3DQEBCwUA
A4IBAQBfcfIhU3icQbfKp6XuRxYmzY7fDwq1fGoWx5sLEJGqDlmh1Doa458erQXp
0cc+p3JyxUre7Ct9LAuS7/+kQxh46fbYtGRbvdb+cjvS94MomxGO28Qb7R18jpi9
5m6VW+sr48jVS1V2BrZ+w5KrWBTMwXv1PClz1eGvKSNpMRHVXcM006vPj8aklOLp
N8Qzhuo1iHXfSojEyzKzAH+ZxJXVnCURU8bGCpIJNzo7r8KzpmY0/XIweqom8mET
oXQMVtFT0Gw+jcXyLXxRTZka9v2eA1ecmc13PG4q5obyh0wzMMer6oFjg6Uc4zwP
qItfHDyi5Wf7WNN8mWP5aCdJowOQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:43 2025 by rpki-client