Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85BE9FB6FB2811EF8F84A359762E951A.roa
File: 85BE9FB6FB2811EF8F84A359762E951A.roa (raw, json)
Hash identifier: 8OJNYeBcfKp/WoCFNgzYZyOfL16djs7Jzi0PV4mWCeg=
Subject key identifier: A8:A4:08:06:61:47:21:46:30:82:C0:DA:54:F1:4E:0C:D3:A6:91:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0143D0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85BE9FB6FB2811EF8F84A359762E951A.roa
Signing time: Fri 07 Mar 2025 07:48:13 +0000
ROA not before: Fri 07 Mar 2025 07:48:09 +0000
ROA not after: Mon 14 Apr 2025 07:48:09 +0000
asID: 20473
IP address blocks: 156.236.77.0/24 maxlen: 24
156.236.78.0/23 maxlen: 24
156.240.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82896 (0x143d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 7 07:48:09 2025 GMT
Not After : Apr 14 07:48:09 2025 GMT
Subject: CN=67caa4bd-8754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:85:1c:f4:92:dc:bb:48:98:7f:24:44:8f:0f:
ae:9f:c0:65:35:f8:e2:16:c5:95:24:db:d9:b4:47:
d7:14:1e:52:13:fb:21:ea:eb:0f:70:a3:ab:fa:76:
bc:46:d9:51:ad:ed:74:f3:d3:77:08:ea:67:6d:d1:
d6:a4:cf:d4:19:7a:07:41:d4:a6:8c:8e:32:8d:64:
40:b7:b4:36:d2:e0:cb:fe:2a:47:c6:44:b9:2a:e4:
f0:5e:07:88:87:3e:10:5a:03:59:73:a2:22:f0:cf:
1e:47:75:a7:ae:62:74:18:c9:2f:d7:5f:1d:95:71:
0f:3b:8f:6e:09:09:f5:e1:df:cc:a5:20:0e:f1:41:
ca:b8:a2:0b:98:23:1e:b8:19:c8:ee:76:99:b1:91:
78:0e:21:90:dc:6c:43:e3:09:57:f7:7b:d4:4c:81:
f1:ce:07:30:41:86:94:d0:f0:e6:c3:95:41:84:16:
c5:24:78:3b:54:b6:0d:23:04:0f:e3:c5:9d:e6:09:
b8:a0:08:a5:52:df:39:33:d2:23:68:40:ad:20:17:
a4:55:04:11:23:8b:31:de:5a:3b:9f:be:92:d0:1a:
77:9b:ca:39:2f:b7:fb:b1:6e:02:95:08:ea:1b:55:
85:60:70:af:e6:f1:44:79:64:46:26:fb:ec:da:f1:
0b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A4:08:06:61:47:21:46:30:82:C0:DA:54:F1:4E:0C:D3:A6:91:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85BE9FB6FB2811EF8F84A359762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.77.0-156.236.79.255
156.240.98.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:8c:1a:07:64:c2:df:fd:bc:c7:33:3b:7f:58:c0:ec:37:10:
1f:ea:87:ea:1e:e9:ab:35:47:b8:5f:de:eb:0c:80:0f:12:43:
87:0a:1d:87:3a:dc:fe:c1:5e:11:b7:8e:80:18:28:68:16:e2:
8c:31:33:68:13:db:35:4d:a0:d6:62:1d:b4:14:fe:32:4f:b1:
b7:6c:ff:bf:b6:bb:19:02:ab:8a:63:57:2e:22:0f:4c:64:6e:
e7:9d:fd:11:62:da:d0:17:52:fb:ed:c8:39:08:50:44:41:c1:
6e:44:7e:5b:8a:28:4a:22:ad:32:0f:03:a2:f7:4e:9c:84:fb:
3b:b1:08:fd:ee:78:41:2d:4a:dd:f1:99:2c:e2:62:82:3b:4d:
6b:d9:74:9d:f1:9c:15:59:1d:2c:e1:ad:19:d2:b9:60:cd:4f:
f2:18:a4:fd:27:7e:2a:69:9c:6c:77:67:6d:02:90:65:a9:98:
a9:fa:c0:f7:2f:f8:b1:a8:4b:ee:90:50:33:54:f0:b5:f8:8a:
ea:99:10:38:65:a0:e9:96:dc:61:81:6b:4a:30:f9:0d:fe:74:
4e:cc:37:a5:43:61:26:d7:cb:4a:73:64:d8:13:79:1d:e0:c4:
57:fe:ae:19:44:3c:9b:8f:58:8a:54:2c:f7:e1:ba:21:0e:03:
14:51:98:af
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUPQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA3MDc0ODA5WhcNMjUwNDE0MDc0ODA5WjAYMRYw
FAYDVQQDEw02N2NhYTRiZC04NzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmYUc9JLcu0iYfyREjw+un8BlNfjiFsWVJNvZtEfXFB5SE/sh6usPcKOr
+na8RtlRre1089N3COpnbdHWpM/UGXoHQdSmjI4yjWRAt7Q20uDL/ipHxkS5KuTw
XgeIhz4QWgNZc6Ii8M8eR3WnrmJ0GMkv118dlXEPO49uCQn14d/MpSAO8UHKuKIL
mCMeuBnI7naZsZF4DiGQ3GxD4wlX93vUTIHxzgcwQYaU0PDmw5VBhBbFJHg7VLYN
IwQP48Wd5gm4oAilUt85M9IjaECtIBekVQQRI4sx3lo7n76S0Bp3m8o5L7f7sW4C
lQjqG1WFYHCv5vFEeWRGJvvs2vEL0QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFKik
CAZhRyFGMILA2lTxTgzTppGBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NUJFOUZCNkZCMjgxMUVGOEY4NEEzNTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACc7E0DBASc7EADBACc8GIw
DQYJKoZIhvcNAQELBQADggEBAE6MGgdkwt/9vMczO39YwOw3EB/qh+oe6as1R7hf
3usMgA8SQ4cKHYc63P7BXhG3joAYKGgW4owxM2gT2zVNoNZiHbQU/jJPsbds/7+2
uxkCq4pjVy4iD0xkbued/RFi2tAXUvvtyDkIUERBwW5EfluKKEoirTIPA6L3TpyE
+zuxCP3ueEEtSt3xmSziYoI7TWvZdJ3xnBVZHSzhrRnSuWDNT/IYpP0nfippnGx3
Z20CkGWpmKn6wPcv+LGoS+6QUDNU8LX4iuqZEDhloOmW3GGBa0ow+Q3+dE7MN6VD
YSbXy0pzZNgTeR3gxFf+rhlEPJuPWIpULPfhuiEOAxRRmK8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:53 2025 by rpki-client