Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9285F9B0F45C11EFB3CE278F762E951A.roa
File: 9285F9B0F45C11EFB3CE278F762E951A.roa (raw, json)
Hash identifier: u+Cz+KuiB2Vs4RuMTNTWn/huAKYGAfHDkry4uTqvPfE=
Subject key identifier: 93:00:42:38:52:B3:60:24:FE:B6:FF:D7:44:57:12:F8:F0:AF:F6:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01349B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9285F9B0F45C11EFB3CE278F762E951A.roa
Signing time: Wed 26 Feb 2025 16:13:11 +0000
ROA not before: Wed 26 Feb 2025 16:13:05 +0000
ROA not after: Thu 19 Feb 2026 16:13:05 +0000
asID: 984
IP address blocks: 156.252.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79003 (0x1349b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 16:13:05 2025 GMT
Not After : Feb 19 16:13:05 2026 GMT
Subject: CN=67bf3d97-add0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:04:32:e5:fb:b9:25:9f:14:91:39:9b:62:12:
ad:a9:06:54:77:8e:9d:14:c5:1b:e9:ac:ef:2e:25:
c1:95:65:a2:a0:d1:ed:86:a2:49:d2:e9:88:18:27:
bf:e2:1b:b4:3f:3c:ef:01:ba:ba:fd:6a:3a:ff:8a:
5f:7c:18:7c:fc:27:aa:ec:48:cc:e7:94:dd:65:97:
ea:e2:8c:da:2f:da:9f:c1:8a:4c:4a:c9:f7:52:35:
ba:33:98:2e:53:81:73:c2:b5:d3:ca:64:c1:34:b0:
1a:97:92:3f:16:4b:a0:e6:a0:75:b0:0a:19:15:88:
d2:af:4f:26:65:c2:14:0e:52:39:bb:3d:42:54:6e:
e8:5f:33:b3:18:62:6a:63:52:3d:29:78:30:ce:e1:
08:98:e0:9b:52:95:9e:e9:82:7d:2e:2a:8a:a5:b4:
83:f1:46:7a:96:da:a3:2e:8b:9f:d2:5d:3a:79:03:
79:c9:dd:e6:01:d1:3c:7c:06:44:9a:2e:0c:b7:53:
5e:e7:4c:85:8e:79:82:d8:8a:48:22:01:a6:cf:49:
7c:59:f8:ff:48:f8:2f:32:dc:b7:12:e0:0d:e2:ad:
e7:95:a2:97:2b:c4:fd:f8:ad:f3:b9:4a:c9:ec:36:
56:04:17:1e:e4:73:e2:63:8c:54:7a:ba:d7:d6:0f:
8a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:00:42:38:52:B3:60:24:FE:B6:FF:D7:44:57:12:F8:F0:AF:F6:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9285F9B0F45C11EFB3CE278F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.231.0/24
Signature Algorithm: sha256WithRSAEncryption
29:e9:78:bf:6e:e2:d3:94:b4:54:1d:b3:37:cb:1b:73:42:4d:
59:af:02:e3:24:68:d5:8b:dc:ae:23:3d:a3:04:0f:fa:d3:fe:
a3:3a:23:b2:79:ac:ba:1a:2d:6e:df:08:53:f7:fb:41:88:00:
82:f5:df:af:3d:81:31:8e:7c:24:4e:66:3a:2b:61:32:1d:5a:
62:73:7a:7f:42:9f:63:8d:ba:e6:00:07:b0:18:60:41:5d:97:
29:b9:1f:3e:8a:06:48:21:0f:32:c4:f9:ea:c2:6e:00:d6:e2:
e4:4e:00:7f:7a:0c:81:4c:a1:62:a6:58:46:f1:7e:5c:b3:86:
f0:d6:c1:01:e6:b1:b0:be:4a:4f:2c:c5:9a:81:9c:db:f9:c7:
b1:32:3a:b3:b0:0d:3b:ac:77:9a:5b:dd:ba:d3:ff:85:3d:fd:
c7:ad:fb:d0:17:b1:16:e9:ee:ff:b0:73:87:32:28:5e:08:c9:
65:78:bc:e2:96:78:8e:ee:a5:bc:77:e8:14:45:44:5b:82:91:
9c:e5:79:4a:e4:d0:49:ef:2c:dd:fa:10:cd:18:c1:8e:ef:04:
aa:9e:47:90:7c:ca:99:ea:76:35:79:da:ea:8d:86:39:35:92:
22:45:69:9b:cc:5c:19:4b:fe:69:f3:ca:2e:d0:6b:ab:1b:c0:
31:91:82:c0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATSbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTYxMzA1WhcNMjYwMjE5MTYxMzA1WjAYMRYw
FAYDVQQDEw02N2JmM2Q5Ny1hZGQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQQy5fu5JZ8UkTmbYhKtqQZUd46dFMUb6azvLiXBlWWioNHthqJJ0umI
GCe/4hu0PzzvAbq6/Wo6/4pffBh8/Ceq7EjM55TdZZfq4ozaL9qfwYpMSsn3UjW6
M5guU4FzwrXTymTBNLAal5I/Fkug5qB1sAoZFYjSr08mZcIUDlI5uz1CVG7oXzOz
GGJqY1I9KXgwzuEImOCbUpWe6YJ9LiqKpbSD8UZ6ltqjLouf0l06eQN5yd3mAdE8
fAZEmi4Mt1Ne50yFjnmC2IpIIgGmz0l8Wfj/SPgvMty3EuAN4q3nlaKXK8T9+K3z
uUrJ7DZWBBce5HPiY4xUerrX1g+KHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJMA
QjhSs2Ak/rb/10RXEvjwr/ahMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85Mjg1RjlCMEY0NUMxMUVGQjNDRTI3OEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPznMA0GCSqGSIb3DQEBCwUA
A4IBAQAp6Xi/buLTlLRUHbM3yxtzQk1ZrwLjJGjVi9yuIz2jBA/60/6jOiOyeay6
Gi1u3whT9/tBiACC9d+vPYExjnwkTmY6K2EyHVpic3p/Qp9jjbrmAAewGGBBXZcp
uR8+igZIIQ8yxPnqwm4A1uLkTgB/egyBTKFiplhG8X5cs4bw1sEB5rGwvkpPLMWa
gZzb+cexMjqzsA07rHeaW9260/+FPf3HrfvQF7EW6e7/sHOHMiheCMlleLzilniO
7qW8d+gURURbgpGc5XlK5NBJ7yzd+hDNGMGO7wSqnkeQfMqZ6nY1edrqjYY5NZIi
RWmbzFwZS/5p88ou0GurG8AxkYLA
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:33:32 2025 by rpki-client