Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99C679DAF42911EF998D0BA8762E951A.roa
File: 99C679DAF42911EF998D0BA8762E951A.roa (raw, json)
Hash identifier: ZEwOoq/Xou9lNfJlsv/JE6S4FacfYJFOMHq/xiT0oIs=
Subject key identifier: 47:6D:EC:60:2A:A9:F2:01:85:E4:3D:D1:EE:89:17:EA:CC:17:6A:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0130CE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99C679DAF42911EF998D0BA8762E951A.roa
Signing time: Wed 26 Feb 2025 10:08:18 +0000
ROA not before: Wed 26 Feb 2025 10:08:15 +0000
ROA not after: Thu 19 Feb 2026 10:08:15 +0000
asID: 984
IP address blocks: 156.230.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78030 (0x130ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:08:15 2025 GMT
Not After : Feb 19 10:08:15 2026 GMT
Subject: CN=67bee812-6df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a0:d1:3d:1e:30:87:3e:d2:46:35:69:ba:9d:
54:11:64:a9:f2:2d:4f:04:91:50:d6:c8:69:db:bb:
fc:c1:ca:ce:ba:f1:13:f7:e9:5e:60:1c:5a:12:00:
75:af:10:5a:b2:a7:7a:ec:c7:06:2b:04:2a:fb:63:
3a:fb:dc:bf:05:3a:48:03:ed:83:d7:6a:cf:bd:96:
37:9e:31:f5:65:45:92:40:ca:75:66:4c:79:03:1c:
60:12:9d:53:e9:ff:f5:bf:7c:f1:1c:28:65:12:38:
46:15:cd:e6:38:0d:bd:ee:6e:7c:3c:10:ea:55:46:
1c:18:9e:1c:6c:06:79:dc:73:88:ad:ae:d7:14:90:
49:08:8c:17:fa:bd:62:06:cd:81:cb:67:92:1c:92:
be:ad:b3:ab:ef:e8:09:d1:d3:91:9e:aa:38:40:c1:
75:81:69:6b:44:fe:ef:9a:b1:08:13:91:d9:0d:ce:
98:ba:b4:2f:a4:d8:6d:c1:bd:27:ed:72:9a:04:43:
d6:b6:17:3b:9c:0f:8f:b4:4c:b9:77:fe:ab:5e:d2:
4d:97:14:b9:84:85:e8:a1:a5:25:47:c9:20:2b:84:
8a:f6:c0:51:73:47:53:f2:5c:af:c0:03:10:4d:1a:
13:75:b1:34:bd:34:a1:6f:4f:3f:30:98:5b:9c:8b:
d3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6D:EC:60:2A:A9:F2:01:85:E4:3D:D1:EE:89:17:EA:CC:17:6A:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99C679DAF42911EF998D0BA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.141.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:9d:91:59:43:ed:00:38:19:00:88:e0:0b:86:d3:6b:89:43:
e1:32:b3:96:c1:ad:56:72:ff:b7:52:87:76:a5:62:5e:46:5b:
7e:1c:9d:4b:bb:95:38:29:f1:58:c2:28:81:cc:73:77:26:65:
50:28:8f:95:bc:36:d7:08:f7:ea:cd:d3:17:aa:50:e3:5a:3f:
b5:bf:84:53:77:1b:18:54:82:2b:22:8f:99:da:2f:2c:09:7c:
b0:c2:bb:6a:a9:78:92:df:16:b5:9f:83:bf:28:14:53:eb:14:
0a:6e:10:b2:d3:ac:fe:37:94:8c:02:1c:27:28:30:1b:80:04:
1f:1d:27:db:3f:25:98:2a:26:53:2d:ee:e7:b1:12:e8:22:8e:
6c:4c:b2:56:0d:a1:96:60:0f:26:e7:9f:93:7e:2c:6b:fe:b2:
2f:e5:2e:fb:74:6a:b2:d8:84:01:3d:08:fa:8f:eb:44:b1:ba:
4b:00:9b:fd:a8:af:b3:bd:52:e6:33:b5:20:df:7f:ff:9a:06:
2c:ae:f8:ff:c1:26:28:d0:69:ad:fc:dc:92:56:e7:1f:9b:30:
ce:20:15:05:9f:b2:45:fb:18:82:02:10:06:68:cb:b3:97:e2:
d9:84:84:e4:57:e7:bd:66:6b:6f:bb:49:db:99:d4:29:98:11:
77:de:84:40
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATDOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTAwODE1WhcNMjYwMjE5MTAwODE1WjAYMRYw
FAYDVQQDEw02N2JlZTgxMi02ZGYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy6DRPR4whz7SRjVpup1UEWSp8i1PBJFQ1shp27v8wcrOuvET9+leYBxa
EgB1rxBasqd67McGKwQq+2M6+9y/BTpIA+2D12rPvZY3njH1ZUWSQMp1Zkx5Axxg
Ep1T6f/1v3zxHChlEjhGFc3mOA297m58PBDqVUYcGJ4cbAZ53HOIra7XFJBJCIwX
+r1iBs2By2eSHJK+rbOr7+gJ0dORnqo4QMF1gWlrRP7vmrEIE5HZDc6YurQvpNht
wb0n7XKaBEPWthc7nA+PtEy5d/6rXtJNlxS5hIXooaUlR8kgK4SK9sBRc0dT8lyv
wAMQTRoTdbE0vTShb08/MJhbnIvTLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEdt
7GAqqfIBheQ90e6JF+rMF2oSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OUM2NzlEQUY0MjkxMUVGOTk4RDBCQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOaNMA0GCSqGSIb3DQEBCwUA
A4IBAQBLnZFZQ+0AOBkAiOALhtNriUPhMrOWwa1Wcv+3Uod2pWJeRlt+HJ1Lu5U4
KfFYwiiBzHN3JmVQKI+VvDbXCPfqzdMXqlDjWj+1v4RTdxsYVIIrIo+Z2i8sCXyw
wrtqqXiS3xa1n4O/KBRT6xQKbhCy06z+N5SMAhwnKDAbgAQfHSfbPyWYKiZTLe7n
sRLoIo5sTLJWDaGWYA8m55+Tfixr/rIv5S77dGqy2IQBPQj6j+tEsbpLAJv9qK+z
vVLmM7Ug33//mgYsrvj/wSYo0Gmt/NySVucfmzDOIBUFn7JF+xiCAhAGaMuzl+LZ
hITkV+e9Zmtvu0nbmdQpmBF33oRA
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:16:56 2025 by rpki-client