Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE32ECAF87111EFB0859671762E951A.roa
File: 8BE32ECAF87111EFB0859671762E951A.roa (raw, json)
Hash identifier: UJDLImkdDXWa3SUoxHZETBAGk/FXSdN4zxyrHBLfnas=
Subject key identifier: 81:E7:A4:80:A0:0E:78:44:BE:40:E4:64:1D:79:32:86:FA:6C:86:A4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01425D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE32ECAF87111EFB0859671762E951A.roa
Signing time: Mon 03 Mar 2025 20:53:23 +0000
ROA not before: Mon 03 Mar 2025 20:53:20 +0000
ROA not after: Sat 05 Apr 2025 20:53:20 +0000
asID: 213690
IP address blocks: 156.249.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 20:53:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82525 (0x1425d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 3 20:53:20 2025 GMT
Not After : Apr 5 20:53:20 2025 GMT
Subject: CN=67c616c3-599a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:ca:44:e7:e4:69:bf:89:55:e2:b4:30:87:
8c:80:4b:36:77:5a:f6:cd:6e:fd:7a:f9:17:95:fd:
e8:d8:87:33:ab:69:a3:78:89:4e:93:19:85:28:3c:
8a:80:eb:da:ae:a7:3c:97:c8:d1:54:97:2c:08:8b:
e0:45:4f:74:ef:30:83:e4:2a:66:15:0a:85:78:18:
1d:8e:ce:4d:42:69:78:71:14:c9:61:c2:56:98:24:
80:03:06:59:dc:30:94:28:6e:e9:cb:fd:cc:20:22:
54:13:c5:b3:4a:a1:a8:4c:e0:bf:68:25:b9:3a:fa:
4d:8a:be:0d:89:11:a1:f1:5c:8c:d0:3f:83:00:11:
bf:1f:d2:96:9a:79:b0:94:06:05:e2:8a:62:6a:27:
4c:71:6d:59:6f:83:f4:eb:8f:ea:e8:03:08:1b:6b:
36:98:bd:4f:08:c0:45:fc:9f:36:ed:af:1f:c2:01:
1c:da:7e:67:bd:90:1f:cc:fc:ca:f3:34:10:19:b6:
ef:a8:02:55:a3:19:40:4f:2b:d3:92:c4:af:03:cb:
0c:c1:17:19:3b:86:00:b2:32:20:1d:02:bc:fa:ee:
e0:f8:74:09:bf:6f:a2:2b:dc:df:3d:41:0f:18:9e:
f3:8b:88:74:bc:cc:f4:5d:71:62:db:1e:8c:ed:39:
07:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E7:A4:80:A0:0E:78:44:BE:40:E4:64:1D:79:32:86:FA:6C:86:A4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8BE32ECAF87111EFB0859671762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.64.0/22
Signature Algorithm: sha256WithRSAEncryption
73:8b:a0:e6:e5:57:55:55:ff:81:a7:dd:a5:aa:6d:c7:9a:ce:
95:f8:cc:d6:ee:6b:85:d9:33:e9:d8:f8:fc:72:75:df:d7:b6:
e9:b9:26:c3:4a:1c:ce:89:54:1b:ae:1d:ac:6c:6f:98:9e:a1:
c8:11:99:21:bc:31:97:52:6e:06:70:ed:71:26:48:dd:6a:96:
37:61:5b:7d:af:2d:7c:45:8e:0e:04:c7:52:30:8e:9b:ef:aa:
cb:c5:40:70:8b:c4:98:77:cd:e9:ee:30:cf:c4:87:51:8d:47:
80:97:4e:ea:17:ce:25:8e:67:bf:39:5b:3a:50:de:90:5b:5d:
e6:95:7b:ad:a4:5e:50:cf:f8:3a:1f:2b:c8:58:28:4d:a3:4a:
2f:a9:c3:64:c1:eb:f6:e6:6a:1e:f7:1a:39:3b:d7:56:f9:9e:
16:b0:74:db:e1:56:5e:d6:14:04:67:2d:02:97:5c:fa:d5:17:
12:64:c2:f6:51:20:2d:48:05:dc:21:27:19:30:1c:aa:b3:b9:
7f:ad:4d:90:b4:0d:77:b9:d3:73:ba:7c:cf:e6:46:ad:33:23:
97:36:98:0a:9c:cf:f4:ac:b1:17:81:cb:b3:34:f6:42:32:5a:
43:eb:6e:ea:f8:ee:e4:76:67:94:f8:ce:5c:71:d7:34:35:80:
05:d9:66:5f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUJdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAzMjA1MzIwWhcNMjUwNDA1MjA1MzIwWjAYMRYw
FAYDVQQDEw02N2M2MTZjMy01OTlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs4DKROfkab+JVeK0MIeMgEs2d1r2zW79evkXlf3o2Iczq2mjeIlOkxmF
KDyKgOvarqc8l8jRVJcsCIvgRU907zCD5CpmFQqFeBgdjs5NQml4cRTJYcJWmCSA
AwZZ3DCUKG7py/3MICJUE8WzSqGoTOC/aCW5OvpNir4NiRGh8VyM0D+DABG/H9KW
mnmwlAYF4opiaidMcW1Zb4P064/q6AMIG2s2mL1PCMBF/J827a8fwgEc2n5nvZAf
zPzK8zQQGbbvqAJVoxlATyvTksSvA8sMwRcZO4YAsjIgHQK8+u7g+HQJv2+iK9zf
PUEPGJ7zi4h0vMz0XXFi2x6M7TkHwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIHn
pICgDnhEvkDkZB15Mob6bIakMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QkUzMkVDQUY4NzExMUVGQjA4NTk2NzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPlAMA0GCSqGSIb3DQEBCwUA
A4IBAQBzi6Dm5VdVVf+Bp92lqm3Hms6V+MzW7muF2TPp2Pj8cnXf17bpuSbDShzO
iVQbrh2sbG+YnqHIEZkhvDGXUm4GcO1xJkjdapY3YVt9ry18RY4OBMdSMI6b76rL
xUBwi8SYd83p7jDPxIdRjUeAl07qF84ljme/OVs6UN6QW13mlXutpF5Qz/g6HyvI
WChNo0ovqcNkwev25moe9xo5O9dW+Z4WsHTb4VZe1hQEZy0Cl1z61RcSZML2USAt
SAXcIScZMByqs7l/rU2QtA13udNzunzP5katMyOXNpgKnM/0rLEXgcuzNPZCMlpD
627q+O7kdmeU+M5ccdc0NYAF2WZf
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:12 2025 by rpki-client