Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/89A829C2F44211EFB6A25959762E951A.roa
File: 89A829C2F44211EFB6A25959762E951A.roa (raw, json)
Hash identifier: cz1I/kFtocA0nI/CeVANP1fLUBkjOpMBP2ooLzrqTSQ=
Subject key identifier: 01:D1:57:E4:08:CE:DF:29:44:71:AA:D8:2B:68:B0:0C:AB:D2:91:39
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0132EA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/89A829C2F44211EFB6A25959762E951A.roa
Signing time: Wed 26 Feb 2025 13:06:49 +0000
ROA not before: Wed 26 Feb 2025 13:06:45 +0000
ROA not after: Thu 19 Feb 2026 13:06:45 +0000
asID: 984
IP address blocks: 156.252.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78570 (0x132ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 13:06:45 2025 GMT
Not After : Feb 19 13:06:45 2026 GMT
Subject: CN=67bf11e9-21b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:79:ef:10:f1:1e:d1:1e:62:e6:4b:01:82:71:
f0:22:3a:51:ac:37:bf:70:11:9f:72:8c:25:84:0b:
37:cc:24:0e:de:ba:3c:c1:e1:eb:dc:72:3b:5d:9d:
d9:fc:56:5d:ad:b6:d5:1c:3d:89:aa:b0:86:1e:c2:
60:e0:e4:b0:e7:cb:0f:b9:4e:aa:3a:b7:b4:a9:6c:
08:be:1d:57:40:cb:72:6c:f8:33:eb:3b:2e:1e:0d:
80:b8:d9:a4:5b:80:d0:6d:c5:2d:3a:6c:fa:a6:85:
c7:b2:b8:06:e3:b1:d5:75:82:56:83:e1:fa:69:e2:
51:4c:87:77:38:e7:3f:04:7a:78:4c:73:bb:84:b0:
be:0e:af:37:b8:ea:ac:62:23:9a:55:ad:a9:5d:dc:
6d:bc:94:59:48:ba:21:f8:c2:6f:46:7f:00:82:0b:
43:c4:1a:b1:89:85:13:12:9f:7f:1b:d5:78:15:2e:
47:95:cb:0a:f1:3d:a2:1e:de:a5:17:c3:ac:19:a4:
02:19:3d:2c:01:f5:bc:fc:65:40:1f:a1:eb:a6:09:
de:08:01:b9:87:d6:0f:69:32:63:8a:01:d8:e1:19:
5c:01:79:5a:99:10:19:cb:6e:19:38:a0:ae:ec:fb:
f7:99:4c:3c:7e:ad:2f:4b:6f:08:59:07:02:dc:95:
2e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D1:57:E4:08:CE:DF:29:44:71:AA:D8:2B:68:B0:0C:AB:D2:91:39
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/89A829C2F44211EFB6A25959762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.160.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:df:64:89:20:ea:76:b4:15:de:3a:74:73:01:9f:95:03:25:
1f:b5:59:8b:84:8f:84:0e:d1:b2:4e:91:d4:fe:53:c4:95:94:
fa:0c:8d:b3:d0:98:a1:d3:3c:1e:a4:ac:ae:2a:a8:7d:60:59:
31:80:4e:55:88:5c:19:9f:f6:6a:f4:ad:4f:88:30:94:74:a7:
c6:bc:d0:d9:34:cd:f5:a4:b5:0f:26:64:81:c3:3b:74:4c:d3:
4c:d1:de:68:c3:d4:82:ec:88:99:8f:bb:91:46:18:65:e6:3e:
52:9f:63:49:06:3a:9b:a2:88:af:ab:0f:36:b6:ef:83:9d:62:
e2:0f:2f:5c:41:d5:a3:49:9a:2d:da:40:d8:c9:46:fd:96:65:
2f:af:23:be:b7:54:12:37:11:e2:52:aa:71:53:bf:83:27:e7:
42:18:8a:1b:02:c8:08:8d:59:1a:99:f9:c6:81:5b:e6:48:9d:
4b:50:d9:0c:d6:3b:f7:f0:59:d9:e0:d1:4f:7a:08:44:6e:fa:
fd:d7:41:d8:40:49:aa:31:a9:e7:99:7e:9b:0a:a1:aa:1b:0d:
f7:db:ad:28:bc:c5:d4:8f:c7:f0:46:b2:a0:0b:46:44:4b:e6:
63:69:fe:dd:0d:77:93:0e:7b:f1:ca:cc:21:0c:72:82:15:0a:
47:fd:8f:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATLqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTMwNjQ1WhcNMjYwMjE5MTMwNjQ1WjAYMRYw
FAYDVQQDEw02N2JmMTFlOS0yMWI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx3nvEPEe0R5i5ksBgnHwIjpRrDe/cBGfcowlhAs3zCQO3ro8weHr3HI7
XZ3Z/FZdrbbVHD2JqrCGHsJg4OSw58sPuU6qOre0qWwIvh1XQMtybPgz6zsuHg2A
uNmkW4DQbcUtOmz6poXHsrgG47HVdYJWg+H6aeJRTId3OOc/BHp4THO7hLC+Dq83
uOqsYiOaVa2pXdxtvJRZSLoh+MJvRn8AggtDxBqxiYUTEp9/G9V4FS5HlcsK8T2i
Ht6lF8OsGaQCGT0sAfW8/GVAH6HrpgneCAG5h9YPaTJjigHY4RlcAXlamRAZy24Z
OKCu7Pv3mUw8fq0vS28IWQcC3JUuWQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAHR
V+QIzt8pRHGq2CtosAyr0pE5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84OUE4MjlDMkY0NDIxMUVGQjZBMjU5NTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPygMA0GCSqGSIb3DQEBCwUA
A4IBAQAe32SJIOp2tBXeOnRzAZ+VAyUftVmLhI+EDtGyTpHU/lPElZT6DI2z0Jih
0zwepKyuKqh9YFkxgE5ViFwZn/Zq9K1PiDCUdKfGvNDZNM31pLUPJmSBwzt0TNNM
0d5ow9SC7IiZj7uRRhhl5j5Sn2NJBjqbooivqw82tu+DnWLiDy9cQdWjSZot2kDY
yUb9lmUvryO+t1QSNxHiUqpxU7+DJ+dCGIobAsgIjVkamfnGgVvmSJ1LUNkM1jv3
8FnZ4NFPeghEbvr910HYQEmqMannmX6bCqGqGw33260ovMXUj8fwRrKgC0ZES+Zj
af7dDXeTDnvxyswhDHKCFQpH/Y+S
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:12:05 2025 by rpki-client