Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DED56F0107211F0B3BC82A1762E951A.roa
File: 8DED56F0107211F0B3BC82A1762E951A.roa (raw, json)
Hash identifier: yzVU3kOzoqU8RMOGwhEhJHO3QrOzCiYIdW+qqp8fk7o=
Subject key identifier: A7:65:1A:51:1A:DB:26:D8:6F:A2:3D:6F:A6:8E:B5:B5:08:C7:D8:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0149B0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DED56F0107211F0B3BC82A1762E951A.roa
Signing time: Thu 03 Apr 2025 10:01:04 +0000
ROA not before: Thu 03 Apr 2025 10:01:00 +0000
ROA not after: Mon 14 Apr 2025 10:01:00 +0000
asID: 211392
IP address blocks: 156.239.152.0/24 maxlen: 24
156.239.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84400 (0x149b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Apr 3 10:01:00 2025 GMT
Not After : Apr 14 10:01:00 2025 GMT
Subject: CN=67ee5c60-279b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5b:5a:7e:0c:17:d1:72:77:21:72:e3:f0:11:
13:f4:94:14:de:9b:a0:0e:31:fd:6f:c6:c5:8e:9a:
9f:14:4a:cd:52:59:0a:b9:c7:9c:56:f9:fe:e2:c5:
2b:05:44:4f:1e:ad:06:26:c2:78:5a:2a:8a:3e:29:
73:67:98:39:dc:7c:b9:94:46:33:a5:41:d5:66:32:
d4:d2:c7:1b:88:f1:f4:6b:f2:f8:01:a5:9b:6d:d9:
05:3b:ac:be:15:29:b0:5a:54:a8:73:cd:cd:94:80:
33:8a:52:80:e5:6f:71:da:e0:2a:f1:51:b9:9d:7e:
77:77:c8:8b:b0:03:67:f5:63:2c:a7:32:5d:2e:86:
95:a9:ca:b6:01:e0:ff:3f:af:1f:a2:79:91:32:1b:
e3:e7:9d:17:d7:75:7c:7f:ed:fa:d5:81:7e:22:cd:
d2:70:a2:7a:75:d5:16:da:49:e8:1f:74:35:c3:92:
07:68:f7:54:79:8d:a4:eb:56:25:08:39:86:0f:b0:
b7:0b:59:1e:d5:a5:ac:78:d6:45:ac:09:91:d4:9d:
19:1c:32:7e:b0:80:1f:47:25:04:c4:66:56:63:f7:
4f:03:59:ec:f2:0d:fc:e5:26:86:63:67:01:c3:6c:
e1:ca:cf:a3:a5:fb:5d:68:20:c5:1c:a9:37:7e:e4:
d9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:65:1A:51:1A:DB:26:D8:6F:A2:3D:6F:A6:8E:B5:B5:08:C7:D8:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DED56F0107211F0B3BC82A1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.152.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:06:6d:54:cc:bd:25:73:6b:31:db:54:1e:e6:45:e9:a2:91:
32:40:52:c3:14:50:0d:ca:50:23:72:7d:46:38:3c:30:f9:ff:
09:1f:11:b7:7d:f0:a6:fa:d2:7d:08:f7:71:c2:0c:8c:8a:29:
b5:4f:91:93:d0:68:f0:ec:1b:6d:d4:f8:b9:24:54:a7:20:74:
61:83:c1:3d:d0:96:f6:23:36:c5:ce:fc:1c:af:4a:bb:c1:16:
71:e7:04:b7:62:0c:dc:66:ae:72:03:93:51:cb:28:38:c6:19:
09:16:14:ba:ab:af:72:28:bf:9c:f5:7c:3c:85:33:e8:d8:42:
05:96:d6:97:6c:35:73:8c:0f:f5:26:d7:65:91:d2:45:15:20:
9b:cc:bf:2c:5e:13:01:25:23:a6:f8:92:1f:5a:94:18:c2:59:
a9:98:c6:c4:07:c3:e1:97:48:4a:a4:41:28:f5:e9:e5:bf:0c:
11:5f:11:4e:4f:6b:30:f6:a8:94:8d:cc:69:da:f3:b8:15:a3:
aa:bd:1f:77:3e:86:2e:2b:c6:00:1e:03:90:e6:62:67:5f:6a:
95:76:99:3a:75:fd:b3:fb:30:cf:ac:06:27:96:c5:1e:a8:da:
9b:ea:25:67:74:a4:41:bb:da:4f:bf:d1:2d:19:3e:4b:96:b8:
1f:71:99:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUmwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAzMTAwMTAwWhcNMjUwNDE0MTAwMTAwWjAYMRYw
FAYDVQQDEw02N2VlNWM2MC0yNzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw1tafgwX0XJ3IXLj8BET9JQU3pugDjH9b8bFjpqfFErNUlkKucecVvn+
4sUrBURPHq0GJsJ4WiqKPilzZ5g53Hy5lEYzpUHVZjLU0scbiPH0a/L4AaWbbdkF
O6y+FSmwWlSoc83NlIAzilKA5W9x2uAq8VG5nX53d8iLsANn9WMspzJdLoaVqcq2
AeD/P68fonmRMhvj550X13V8f+361YF+Is3ScKJ6ddUW2knoH3Q1w5IHaPdUeY2k
61YlCDmGD7C3C1ke1aWseNZFrAmR1J0ZHDJ+sIAfRyUExGZWY/dPA1ns8g385SaG
Y2cBw2zhys+jpftdaCDFHKk3fuTZCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKdl
GlEa2ybYb6I9b6aOtbUIx9gZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84REVENTZGMDEwNzIxMUYwQjNCQzgyQTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO+YMA0GCSqGSIb3DQEBCwUA
A4IBAQCuBm1UzL0lc2sx21Qe5kXpopEyQFLDFFANylAjcn1GODww+f8JHxG3ffCm
+tJ9CPdxwgyMiim1T5GT0Gjw7Btt1Pi5JFSnIHRhg8E90Jb2IzbFzvwcr0q7wRZx
5wS3YgzcZq5yA5NRyyg4xhkJFhS6q69yKL+c9Xw8hTPo2EIFltaXbDVzjA/1Jtdl
kdJFFSCbzL8sXhMBJSOm+JIfWpQYwlmpmMbEB8Phl0hKpEEo9enlvwwRXxFOT2sw
9qiUjcxp2vO4FaOqvR93PoYuK8YAHgOQ5mJnX2qVdpk6df2z+zDPrAYnlsUeqNqb
6iVndKRBu9pPv9EtGT5LlrgfcZk+
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:45 2025 by rpki-client