Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/826620E0F66A11EF8261E6B6762E951A.roa
File: 826620E0F66A11EF8261E6B6762E951A.roa (raw, json)
Hash identifier: LUQkuiCxZPXWk1io3vIuGFSDqMQAmVmqJp6PtXrcmzI=
Subject key identifier: 92:B1:DA:81:E1:91:1D:7D:A9:8B:7C:BD:7E:B3:04:C0:53:5E:4E:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013F9E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/826620E0F66A11EF8261E6B6762E951A.roa
Signing time: Sat 01 Mar 2025 06:57:59 +0000
ROA not before: Sat 01 Mar 2025 06:57:55 +0000
ROA not after: Sun 01 Mar 2026 06:57:55 +0000
asID: 984
IP address blocks: 156.246.75.0/24 maxlen: 24
156.246.76.0/24 maxlen: 24
156.246.77.0/24 maxlen: 24
156.246.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81822 (0x13f9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 1 06:57:55 2025 GMT
Not After : Mar 1 06:57:55 2026 GMT
Subject: CN=67c2aff7-1846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ca:52:ad:54:01:2f:50:92:73:96:f8:a5:57:
87:f4:cf:0c:bd:6d:b3:98:b7:da:4e:a5:9d:e5:f4:
c4:31:47:d9:4c:62:65:2a:4d:9d:be:46:5c:2c:9e:
69:c2:3f:4b:f5:ae:cc:05:1b:e8:43:d1:d1:65:b2:
d5:0a:d5:d6:ab:c5:73:cf:e3:5b:00:3c:11:43:26:
57:b7:67:44:6f:f5:0d:e4:7f:e6:50:a4:34:1e:f7:
b3:f2:83:14:42:d6:3e:95:ea:7f:80:0d:af:b6:fb:
71:1e:29:8f:2b:64:83:44:b2:8c:2a:17:09:0c:41:
67:d5:a5:c7:46:6c:87:1a:0d:bc:23:6b:b3:99:86:
b6:7c:1d:c6:68:7f:cd:74:0f:bf:49:38:04:19:83:
f2:b9:61:3c:44:01:f2:ef:c7:de:ad:3d:ab:bd:f7:
29:78:fb:36:80:b2:83:a0:3e:bf:6e:e7:07:c5:53:
ba:48:14:2b:f5:41:cf:6a:a4:ba:c5:6b:8b:4c:16:
2f:c0:99:c6:28:bf:92:6f:30:b5:a6:48:df:b4:a7:
0c:b1:ab:13:f2:ad:83:3f:82:09:80:61:9c:e7:c8:
ff:e4:43:83:fb:70:07:47:33:09:a6:d1:24:f8:60:
20:e5:d1:f7:4b:ed:c2:6a:f0:98:36:69:8a:08:9c:
8e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B1:DA:81:E1:91:1D:7D:A9:8B:7C:BD:7E:B3:04:C0:53:5E:4E:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/826620E0F66A11EF8261E6B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.75.0-156.246.78.255
Signature Algorithm: sha256WithRSAEncryption
a3:14:19:59:0a:2d:c6:14:5d:09:28:a8:87:c1:ad:1a:6a:7e:
67:b7:79:7e:6a:8c:8e:93:a3:81:e2:e1:c7:da:50:8e:76:99:
37:9d:36:9f:3b:0d:40:f0:c8:a8:81:bf:31:2b:a4:c2:65:a8:
47:c3:9c:24:da:45:64:c3:e8:13:e3:70:6c:d4:1b:d5:f3:4d:
0f:f3:7e:be:d1:46:c0:63:54:46:3d:c8:1e:25:ee:6a:29:00:
c8:05:03:51:d3:de:ef:e6:07:a7:5f:31:f7:96:7c:4b:01:9f:
7c:65:ce:07:e8:2c:89:93:9f:8d:d1:cf:40:40:20:5e:42:dd:
fe:c3:be:99:95:2d:2c:9e:44:3d:dc:1a:5c:13:70:1f:da:9f:
bb:aa:e9:21:35:8f:c7:c1:ea:de:c1:a3:42:8c:62:df:6a:45:
97:08:66:57:7b:ce:d4:59:e5:77:24:64:8a:51:13:15:48:a1:
1f:ee:a5:63:21:fd:c3:93:79:0d:f3:b1:b1:21:a7:d3:3f:3f:
a1:23:9b:77:98:7a:02:54:2f:07:79:9d:4e:dc:60:06:9b:64:
87:9f:ae:46:fa:2d:05:14:84:7e:11:69:b1:11:09:1f:43:59:
4a:f3:bf:0e:69:cc:ab:8f:90:66:56:51:5a:86:32:9f:16:a4:
76:9b:30:d3
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAT+eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAxMDY1NzU1WhcNMjYwMzAxMDY1NzU1WjAYMRYw
FAYDVQQDEw02N2MyYWZmNy0xODQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzspSrVQBL1CSc5b4pVeH9M8MvW2zmLfaTqWd5fTEMUfZTGJlKk2dvkZc
LJ5pwj9L9a7MBRvoQ9HRZbLVCtXWq8Vzz+NbADwRQyZXt2dEb/UN5H/mUKQ0Hvez
8oMUQtY+lep/gA2vtvtxHimPK2SDRLKMKhcJDEFn1aXHRmyHGg28I2uzmYa2fB3G
aH/NdA+/STgEGYPyuWE8RAHy78ferT2rvfcpePs2gLKDoD6/bucHxVO6SBQr9UHP
aqS6xWuLTBYvwJnGKL+SbzC1pkjftKcMsasT8q2DP4IJgGGc58j/5EOD+3AHRzMJ
ptEk+GAg5dH3S+3CavCYNmmKCJyOWwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJKx
2oHhkR19qYt8vX6zBMBTXk6QMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MjY2MjBFMEY2NkExMUVGODI2MUU2QjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc9ksDBACc9k4wDQYJKoZI
hvcNAQELBQADggEBAKMUGVkKLcYUXQkoqIfBrRpqfme3eX5qjI6To4Hi4cfaUI52
mTedNp87DUDwyKiBvzErpMJlqEfDnCTaRWTD6BPjcGzUG9XzTQ/zfr7RRsBjVEY9
yB4l7mopAMgFA1HT3u/mB6dfMfeWfEsBn3xlzgfoLImTn43Rz0BAIF5C3f7DvpmV
LSyeRD3cGlwTcB/an7uq6SE1j8fB6t7Bo0KMYt9qRZcIZld7ztRZ5XckZIpRExVI
oR/upWMh/cOTeQ3zsbEhp9M/P6Ejm3eYegJULwd5nU7cYAabZIefrkb6LQUUhH4R
abERCR9DWUrzvw5pzKuPkGZWUVqGMp8WpHabMNM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:41 2025 by rpki-client