Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D8E724AF43811EFAD276B8F762E951A.roa
File: 7D8E724AF43811EFAD276B8F762E951A.roa (raw, json)
Hash identifier: HsrJ5qXtRWxxFRMkQ9TiB8RDB6JUyQFENE/cNAFOeoA=
Subject key identifier: B3:10:01:42:CA:6B:18:89:C0:AC:DC:21:9D:FF:A3:40:45:12:7A:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013205
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D8E724AF43811EFAD276B8F762E951A.roa
Signing time: Wed 26 Feb 2025 11:54:53 +0000
ROA not before: Wed 26 Feb 2025 11:54:50 +0000
ROA not after: Thu 19 Feb 2026 11:54:50 +0000
asID: 984
IP address blocks: 156.252.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78341 (0x13205)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 11:54:50 2025 GMT
Not After : Feb 19 11:54:50 2026 GMT
Subject: CN=67bf010d-f1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f6:59:38:e1:b6:d8:20:38:60:a8:70:6f:95:
ca:09:00:cd:db:a9:6b:51:54:c2:dd:d9:83:85:66:
c0:d8:2b:f0:ba:81:35:fb:4b:a9:77:63:70:9b:8e:
1a:42:aa:33:96:ef:ed:7e:bb:42:f3:96:b6:95:81:
06:83:ff:f0:41:56:13:5c:10:43:55:1d:57:6c:fc:
0d:52:60:fb:b1:f7:43:62:bd:cf:98:73:a2:09:50:
9d:3b:7c:dd:b8:a4:d3:12:fe:91:bf:98:c1:90:8e:
d2:c8:91:bc:aa:7d:80:de:d5:40:e5:2e:eb:0a:30:
c2:05:bf:06:28:11:d7:50:e7:ba:19:e1:6b:4f:d7:
93:16:51:45:e0:47:15:c9:69:2a:93:31:53:a5:96:
49:6c:39:1c:5f:a1:c0:ab:71:39:f1:cf:7f:9d:bd:
71:15:ba:4a:c3:26:46:0f:44:79:84:6d:10:13:f8:
28:fa:6a:8d:94:70:f5:77:a5:76:80:cf:b7:02:0f:
0e:ee:bc:45:66:64:a3:4e:a5:81:81:67:7f:2b:bc:
77:ff:12:15:c8:77:5e:1f:0a:a5:2e:19:71:15:98:
ac:ef:34:0d:80:2b:15:a1:30:af:59:98:a7:a7:41:
71:a7:e0:aa:89:e8:b4:92:32:f2:2e:9c:15:75:97:
88:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:10:01:42:CA:6B:18:89:C0:AC:DC:21:9D:FF:A3:40:45:12:7A:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D8E724AF43811EFAD276B8F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:4e:90:50:09:0a:5e:70:96:a3:6c:81:73:d7:df:51:26:04:
34:4b:e0:1b:90:15:81:ca:07:eb:52:a7:2e:c1:72:fe:c5:5c:
e5:97:7e:a7:b4:35:c0:49:54:67:13:4e:d2:d0:38:57:58:f1:
99:74:b7:e4:52:ad:0e:2f:2c:48:58:26:74:5d:8d:e4:74:66:
94:62:68:20:e8:1b:55:75:dc:b7:f3:60:23:37:df:7e:f8:9b:
f0:b3:77:88:24:ad:b1:99:4a:3a:8c:0c:c3:6c:46:be:9e:91:
9d:45:75:84:35:b2:c7:ab:08:ea:71:a5:3c:d1:cf:73:b0:be:
07:3d:2a:b0:fc:fe:d0:cc:23:14:66:1e:47:9f:cd:e7:ab:30:
91:10:58:87:e9:97:c0:ed:ff:70:43:f7:1e:08:20:f2:95:84:
fc:6f:67:0d:db:d3:48:ad:3d:85:87:a8:f9:1c:95:20:f6:ff:
12:41:7d:2d:c4:46:21:37:a7:19:c7:9f:d9:92:87:a7:6c:27:
55:f2:ed:11:c4:c1:d1:86:35:2e:65:af:98:23:b5:57:d3:6a:
85:e3:e9:7a:b0:93:05:28:50:ad:bf:46:6b:d7:c1:ff:b7:62:
15:4f:51:c9:16:28:0e:c2:1f:b5:43:d6:e5:92:e6:37:24:6d:
c1:eb:dc:09
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATIFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTE1NDUwWhcNMjYwMjE5MTE1NDUwWjAYMRYw
FAYDVQQDEw02N2JmMDEwZC1mMWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2fZZOOG22CA4YKhwb5XKCQDN26lrUVTC3dmDhWbA2CvwuoE1+0upd2Nw
m44aQqozlu/tfrtC85a2lYEGg//wQVYTXBBDVR1XbPwNUmD7sfdDYr3PmHOiCVCd
O3zduKTTEv6Rv5jBkI7SyJG8qn2A3tVA5S7rCjDCBb8GKBHXUOe6GeFrT9eTFlFF
4EcVyWkqkzFTpZZJbDkcX6HAq3E58c9/nb1xFbpKwyZGD0R5hG0QE/go+mqNlHD1
d6V2gM+3Ag8O7rxFZmSjTqWBgWd/K7x3/xIVyHdeHwqlLhlxFZis7zQNgCsVoTCv
WZinp0Fxp+Cqiei0kjLyLpwVdZeIGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLMQ
AULKaxiJwKzcIZ3/o0BFEnowMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RDhFNzI0QUY0MzgxMUVGQUQyNzZCOEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPx+MA0GCSqGSIb3DQEBCwUA
A4IBAQAKTpBQCQpecJajbIFz199RJgQ0S+AbkBWBygfrUqcuwXL+xVzll36ntDXA
SVRnE07S0DhXWPGZdLfkUq0OLyxIWCZ0XY3kdGaUYmgg6BtVddy382AjN99++Jvw
s3eIJK2xmUo6jAzDbEa+npGdRXWENbLHqwjqcaU80c9zsL4HPSqw/P7QzCMUZh5H
n83nqzCREFiH6ZfA7f9wQ/ceCCDylYT8b2cN29NIrT2Fh6j5HJUg9v8SQX0txEYh
N6cZx5/ZkoenbCdV8u0RxMHRhjUuZa+YI7VX02qF4+l6sJMFKFCtv0Zr18H/t2IV
T1HJFigOwh+1Q9blkuY3JG3B69wJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:24 2025 by rpki-client