Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EFD1450F43D11EF880CDDB1762E951A.roa
File: 8EFD1450F43D11EF880CDDB1762E951A.roa (raw, json)
Hash identifier: Gkp+zgFuvwKHUZXVIxYBqiz2Uo5XC5fu+wFnas0d8iE=
Subject key identifier: 18:66:81:85:BD:EA:64:1C:FB:86:4E:25:94:F4:D4:6E:5A:E5:09:B0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013280
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EFD1450F43D11EF880CDDB1762E951A.roa
Signing time: Wed 26 Feb 2025 12:31:10 +0000
ROA not before: Wed 26 Feb 2025 12:31:06 +0000
ROA not after: Thu 19 Feb 2026 12:31:06 +0000
asID: 984
IP address blocks: 156.252.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78464 (0x13280)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 12:31:06 2025 GMT
Not After : Feb 19 12:31:06 2026 GMT
Subject: CN=67bf098e-f661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:48:dd:ad:95:ad:ae:62:3f:a9:dd:62:31:27:
93:0c:7a:1a:d3:48:4a:9d:b5:a2:32:1a:cb:03:12:
82:11:f4:61:60:24:d2:6b:93:e2:d9:91:da:3e:04:
a3:4b:2c:c0:e7:f4:25:37:19:3a:7c:62:f0:4f:83:
f2:b8:dd:ec:d5:64:e8:c3:bc:58:c5:27:2d:8e:cf:
bd:8b:f9:6f:b8:04:da:3b:8c:bf:be:19:f8:e9:2e:
30:dd:1a:b9:82:3a:ca:c7:de:e9:22:45:8f:f9:a8:
2c:b4:9c:48:82:4e:cb:40:f5:71:7b:d1:98:17:a0:
9c:de:19:75:8b:5c:3f:e5:4f:61:a4:b1:2e:ea:45:
c4:1a:f3:7a:2d:e2:b6:a9:f5:9f:8a:28:b3:2c:38:
32:f0:86:6b:f3:41:6a:ce:45:a6:40:25:c0:b0:3b:
61:18:be:bb:31:88:04:5e:ba:91:7e:36:30:ad:54:
fa:93:c2:64:a0:e9:de:56:fe:85:f6:62:72:71:d2:
d2:0e:bd:72:22:e8:08:6c:01:bd:5e:3c:e7:16:f0:
e0:d6:24:22:b8:71:4a:ee:ef:c4:7a:34:19:ca:18:
52:12:96:0d:e4:ae:19:62:46:1f:a4:42:e3:81:32:
a2:c8:2c:c4:f1:5d:41:03:c7:db:85:64:c2:00:2d:
fa:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:66:81:85:BD:EA:64:1C:FB:86:4E:25:94:F4:D4:6E:5A:E5:09:B0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EFD1450F43D11EF880CDDB1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.144.0/24
Signature Algorithm: sha256WithRSAEncryption
25:0c:42:7a:fc:c9:48:2c:05:29:75:7f:62:b8:8c:85:ef:1b:
93:f6:cc:5d:41:00:0f:f1:de:e9:67:bf:d7:4e:3f:c0:25:93:
87:ce:d7:03:ef:d5:80:a4:eb:cd:db:89:e4:66:8e:af:57:57:
e5:6c:99:37:ff:2d:ad:a2:0a:35:c1:7d:49:1e:af:59:50:d5:
b3:cf:4b:92:95:ba:5a:da:64:7e:e7:10:d0:31:ea:35:aa:37:
5c:67:93:e0:1f:91:01:e1:4b:d5:04:77:ac:f2:fc:08:35:3f:
70:b5:c7:ce:2d:a4:39:5c:16:bf:84:c2:c4:12:35:47:67:75:
7b:36:ed:68:4f:43:bf:9b:9a:fa:1e:cc:9b:7d:8a:36:18:29:
53:e9:d9:87:34:f3:a6:c8:09:b8:b5:8c:08:3d:a1:7e:b3:a8:
49:46:5e:88:7e:a3:bc:11:97:67:3b:e5:5d:7f:68:b6:15:d6:
51:06:57:5d:49:74:3e:cf:ae:9e:55:ea:a7:d6:4b:3d:39:d9:
82:ce:5a:fc:00:0f:fd:cc:f1:7e:ae:1c:e1:33:62:df:a8:d9:
1d:e5:7c:99:ed:29:61:0a:04:46:b6:f7:77:c8:5c:1e:1a:0c:
b1:4d:e7:1a:bd:ff:cc:58:29:49:d3:a0:51:72:17:9f:74:75:
47:7b:c8:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATKAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTIzMTA2WhcNMjYwMjE5MTIzMTA2WjAYMRYw
FAYDVQQDEw02N2JmMDk4ZS1mNjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA60jdrZWtrmI/qd1iMSeTDHoa00hKnbWiMhrLAxKCEfRhYCTSa5Pi2ZHa
PgSjSyzA5/QlNxk6fGLwT4PyuN3s1WTow7xYxSctjs+9i/lvuATaO4y/vhn46S4w
3Rq5gjrKx97pIkWP+agstJxIgk7LQPVxe9GYF6Cc3hl1i1w/5U9hpLEu6kXEGvN6
LeK2qfWfiiizLDgy8IZr80FqzkWmQCXAsDthGL67MYgEXrqRfjYwrVT6k8JkoOne
Vv6F9mJycdLSDr1yIugIbAG9XjznFvDg1iQiuHFK7u/EejQZyhhSEpYN5K4ZYkYf
pELjgTKiyCzE8V1BA8fbhWTCAC36cwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBhm
gYW96mQc+4ZOJZT01G5a5QmwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RUZEMTQ1MEY0M0QxMUVGODgwQ0REQjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPyQMA0GCSqGSIb3DQEBCwUA
A4IBAQAlDEJ6/MlILAUpdX9iuIyF7xuT9sxdQQAP8d7pZ7/XTj/AJZOHztcD79WA
pOvN24nkZo6vV1flbJk3/y2togo1wX1JHq9ZUNWzz0uSlbpa2mR+5xDQMeo1qjdc
Z5PgH5EB4UvVBHes8vwINT9wtcfOLaQ5XBa/hMLEEjVHZ3V7Nu1oT0O/m5r6Hsyb
fYo2GClT6dmHNPOmyAm4tYwIPaF+s6hJRl6IfqO8EZdnO+Vdf2i2FdZRBlddSXQ+
z66eVeqn1ks9OdmCzlr8AA/9zPF+rhzhM2LfqNkd5XyZ7SlhCgRGtvd3yFweGgyx
Tecavf/MWClJ06BRchefdHVHe8iX
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:27 2025 by rpki-client