Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BAF7C8AF42E11EF9920654B762E951A.roa
File: 7BAF7C8AF42E11EF9920654B762E951A.roa (raw, json)
Hash identifier: Pnafve57zKpj3WrJq3Pgk9/kv6wr3ejghH1uSfyo5Vo=
Subject key identifier: 01:06:BA:78:2B:E1:80:88:E8:A0:96:01:08:58:89:0D:55:13:8A:EC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013151
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BAF7C8AF42E11EF9920654B762E951A.roa
Signing time: Wed 26 Feb 2025 10:43:15 +0000
ROA not before: Wed 26 Feb 2025 10:43:12 +0000
ROA not after: Thu 19 Feb 2026 10:43:12 +0000
asID: 984
IP address blocks: 156.245.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78161 (0x13151)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:43:12 2025 GMT
Not After : Feb 19 10:43:12 2026 GMT
Subject: CN=67bef043-e013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f0:fe:7b:86:9f:85:78:19:28:1d:8e:4a:e9:
4a:9a:82:31:76:75:0f:79:ee:de:cf:50:f5:28:d1:
fa:a7:29:a8:f7:7b:7e:a3:d0:0c:24:02:5f:49:a8:
e8:bc:a2:d9:3e:17:a8:6b:a8:02:ce:14:f8:55:fc:
27:0c:2a:1b:88:c3:52:18:51:a0:c2:c0:ee:38:44:
3e:91:95:38:7a:25:ce:69:f5:15:7a:41:12:d3:bb:
84:b2:98:d3:a6:e1:a9:c5:77:9f:e9:68:c7:7c:85:
30:8d:41:06:ed:17:4c:db:b6:cd:e1:90:0c:78:c2:
c2:56:c1:8c:8c:61:64:88:23:de:c7:08:a4:b1:cd:
56:b8:19:d1:40:c7:1d:83:a3:8a:fe:05:dd:26:b0:
e3:89:1a:9e:51:73:29:2b:b9:9f:e5:80:09:10:22:
69:ee:7e:40:ed:39:84:68:71:32:64:02:90:9c:27:
69:d4:9e:7a:97:e7:a0:a8:1b:cb:db:e0:c1:13:33:
79:16:34:21:b1:d3:23:69:03:dd:d2:4a:83:47:b4:
79:9f:8d:15:c1:51:16:0e:44:98:06:ec:ac:52:c5:
14:c8:44:25:23:91:e8:87:85:96:06:68:ea:6a:4f:
49:d6:a8:5a:ef:98:89:18:d8:da:68:32:d1:3f:46:
1e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:06:BA:78:2B:E1:80:88:E8:A0:96:01:08:58:89:0D:55:13:8A:EC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BAF7C8AF42E11EF9920654B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.127.0/24
Signature Algorithm: sha256WithRSAEncryption
43:93:c6:63:61:e6:47:1e:1b:32:74:44:5f:24:af:3f:af:1c:
bf:e9:fb:7b:db:59:9e:5e:dd:3b:a0:35:ad:2b:fa:49:95:6f:
ee:56:06:f7:71:da:79:27:ce:5f:eb:2d:20:19:1f:c7:b4:54:
a3:2f:ce:a6:e9:3a:16:78:0d:10:52:af:02:2c:b6:b2:a2:31:
f1:92:62:9b:a6:4b:2d:bb:08:53:7e:7f:dc:c3:a2:01:92:27:
28:67:c5:31:66:86:e4:aa:f9:54:d9:cc:67:10:64:76:36:71:
1f:20:70:00:c4:66:8b:e9:5a:22:24:e5:5c:63:cc:f6:43:95:
e9:1b:b8:4a:45:5c:18:72:e4:a1:16:ed:70:56:cc:72:97:83:
55:a9:1f:5b:c0:de:fe:73:d2:62:74:8c:a6:5e:f7:1c:5e:34:
26:64:bf:97:98:5e:8c:09:93:0f:44:52:68:d9:ef:68:b8:ee:
16:f1:54:7a:3e:dc:ed:00:aa:a6:21:ef:0d:93:58:0b:12:a6:
60:47:7c:29:37:99:1e:b5:30:60:a3:b9:3d:99:46:3d:46:11:
9b:85:ea:80:6b:23:13:0e:db:2b:48:f0:7b:bc:49:1f:f8:9e:
da:ca:26:b3:fd:18:5d:24:06:ca:4e:d8:b1:c7:91:5f:b4:fd:
40:b5:7f:72
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATFRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTA0MzEyWhcNMjYwMjE5MTA0MzEyWjAYMRYw
FAYDVQQDEw02N2JlZjA0My1lMDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtfD+e4afhXgZKB2OSulKmoIxdnUPee7ez1D1KNH6pymo93t+o9AMJAJf
SajovKLZPheoa6gCzhT4VfwnDCobiMNSGFGgwsDuOEQ+kZU4eiXOafUVekES07uE
spjTpuGpxXef6WjHfIUwjUEG7RdM27bN4ZAMeMLCVsGMjGFkiCPexwiksc1WuBnR
QMcdg6OK/gXdJrDjiRqeUXMpK7mf5YAJECJp7n5A7TmEaHEyZAKQnCdp1J56l+eg
qBvL2+DBEzN5FjQhsdMjaQPd0kqDR7R5n40VwVEWDkSYBuysUsUUyEQlI5Hoh4WW
Bmjqak9J1qha75iJGNjaaDLRP0YeyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAEG
ungr4YCI6KCWAQhYiQ1VE4rsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QkFGN0M4QUY0MkUxMUVGOTkyMDY1NEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPV/MA0GCSqGSIb3DQEBCwUA
A4IBAQBDk8ZjYeZHHhsydERfJK8/rxy/6ft721meXt07oDWtK/pJlW/uVgb3cdp5
J85f6y0gGR/HtFSjL86m6ToWeA0QUq8CLLayojHxkmKbpkstuwhTfn/cw6IBkico
Z8UxZobkqvlU2cxnEGR2NnEfIHAAxGaL6VoiJOVcY8z2Q5XpG7hKRVwYcuShFu1w
Vsxyl4NVqR9bwN7+c9JidIymXvccXjQmZL+XmF6MCZMPRFJo2e9ouO4W8VR6Ptzt
AKqmIe8Nk1gLEqZgR3wpN5ketTBgo7k9mUY9RhGbheqAayMTDtsrSPB7vEkf+J7a
yiaz/RhdJAbKTtixx5FftP1AtX9y
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:00 2025 by rpki-client