Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7FA9E84CF46B11EF8EA47C74762E951A.roa
File: 7FA9E84CF46B11EF8EA47C74762E951A.roa (raw, json)
Hash identifier: 56p5SrLKKbtTs7cYtA2Z5lsTAEKkGXN6Z0WTyempdSk=
Subject key identifier: 3A:F4:DD:40:C1:31:87:13:36:75:54:97:74:43:04:87:A8:DE:97:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013607
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7FA9E84CF46B11EF8EA47C74762E951A.roa
Signing time: Wed 26 Feb 2025 18:00:01 +0000
ROA not before: Wed 26 Feb 2025 17:59:58 +0000
ROA not after: Thu 19 Feb 2026 17:59:58 +0000
asID: 984
IP address blocks: 156.228.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79367 (0x13607)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 17:59:58 2025 GMT
Not After : Feb 19 17:59:58 2026 GMT
Subject: CN=67bf56a1-48e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:4f:8a:31:d4:34:9b:7c:9f:44:9f:97:d3:
f9:6d:5d:ab:c4:ef:c7:96:bf:3c:33:86:80:43:d7:
e3:e8:10:15:d3:a1:3d:27:2c:dc:a4:85:a2:ed:73:
8c:a4:fd:df:13:1b:06:b6:93:a0:46:94:38:b5:1d:
47:c8:ab:43:03:70:78:db:9f:c3:22:a1:5c:a9:76:
d0:a4:e1:e4:78:82:57:24:86:b4:4b:af:f0:b9:2b:
1d:03:4d:96:20:6d:3d:59:0c:52:d2:9d:e8:24:24:
b8:bb:71:25:9c:09:9e:03:b8:12:f5:1d:01:db:a8:
b9:c0:db:97:0c:a8:e9:89:f7:0e:34:e5:2f:29:92:
b0:40:15:e5:12:ab:8f:23:cf:60:67:8e:ad:2b:8b:
5c:55:b7:51:3f:7f:8a:0a:d8:54:81:c1:06:14:bf:
0a:24:72:11:20:ff:2e:fd:6c:0c:46:98:1f:9b:61:
d9:bc:74:91:4a:ff:8b:ae:de:65:58:e8:31:85:d4:
9e:f8:15:a4:24:8d:34:86:87:49:22:c4:ee:59:84:
89:3a:5f:52:d9:0a:2e:3a:a2:54:7b:d2:95:e8:dc:
5c:ab:3b:c4:3d:4a:93:af:3b:b3:be:65:6a:0f:55:
6d:1c:c5:a2:55:6f:d1:c8:3d:b3:3c:a8:c0:2f:26:
87:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F4:DD:40:C1:31:87:13:36:75:54:97:74:43:04:87:A8:DE:97:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7FA9E84CF46B11EF8EA47C74762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.137.0/24
Signature Algorithm: sha256WithRSAEncryption
67:02:00:6b:12:d7:09:7f:ca:40:4d:3c:64:20:a2:59:89:a1:
82:03:ff:81:cc:07:69:e1:8a:36:c8:ea:c4:99:67:37:0e:7b:
71:bc:88:1d:86:05:3b:d2:c7:82:88:ae:fc:52:6f:7a:53:9a:
9f:aa:b4:53:d5:59:f6:48:5b:4a:7c:88:73:a2:4d:a7:5e:ac:
d4:34:35:e3:e1:57:f7:8c:62:d0:25:2f:c9:32:ac:6f:b5:40:
03:4c:31:4e:73:2a:f1:83:8c:b6:f7:ae:be:e1:c9:45:ad:d0:
e6:5c:4e:e9:b3:5b:0b:93:54:96:b4:07:a5:35:97:8d:a0:e3:
b5:b5:af:e9:0c:6a:f1:f5:38:4d:e3:dd:3d:7b:fc:17:d1:c5:
55:8b:fe:e4:fc:aa:2f:bb:f0:10:41:61:5e:55:ef:65:d1:e0:
10:c0:88:d6:1c:0e:64:46:b7:87:04:46:21:e5:77:eb:6b:c4:
a7:fe:e9:75:c0:54:4a:7d:45:8b:26:01:fd:61:93:ba:a3:d1:
e7:97:1a:76:c1:25:90:4e:99:88:98:0a:f6:29:8c:2c:da:83:
9b:e8:68:d0:b6:2b:3d:2a:e6:57:8e:da:21:64:b0:63:a8:7c:
4f:6d:05:6d:76:f6:ee:78:89:0a:d7:b4:03:a6:7d:23:06:0c:
5c:68:80:76
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATYHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTc1OTU4WhcNMjYwMjE5MTc1OTU4WjAYMRYw
FAYDVQQDEw02N2JmNTZhMS00OGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvZBPijHUNJt8n0Sfl9P5bV2rxO/Hlr88M4aAQ9fj6BAV06E9JyzcpIWi
7XOMpP3fExsGtpOgRpQ4tR1HyKtDA3B425/DIqFcqXbQpOHkeIJXJIa0S6/wuSsd
A02WIG09WQxS0p3oJCS4u3ElnAmeA7gS9R0B26i5wNuXDKjpifcONOUvKZKwQBXl
EquPI89gZ46tK4tcVbdRP3+KCthUgcEGFL8KJHIRIP8u/WwMRpgfm2HZvHSRSv+L
rt5lWOgxhdSe+BWkJI00hodJIsTuWYSJOl9S2QouOqJUe9KV6NxcqzvEPUqTrzuz
vmVqD1VtHMWiVW/RyD2zPKjALyaHuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDr0
3UDBMYcTNnVUl3RDBIeo3pcNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RkE5RTg0Q0Y0NkIxMUVGOEVBNDdDNzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOSJMA0GCSqGSIb3DQEBCwUA
A4IBAQBnAgBrEtcJf8pATTxkIKJZiaGCA/+BzAdp4Yo2yOrEmWc3DntxvIgdhgU7
0seCiK78Um96U5qfqrRT1Vn2SFtKfIhzok2nXqzUNDXj4Vf3jGLQJS/JMqxvtUAD
TDFOcyrxg4y2966+4clFrdDmXE7ps1sLk1SWtAelNZeNoOO1ta/pDGrx9ThN4909
e/wX0cVVi/7k/Kovu/AQQWFeVe9l0eAQwIjWHA5kRreHBEYh5Xfra8Sn/ul1wFRK
fUWLJgH9YZO6o9Hnlxp2wSWQTpmImAr2KYws2oOb6GjQtis9KuZXjtohZLBjqHxP
bQVtdvbueIkK17QDpn0jBgxcaIB2
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:36 2025 by rpki-client