Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EDECE78F34711EFB9A843A0762E951A.roa
File: 9EDECE78F34711EFB9A843A0762E951A.roa (raw, json)
Hash identifier: QV19IQpHwJunarf2KOwGiCXNuhNxmHumkOl4R8ykFEU=
Subject key identifier: AB:9B:BD:53:46:8F:C3:A9:52:50:94:29:FE:FD:12:FD:83:AD:9C:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012D9E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EDECE78F34711EFB9A843A0762E951A.roa
Signing time: Tue 25 Feb 2025 07:10:40 +0000
ROA not before: Tue 25 Feb 2025 07:10:37 +0000
ROA not after: Sat 19 Feb 2028 07:10:37 +0000
asID: 17561
IP address blocks: 156.249.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77214 (0x12d9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 25 07:10:37 2025 GMT
Not After : Feb 19 07:10:37 2028 GMT
Subject: CN=67bd6cf0-d062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9c:39:df:c8:84:56:1b:cb:bb:2f:b5:04:e5:
23:4f:59:99:95:54:e4:5b:38:3c:6d:b4:7d:e6:24:
c0:df:63:a9:31:6b:af:6b:10:80:05:65:6f:bb:81:
c8:5a:7e:38:dc:17:7b:29:c2:08:e5:02:ef:2f:03:
80:02:6a:f1:f1:27:86:7d:97:d7:72:67:17:16:34:
09:1f:b6:67:ac:ee:33:44:dc:38:7a:93:b7:4f:46:
9f:02:e5:04:94:4f:28:e3:db:0d:1b:95:ee:ef:ac:
bc:f8:5b:b0:97:ef:9a:65:27:40:f6:d8:5b:08:b0:
24:cc:8e:05:17:04:04:5a:30:9d:4f:f7:ec:6a:4f:
6a:53:11:ab:0d:2b:e7:a5:65:8f:3b:e4:07:95:b0:
71:e2:36:6f:20:de:f6:6f:18:6d:f2:05:d6:d2:27:
87:92:96:48:ad:4d:44:6d:9c:17:c3:24:77:0e:d4:
bd:5f:d0:30:ba:f5:f2:8f:e7:65:5e:0b:46:1a:d1:
fd:c8:8e:7f:04:6e:2f:ee:0c:8f:9f:04:7c:8a:d0:
da:e0:de:83:bf:49:7d:ba:6e:86:01:5e:08:bb:db:
17:2e:fa:26:f9:93:c6:44:32:3a:8f:61:09:6d:ea:
65:e6:df:ab:ec:7d:be:28:1e:91:32:ad:9c:c8:fc:
74:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9B:BD:53:46:8F:C3:A9:52:50:94:29:FE:FD:12:FD:83:AD:9C:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EDECE78F34711EFB9A843A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.219.0/24
Signature Algorithm: sha256WithRSAEncryption
79:76:6e:fe:4e:fd:9c:a8:b6:2b:35:e3:25:dc:6a:69:5a:84:
e9:c7:d4:87:fc:9c:44:a6:4b:97:0d:86:18:90:89:3a:91:75:
a2:10:0e:ee:b1:f8:83:63:57:bc:54:fb:15:99:f5:81:ac:37:
ed:3f:0c:b9:a5:01:b6:f0:23:5d:86:14:d6:4e:c7:23:b4:96:
17:b3:db:6d:51:0a:73:b0:09:5c:d9:0f:53:f1:cc:d4:9b:e9:
da:cb:65:ee:49:8a:c7:a7:08:88:58:79:d1:50:33:cd:6e:10:
28:28:7f:6e:61:0b:e8:0f:d5:ec:20:08:49:f4:65:90:a6:ce:
a9:6e:23:cd:32:b3:86:2d:f9:96:b1:2b:35:ea:00:ec:1e:d8:
9e:1f:dd:57:79:7a:0f:2e:09:dc:c3:21:bb:c2:d0:4e:d9:5c:
d4:76:35:1e:ea:b8:ef:81:62:55:dc:a1:93:be:d2:1f:ef:9d:
63:6e:10:03:14:1d:27:72:23:d5:c6:f1:90:d6:a1:2e:cb:bb:
30:bf:0a:c2:59:ae:2f:6d:a1:72:3d:9d:76:0e:bd:85:46:98:
ca:dd:45:19:66:6f:5e:d2:db:d8:df:92:66:2c:e5:d9:84:33:
01:26:20:d5:e6:22:3d:b7:97:d9:95:3c:96:ad:c9:16:53:f2:
77:ba:f7:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS2eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI1MDcxMDM3WhcNMjgwMjE5MDcxMDM3WjAYMRYw
FAYDVQQDEw02N2JkNmNmMC1kMDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3pw538iEVhvLuy+1BOUjT1mZlVTkWzg8bbR95iTA32OpMWuvaxCABWVv
u4HIWn443Bd7KcII5QLvLwOAAmrx8SeGfZfXcmcXFjQJH7ZnrO4zRNw4epO3T0af
AuUElE8o49sNG5Xu76y8+Fuwl++aZSdA9thbCLAkzI4FFwQEWjCdT/fsak9qUxGr
DSvnpWWPO+QHlbBx4jZvIN72bxht8gXW0ieHkpZIrU1EbZwXwyR3DtS9X9AwuvXy
j+dlXgtGGtH9yI5/BG4v7gyPnwR8itDa4N6Dv0l9um6GAV4Iu9sXLvom+ZPGRDI6
j2EJbepl5t+r7H2+KB6RMq2cyPx0aQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKub
vVNGj8OpUlCUKf79Ev2DrZyyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RURFQ0U3OEYzNDcxMUVGQjlBODQzQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPnbMA0GCSqGSIb3DQEBCwUA
A4IBAQB5dm7+Tv2cqLYrNeMl3GppWoTpx9SH/JxEpkuXDYYYkIk6kXWiEA7usfiD
Y1e8VPsVmfWBrDftPwy5pQG28CNdhhTWTscjtJYXs9ttUQpzsAlc2Q9T8czUm+na
y2XuSYrHpwiIWHnRUDPNbhAoKH9uYQvoD9XsIAhJ9GWQps6pbiPNMrOGLfmWsSs1
6gDsHtieH91XeXoPLgncwyG7wtBO2VzUdjUe6rjvgWJV3KGTvtIf751jbhADFB0n
ciPVxvGQ1qEuy7swvwrCWa4vbaFyPZ12Dr2FRpjK3UUZZm9e0tvY35JmLOXZhDMB
JiDV5iI9t5fZlTyWrckWU/J3uvfa
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:09 2025 by rpki-client