Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B7F44BAF80311EF880C7D8A762E951A.roa
File: 7B7F44BAF80311EF880C7D8A762E951A.roa (raw, json)
Hash identifier: XRneWcY8bU/eCgrFvntkVD4anG5lZ+C7eiatbfWpftc=
Subject key identifier: 92:DB:2A:92:B9:1A:B3:2D:7A:F2:51:64:14:EA:F3:DB:5D:09:F6:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0140BD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B7F44BAF80311EF880C7D8A762E951A.roa
Signing time: Mon 03 Mar 2025 07:45:31 +0000
ROA not before: Mon 03 Mar 2025 07:45:27 +0000
ROA not after: Mon 21 Apr 2025 07:45:27 +0000
asID: 63139
IP address blocks: 156.227.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82109 (0x140bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 3 07:45:27 2025 GMT
Not After : Apr 21 07:45:27 2025 GMT
Subject: CN=67c55e1b-855b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e7:f7:a1:c3:ab:9e:93:3c:37:03:97:76:53:
65:a6:c2:9b:d7:3a:0c:b1:41:ce:42:ee:5d:5c:cc:
04:92:10:59:39:b9:31:84:f5:8b:4e:b7:1e:ba:3d:
10:a9:c3:a4:b6:41:fe:26:33:66:04:1b:41:1b:19:
21:5d:95:68:02:bc:ac:99:87:79:92:dc:2f:c5:ab:
de:9e:0b:8c:59:b1:0f:49:51:59:29:4a:09:15:c5:
f6:a1:86:ac:c6:bf:e5:c3:f9:f5:8d:e6:d6:13:91:
55:9d:b9:9d:28:61:7b:d9:68:63:e1:52:28:61:2b:
c7:d9:40:80:1b:45:07:f9:ff:83:b0:d3:45:ee:7d:
1f:09:39:5b:e5:d6:cd:43:aa:a8:95:30:2e:76:fd:
73:ed:4a:d6:8e:4b:58:3c:2a:b2:3e:b9:72:ec:72:
a4:9b:21:2e:bd:2f:5c:f8:b1:a9:05:09:63:8d:68:
4c:0e:7b:65:a5:6c:b5:0d:71:b5:58:7b:d7:f1:57:
d3:28:fd:23:b7:56:2a:c0:a0:e3:a6:34:ca:01:d6:
84:e0:fa:0e:43:87:04:be:97:07:3b:cc:08:9f:82:
14:0c:13:63:61:f3:6f:61:6e:53:77:be:ba:e3:89:
49:11:6e:67:6f:0c:8e:22:30:86:a6:83:5f:ea:f4:
6e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DB:2A:92:B9:1A:B3:2D:7A:F2:51:64:14:EA:F3:DB:5D:09:F6:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B7F44BAF80311EF880C7D8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.252.0/22
Signature Algorithm: sha256WithRSAEncryption
70:5d:fa:de:7e:a0:1a:47:51:d1:31:6c:fa:da:55:02:c5:76:
8f:d5:16:b8:c9:a0:36:18:1f:99:77:d9:c0:75:7b:c7:98:2b:
08:6e:d4:47:34:d2:fa:b0:74:87:6b:74:c5:be:d4:e2:d3:fd:
49:69:9f:b5:3b:ab:08:e8:c8:a5:e9:99:55:c1:21:c1:25:59:
02:98:14:7b:c3:1f:d4:2a:f1:84:16:0d:2e:bd:33:4a:2d:cc:
0c:5d:d2:44:21:75:60:38:e3:cf:58:2b:75:ce:ba:a6:64:4f:
c0:cf:2f:65:04:83:bb:67:f2:a4:f8:ff:6e:2e:86:bd:b0:ef:
9c:cc:95:0a:6d:47:c4:1c:d6:89:69:b8:f6:cc:3c:8f:15:87:
04:e6:83:4a:64:0b:96:64:d2:82:a6:64:08:b6:ff:15:74:8c:
2b:f5:02:37:7e:be:a6:cb:1f:50:17:71:7e:7f:5f:bb:9a:36:
22:6b:a4:a0:cd:8e:02:53:cc:b9:d8:10:54:08:d7:6c:81:cd:
fc:82:7b:63:d6:da:fa:db:b1:1d:f0:a5:60:15:24:9e:f7:1e:
ec:6e:5e:5e:07:05:73:35:ee:7a:06:d3:9d:39:66:d7:bb:0c:
e1:79:29:d6:f1:c0:01:75:c0:03:88:da:f0:55:fc:9b:1f:64:
a4:a2:d7:84
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUC9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAzMDc0NTI3WhcNMjUwNDIxMDc0NTI3WjAYMRYw
FAYDVQQDEw02N2M1NWUxYi04NTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwuf3ocOrnpM8NwOXdlNlpsKb1zoMsUHOQu5dXMwEkhBZObkxhPWLTrce
uj0QqcOktkH+JjNmBBtBGxkhXZVoArysmYd5ktwvxavenguMWbEPSVFZKUoJFcX2
oYasxr/lw/n1jebWE5FVnbmdKGF72Whj4VIoYSvH2UCAG0UH+f+DsNNF7n0fCTlb
5dbNQ6qolTAudv1z7UrWjktYPCqyPrly7HKkmyEuvS9c+LGpBQljjWhMDntlpWy1
DXG1WHvX8VfTKP0jt1YqwKDjpjTKAdaE4PoOQ4cEvpcHO8wIn4IUDBNjYfNvYW5T
d76644lJEW5nbwyOIjCGpoNf6vRuKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJLb
KpK5GrMtevJRZBTq89tdCfZnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QjdGNDRCQUY4MDMxMUVGODgwQzdEOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOP8MA0GCSqGSIb3DQEBCwUA
A4IBAQBwXfrefqAaR1HRMWz62lUCxXaP1Ra4yaA2GB+Zd9nAdXvHmCsIbtRHNNL6
sHSHa3TFvtTi0/1JaZ+1O6sI6Mil6ZlVwSHBJVkCmBR7wx/UKvGEFg0uvTNKLcwM
XdJEIXVgOOPPWCt1zrqmZE/Azy9lBIO7Z/Kk+P9uLoa9sO+czJUKbUfEHNaJabj2
zDyPFYcE5oNKZAuWZNKCpmQItv8VdIwr9QI3fr6myx9QF3F+f1+7mjYia6SgzY4C
U8y52BBUCNdsgc38gntj1tr627Ed8KVgFSSe9x7sbl5eBwVzNe56BtOdOWbXuwzh
eSnW8cABdcADiNrwVfybH2SkoteE
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:04 2025 by rpki-client