Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DFD3FDEF8F311EFA984DE6B762E951A.roa
File: 8DFD3FDEF8F311EFA984DE6B762E951A.roa (raw, json)
Hash identifier: GwyCdtQ9FPQj+yNBz1DzYW87qAw/0VopV7+o2b0h0lE=
Subject key identifier: D9:E4:50:0F:87:50:E3:C5:3F:3A:71:A9:3C:9A:2A:A5:2E:09:1E:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014310
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DFD3FDEF8F311EFA984DE6B762E951A.roa
Signing time: Tue 04 Mar 2025 12:24:03 +0000
ROA not before: Tue 04 Mar 2025 12:23:28 +0000
ROA not after: Mon 07 Apr 2025 12:23:28 +0000
asID: 60223
IP address blocks: 156.253.252.0/24 maxlen: 24
156.253.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 00:26:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82704 (0x14310)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 4 12:23:28 2025 GMT
Not After : Apr 7 12:23:28 2025 GMT
Subject: CN=67c6f0e3-51c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:03:e6:c9:3e:bd:3d:de:f9:85:fc:f4:b0:ee:
1f:52:e1:85:3a:03:07:6d:6d:0d:0e:32:aa:5e:f4:
32:78:35:1b:f7:a1:c1:e3:3b:90:d2:9f:77:95:47:
50:e6:8c:61:42:46:85:7d:0e:6d:b7:ad:26:d5:2f:
c9:1f:2c:f4:92:ab:e1:12:fa:38:83:e8:cf:94:35:
4d:46:ca:16:4a:6f:9f:28:d0:55:af:d9:12:e1:b8:
f2:6a:ab:4c:58:42:a1:56:5c:af:57:91:36:a0:d6:
9a:25:c8:04:a9:f2:7d:b5:67:10:95:e6:17:cd:d1:
ce:ef:09:a0:a3:d2:c4:8e:8b:07:b3:0c:f3:49:fa:
e5:c5:eb:bb:0e:4e:56:25:77:06:d6:8e:dd:ff:d6:
f3:62:e6:74:91:90:7e:21:5e:40:0e:35:4e:44:d9:
ad:18:72:bc:92:d5:59:c7:5e:8a:85:7a:11:f7:fa:
ec:7d:45:29:54:53:df:b0:0a:dd:13:97:e5:fc:33:
31:28:a0:93:cd:a2:bb:00:ae:35:cd:7a:6f:25:59:
2d:79:cb:d2:2f:83:00:06:95:69:81:74:35:3e:18:
2d:88:2a:97:a3:98:d4:04:bf:f6:aa:24:da:29:c7:
a0:08:54:6e:04:98:fd:3d:9d:91:a8:da:6e:f5:a8:
40:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E4:50:0F:87:50:E3:C5:3F:3A:71:A9:3C:9A:2A:A5:2E:09:1E:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8DFD3FDEF8F311EFA984DE6B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.252.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:09:66:ea:df:2e:17:cb:a7:91:1e:92:83:2f:b8:be:12:1a:
f6:9e:50:40:77:23:fc:e0:ba:bb:73:94:2c:d9:4b:3d:b2:c6:
2e:76:a3:d3:3f:9f:9d:24:76:08:00:b6:89:31:79:1a:e3:21:
65:6a:29:8c:e2:a6:81:15:ff:b5:d8:f8:87:59:65:d1:e8:7b:
00:27:4f:5c:fc:2f:9e:02:e6:06:4d:44:e3:f7:10:e0:14:89:
ef:74:bb:d3:86:ce:d6:df:4c:44:f9:e1:3a:c7:b5:5d:b4:9d:
cc:33:6b:24:fa:e1:48:5a:98:1c:5d:ab:a3:ae:53:9e:45:ee:
d0:ae:89:56:1f:7a:c7:ab:10:f9:e0:22:19:69:79:4e:0f:44:
54:e2:9e:44:31:8c:1b:45:2c:da:49:78:9b:03:6b:d4:a3:87:
e0:3b:1b:7d:5f:5c:e0:ef:d2:22:55:ca:12:01:08:3b:aa:c6:
bc:b5:5f:ed:71:29:d5:7c:d0:73:b7:f2:aa:4a:ac:52:a0:1b:
6b:98:cb:9f:ea:e0:da:28:5c:16:05:b2:82:c7:9d:c1:a4:4d:
a3:71:78:57:56:c2:fc:03:2e:7e:e0:d3:5d:11:77:46:77:7f:
a0:33:aa:30:42:45:57:72:40:43:78:3c:7e:7b:2b:e6:4c:0a:
93:e0:d8:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUMQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA0MTIyMzI4WhcNMjUwNDA3MTIyMzI4WjAYMRYw
FAYDVQQDEw02N2M2ZjBlMy01MWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuAPmyT69Pd75hfz0sO4fUuGFOgMHbW0NDjKqXvQyeDUb96HB4zuQ0p93
lUdQ5oxhQkaFfQ5tt60m1S/JHyz0kqvhEvo4g+jPlDVNRsoWSm+fKNBVr9kS4bjy
aqtMWEKhVlyvV5E2oNaaJcgEqfJ9tWcQleYXzdHO7wmgo9LEjosHswzzSfrlxeu7
Dk5WJXcG1o7d/9bzYuZ0kZB+IV5ADjVORNmtGHK8ktVZx16KhXoR9/rsfUUpVFPf
sArdE5fl/DMxKKCTzaK7AK41zXpvJVktecvSL4MABpVpgXQ1PhgtiCqXo5jUBL/2
qiTaKcegCFRuBJj9PZ2RqNpu9ahAiQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNnk
UA+HUOPFPzpxqTyaKqUuCR4OMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84REZEM0ZERUY4RjMxMUVGQTk4NERFNkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP38MA0GCSqGSIb3DQEBCwUA
A4IBAQB7CWbq3y4Xy6eRHpKDL7i+Ehr2nlBAdyP84Lq7c5Qs2Us9ssYudqPTP5+d
JHYIALaJMXka4yFlaimM4qaBFf+12PiHWWXR6HsAJ09c/C+eAuYGTUTj9xDgFInv
dLvThs7W30xE+eE6x7VdtJ3MM2sk+uFIWpgcXaujrlOeRe7QrolWH3rHqxD54CIZ
aXlOD0RU4p5EMYwbRSzaSXibA2vUo4fgOxt9X1zg79IiVcoSAQg7qsa8tV/tcSnV
fNBzt/KqSqxSoBtrmMuf6uDaKFwWBbKCx53BpE2jcXhXVsL8Ay5+4NNdEXdGd3+g
M6owQkVXckBDeDx+eyvmTAqT4Nh9
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:25:23 2025 by rpki-client