Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A25D1D8F34811EF910874A8762E951A.roa
File: 8A25D1D8F34811EF910874A8762E951A.roa (raw, json)
Hash identifier: eDxsybWl6VL6jo2KX2VBpn8qGLPw4b1uu5U2lxiE1hw=
Subject key identifier: F0:09:69:93:7E:E8:63:AB:43:43:3E:85:4D:DF:AD:7C:E7:B6:92:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012DA4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A25D1D8F34811EF910874A8762E951A.roa
Signing time: Tue 25 Feb 2025 07:17:15 +0000
ROA not before: Tue 25 Feb 2025 07:17:12 +0000
ROA not after: Sat 19 Feb 2028 07:17:12 +0000
asID: 17561
IP address blocks: 156.249.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77220 (0x12da4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 25 07:17:12 2025 GMT
Not After : Feb 19 07:17:12 2028 GMT
Subject: CN=67bd6e7b-cd8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6c:66:cd:25:e4:fd:88:79:b2:94:23:18:88:
50:bf:56:4b:8b:bb:62:8f:ea:5d:97:aa:fe:2b:47:
dd:9e:11:84:df:7a:7d:1a:49:f4:f3:49:0f:9f:2d:
65:4f:9b:3c:eb:68:e8:bc:8b:8a:3f:86:b1:db:ee:
1c:a4:e7:de:4b:bd:50:23:b2:75:9a:07:ca:41:cc:
a4:d8:5b:e5:57:c6:6d:12:64:92:88:f3:df:58:a8:
8e:e4:c1:b6:9f:fc:72:e8:58:9e:1b:9c:7f:1b:86:
5a:c6:a2:3f:74:ae:1f:3f:e4:31:fa:34:da:cf:95:
3a:3c:be:ec:35:80:ed:fd:bd:20:d6:3d:47:47:e2:
5f:83:54:cc:7d:0f:15:08:ca:f0:21:68:3b:3d:64:
4d:75:0a:21:14:ff:52:97:fd:96:9f:b9:eb:0e:0a:
4f:9a:02:4b:58:b5:bf:cc:b2:36:42:65:e1:9b:5f:
ad:8a:cb:f3:7e:9b:53:15:94:ac:52:d1:77:51:a3:
b1:30:b4:36:21:9a:93:7e:cc:28:90:4a:18:95:77:
7a:13:b6:17:da:17:a6:04:11:37:fd:c2:77:ea:45:
b4:89:90:f3:dc:2b:da:95:35:76:df:26:0f:2c:0c:
2d:bc:21:85:a5:a5:5a:6c:54:cc:10:87:dc:75:a1:
e6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:09:69:93:7E:E8:63:AB:43:43:3E:85:4D:DF:AD:7C:E7:B6:92:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A25D1D8F34811EF910874A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.222.0/24
Signature Algorithm: sha256WithRSAEncryption
44:b0:5b:2e:15:68:4e:ae:39:dc:c0:29:03:40:11:7b:31:fb:
7e:38:33:84:99:c5:eb:5c:71:ba:96:71:4f:2c:b7:86:4b:1a:
37:d4:ac:e0:91:f8:2b:c0:dd:3f:0b:40:9c:7b:a8:1e:6a:0b:
26:da:15:11:35:57:6e:5c:ee:73:d2:3d:c9:63:01:72:0d:69:
8b:87:b0:c8:0f:47:32:60:0f:56:93:ab:6b:e6:3f:52:3f:9d:
e5:e3:d1:30:35:81:69:6e:80:84:1d:fc:ac:84:1f:05:a6:75:
27:1c:c7:0e:82:ae:11:6d:40:aa:0b:d4:67:f0:19:29:28:99:
69:e7:e1:83:c3:d2:d1:36:59:29:63:d4:7a:74:8e:f5:ba:d2:
fc:96:4e:fc:f9:57:66:73:c3:b6:50:26:c2:8f:02:b6:4b:cf:
93:90:62:fc:97:f2:17:b1:a4:7c:fd:bd:9f:10:92:40:a0:ca:
5d:0b:f3:59:a0:56:1d:f8:0c:46:14:cf:c0:8f:33:df:7a:66:
45:c8:27:86:93:73:bf:ce:f6:53:18:c2:ac:eb:a0:c6:5d:f8:
f4:d7:c5:c0:79:8d:61:47:93:0a:8e:47:81:60:14:e2:3c:47:
21:d9:2c:8e:27:78:b0:64:6b:f3:d2:59:cb:bf:e7:d9:23:e3:
7d:2e:02:3b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS2kMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI1MDcxNzEyWhcNMjgwMjE5MDcxNzEyWjAYMRYw
FAYDVQQDEw02N2JkNmU3Yi1jZDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAomxmzSXk/Yh5spQjGIhQv1ZLi7tij+pdl6r+K0fdnhGE33p9Gkn080kP
ny1lT5s862jovIuKP4ax2+4cpOfeS71QI7J1mgfKQcyk2FvlV8ZtEmSSiPPfWKiO
5MG2n/xy6FieG5x/G4ZaxqI/dK4fP+Qx+jTaz5U6PL7sNYDt/b0g1j1HR+Jfg1TM
fQ8VCMrwIWg7PWRNdQohFP9Sl/2Wn7nrDgpPmgJLWLW/zLI2QmXhm1+tisvzfptT
FZSsUtF3UaOxMLQ2IZqTfswokEoYlXd6E7YX2hemBBE3/cJ36kW0iZDz3CvalTV2
3yYPLAwtvCGFpaVabFTMEIfcdaHmbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPAJ
aZN+6GOrQ0M+hU3frXzntpKTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QTI1RDFEOEYzNDgxMUVGOTEwODc0QTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPneMA0GCSqGSIb3DQEBCwUA
A4IBAQBEsFsuFWhOrjncwCkDQBF7Mft+ODOEmcXrXHG6lnFPLLeGSxo31Kzgkfgr
wN0/C0Cce6geagsm2hURNVduXO5z0j3JYwFyDWmLh7DID0cyYA9Wk6tr5j9SP53l
49EwNYFpboCEHfyshB8FpnUnHMcOgq4RbUCqC9Rn8BkpKJlp5+GDw9LRNlkpY9R6
dI71utL8lk78+Vdmc8O2UCbCjwK2S8+TkGL8l/IXsaR8/b2fEJJAoMpdC/NZoFYd
+AxGFM/AjzPfemZFyCeGk3O/zvZTGMKs66DGXfj018XAeY1hR5MKjkeBYBTiPEch
2SyOJ3iwZGvz0lnLv+fZI+N9LgI7
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:00 2025 by rpki-client