Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/812D5E7CFB3411EFB17B61A7762E951A.roa
File: 812D5E7CFB3411EFB17B61A7762E951A.roa (raw, json)
Hash identifier: 5H3BtCbNTPwW9fpM1F8bHm+9W5IRZvShdSyRkphaS8s=
Subject key identifier: 5A:2C:0C:CC:84:A4:3E:C0:3A:64:06:09:59:E9:A2:86:81:01:A4:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0143FA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/812D5E7CFB3411EFB17B61A7762E951A.roa
Signing time: Fri 07 Mar 2025 09:13:59 +0000
ROA not before: Fri 07 Mar 2025 09:13:56 +0000
ROA not after: Sat 12 Apr 2025 09:13:56 +0000
asID: 44486
IP address blocks: 156.229.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82938 (0x143fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 7 09:13:56 2025 GMT
Not After : Apr 12 09:13:56 2025 GMT
Subject: CN=67cab8d7-235b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8a:bc:08:10:08:7f:bc:61:9b:f3:bf:6a:cf:
5e:ae:3b:81:bf:0e:a5:90:70:5e:1c:bb:16:45:fb:
13:e8:d8:99:79:ee:28:d6:43:94:7a:bf:65:e8:a2:
d0:bd:71:42:34:dd:b5:6a:83:e2:b5:ec:54:ef:fe:
0d:59:af:ac:4e:9c:3f:2a:6e:c9:59:f5:83:72:95:
1a:91:67:63:89:33:5f:c8:b3:4d:d4:35:cf:67:d0:
a3:1d:de:d8:a0:54:2b:38:ed:59:f7:b0:76:ab:bc:
f8:88:ca:a1:b9:76:70:cc:92:c2:f9:a5:89:c0:4e:
12:1a:1c:d5:04:25:70:4b:aa:47:b8:e6:7d:e9:eb:
f6:17:29:37:ef:23:7c:7e:54:b5:73:b7:f4:6c:0e:
0b:3f:d5:e5:2a:7a:42:0f:b9:e7:14:4b:ea:0c:98:
27:c2:97:4e:56:75:e1:ba:3d:13:53:17:9b:3d:0c:
d0:b0:99:c0:25:82:18:d8:7c:81:01:ff:dd:d2:5b:
df:de:d5:92:ff:39:80:dc:63:4e:ec:93:51:4f:0f:
c6:4f:50:a4:10:1b:db:e3:2d:fe:5c:bd:7d:bc:21:
7f:3a:62:01:37:cc:4b:98:46:37:1b:82:45:22:76:
4d:33:35:cb:e5:47:1d:6e:dd:bc:15:02:01:17:6c:
27:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2C:0C:CC:84:A4:3E:C0:3A:64:06:09:59:E9:A2:86:81:01:A4:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/812D5E7CFB3411EFB17B61A7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.28.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:01:99:94:cb:68:35:0a:05:99:2d:a9:69:59:01:14:e6:31:
81:6a:b3:8f:f8:9d:ce:1a:e0:a4:bd:b4:b7:f8:a0:3c:90:65:
de:d9:76:ec:f9:5e:af:c4:23:7f:7f:b3:55:16:f9:71:c8:fc:
12:ba:bc:e0:85:9a:a9:3c:3a:c6:4a:3a:33:98:9c:4e:0e:be:
4a:7a:49:c4:9c:d7:07:f7:93:ef:43:77:f3:fd:7c:5d:89:3e:
4b:01:95:19:fa:50:b3:aa:70:9a:7d:66:4f:88:fc:0c:eb:61:
5a:72:8c:8a:72:0b:45:31:8e:fa:9c:c9:a2:0b:43:77:b1:c1:
b4:57:1a:80:21:eb:fe:1d:96:5f:dd:36:0e:4d:21:20:bc:b9:
1a:ae:f7:ed:4b:b4:f1:05:bf:2b:ea:c6:19:4f:14:8b:db:a2:
1a:37:db:a0:bb:2d:3d:bf:66:79:1e:e5:50:f7:ba:87:8f:ce:
4d:13:3c:40:9d:bc:6f:af:90:77:68:d2:4a:37:8e:74:4d:e9:
eb:55:3a:94:0d:e4:80:c1:d3:fe:1e:e1:1f:8d:0a:1a:22:a2:
d6:53:54:4d:60:4e:f2:a8:a2:ec:57:da:fb:da:00:c9:9a:34:
48:cc:2f:d4:98:b7:8b:90:6b:2b:a9:56:ed:92:ad:0c:e0:11:
9b:d1:76:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUP6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA3MDkxMzU2WhcNMjUwNDEyMDkxMzU2WjAYMRYw
FAYDVQQDEw02N2NhYjhkNy0yMzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuoq8CBAIf7xhm/O/as9erjuBvw6lkHBeHLsWRfsT6NiZee4o1kOUer9l
6KLQvXFCNN21aoPitexU7/4NWa+sTpw/Km7JWfWDcpUakWdjiTNfyLNN1DXPZ9Cj
Hd7YoFQrOO1Z97B2q7z4iMqhuXZwzJLC+aWJwE4SGhzVBCVwS6pHuOZ96ev2Fyk3
7yN8flS1c7f0bA4LP9XlKnpCD7nnFEvqDJgnwpdOVnXhuj0TUxebPQzQsJnAJYIY
2HyBAf/d0lvf3tWS/zmA3GNO7JNRTw/GT1CkEBvb4y3+XL19vCF/OmIBN8xLmEY3
G4JFInZNMzXL5Ucdbt28FQIBF2wn9QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFos
DMyEpD7AOmQGCVnpooaBAaQZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MTJENUU3Q0ZCMzQxMUVGQjE3QjYxQTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOUcMA0GCSqGSIb3DQEBCwUA
A4IBAQAuAZmUy2g1CgWZLalpWQEU5jGBarOP+J3OGuCkvbS3+KA8kGXe2Xbs+V6v
xCN/f7NVFvlxyPwSurzghZqpPDrGSjozmJxODr5KeknEnNcH95PvQ3fz/XxdiT5L
AZUZ+lCzqnCafWZPiPwM62FacoyKcgtFMY76nMmiC0N3scG0VxqAIev+HZZf3TYO
TSEgvLkarvftS7TxBb8r6sYZTxSL26IaN9uguy09v2Z5HuVQ97qHj85NEzxAnbxv
r5B3aNJKN450TenrVTqUDeSAwdP+HuEfjQoaIqLWU1RNYE7yqKLsV9r72gDJmjRI
zC/UmLeLkGsrqVbtkq0M4BGb0XZS
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:30 2025 by rpki-client