Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88DE83D8F41F11EFAFA02E60762E951A.roa
File: 88DE83D8F41F11EFAFA02E60762E951A.roa (raw, json)
Hash identifier: EV5ffTBYWas+a9YiCcTtf2eK91t4hWCiHNokFuJxIl4=
Subject key identifier: 5C:D8:40:F1:EA:4C:90:35:F7:32:DE:16:D5:0E:0A:BD:C1:5C:20:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013036
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88DE83D8F41F11EFAFA02E60762E951A.roa
Signing time: Wed 26 Feb 2025 08:56:15 +0000
ROA not before: Wed 26 Feb 2025 08:56:11 +0000
ROA not after: Thu 19 Feb 2026 08:56:11 +0000
asID: 984
IP address blocks: 156.252.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77878 (0x13036)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 08:56:11 2025 GMT
Not After : Feb 19 08:56:11 2026 GMT
Subject: CN=67bed72f-8e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e5:28:6f:34:bc:cd:09:6a:71:04:95:76:1f:
8f:c6:e2:c9:3f:1f:2a:1e:a8:c0:18:0a:34:2b:7e:
71:ba:b9:e7:12:10:fb:8c:4b:5d:46:60:ad:83:36:
0b:8c:41:4d:33:c8:62:9c:b9:73:54:e6:be:c4:ba:
48:ce:f5:b4:12:e1:6d:90:7f:7c:e6:24:1c:70:1a:
ad:d2:95:ac:52:4c:16:32:27:db:7d:24:20:51:55:
26:06:30:84:6d:7b:61:9b:73:2f:f4:41:a7:54:9c:
4b:7a:d5:5f:6e:44:94:d1:ea:52:73:d8:37:5e:82:
cc:52:10:99:ea:1f:c2:e7:a3:cc:15:93:e4:db:b6:
f5:cc:91:65:5f:a0:8d:85:28:f9:f7:3e:ec:da:95:
19:22:20:c6:0b:be:d1:aa:ad:12:18:92:ba:0e:67:
13:1e:65:47:86:2b:70:df:e8:b4:02:46:f5:2b:7a:
a8:ba:dd:46:d5:67:2a:cc:19:e2:29:76:a1:d7:a0:
a8:f5:6f:3b:16:97:2d:37:2a:4c:3b:b3:f4:cc:a2:
4f:bb:2a:1b:f1:2a:07:e0:f7:eb:d6:11:6f:f6:5c:
55:0f:1c:a2:6a:50:de:f1:5d:57:80:62:64:e2:24:
be:4d:32:91:71:2d:e2:95:09:3f:94:cd:76:63:91:
09:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D8:40:F1:EA:4C:90:35:F7:32:DE:16:D5:0E:0A:BD:C1:5C:20:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/88DE83D8F41F11EFAFA02E60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.36.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:da:0d:16:02:06:de:ff:83:7d:da:2f:4c:80:f2:92:1e:32:
ff:24:e4:e8:9d:42:8f:07:33:d4:0e:47:e0:1d:af:5b:d8:cc:
c7:00:d0:27:1a:2f:d9:ba:34:07:6d:68:c8:af:cf:13:b1:6f:
29:c6:9e:95:40:76:11:38:a9:a6:38:d6:c7:73:01:c3:d1:f5:
9c:dd:96:89:d4:b3:9f:c8:58:6d:72:ef:11:09:f7:f7:74:ea:
76:61:7e:a3:e7:ca:2e:bf:b9:39:13:11:4b:0a:b6:bf:0b:4d:
8f:ff:ea:ec:97:4b:35:00:08:b2:a7:89:5a:da:a9:b0:c6:1b:
4f:07:fd:c3:fb:13:c3:8b:dc:bc:47:57:91:10:14:d6:dc:33:
74:b3:a1:52:87:00:d9:32:da:b9:73:1a:df:2b:3e:03:9e:5e:
2f:2b:7e:fa:12:ac:b8:9d:f1:fe:44:f2:2f:c3:1b:73:f0:d7:
8d:a9:8b:5b:3c:f3:83:18:db:36:d3:71:53:da:9b:88:4e:cb:
a8:32:22:87:75:16:ee:43:b4:76:bc:26:4a:00:da:1a:86:93:
53:5f:47:98:bb:26:de:79:55:0a:6c:1f:83:ae:1e:42:d7:b2:
cc:11:7c:3d:ae:7e:8d:cb:a4:8d:fc:af:f7:70:76:c5:85:f7:
ce:e5:f8:37
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATA2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDg1NjExWhcNMjYwMjE5MDg1NjExWjAYMRYw
FAYDVQQDEw02N2JlZDcyZi04ZTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvuUobzS8zQlqcQSVdh+PxuLJPx8qHqjAGAo0K35xurnnEhD7jEtdRmCt
gzYLjEFNM8hinLlzVOa+xLpIzvW0EuFtkH985iQccBqt0pWsUkwWMifbfSQgUVUm
BjCEbXthm3Mv9EGnVJxLetVfbkSU0epSc9g3XoLMUhCZ6h/C56PMFZPk27b1zJFl
X6CNhSj59z7s2pUZIiDGC77Rqq0SGJK6DmcTHmVHhitw3+i0Akb1K3qout1G1Wcq
zBniKXah16Co9W87FpctNypMO7P0zKJPuyob8SoH4Pfr1hFv9lxVDxyialDe8V1X
gGJk4iS+TTKRcS3ilQk/lM12Y5EJMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFzY
QPHqTJA19zLeFtUOCr3BXCDyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84OERFODNEOEY0MUYxMUVGQUZBMDJFNjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwkMA0GCSqGSIb3DQEBCwUA
A4IBAQCp2g0WAgbe/4N92i9MgPKSHjL/JOTonUKPBzPUDkfgHa9b2MzHANAnGi/Z
ujQHbWjIr88TsW8pxp6VQHYROKmmONbHcwHD0fWc3ZaJ1LOfyFhtcu8RCff3dOp2
YX6j58ouv7k5ExFLCra/C02P/+rsl0s1AAiyp4la2qmwxhtPB/3D+xPDi9y8R1eR
EBTW3DN0s6FShwDZMtq5cxrfKz4Dnl4vK376Eqy4nfH+RPIvwxtz8NeNqYtbPPOD
GNs203FT2puITsuoMiKHdRbuQ7R2vCZKANoahpNTX0eYuybeeVUKbB+Drh5C17LM
EXw9rn6Ny6SN/K/3cHbFhffO5fg3
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:24:53 2025 by rpki-client