Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3124988F47E11EF9D71F97C762E951A.roa
File: A3124988F47E11EF9D71F97C762E951A.roa (raw, json)
Hash identifier: lqe4e4NUM8JA/HLKLY8CaTWyfFuqIiewwgvKGAtBkG0=
Subject key identifier: A7:48:37:07:55:48:A9:BC:77:C7:BD:B5:1E:65:AC:3F:85:E3:3A:AC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013775
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3124988F47E11EF9D71F97C762E951A.roa
Signing time: Wed 26 Feb 2025 20:17:01 +0000
ROA not before: Wed 26 Feb 2025 20:16:57 +0000
ROA not after: Thu 19 Feb 2026 20:16:57 +0000
asID: 984
IP address blocks: 156.247.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79733 (0x13775)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 20:16:57 2025 GMT
Not After : Feb 19 20:16:57 2026 GMT
Subject: CN=67bf76bd-39d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:89:81:2a:fe:00:7c:49:d9:b3:b8:60:67:8c:
ec:3b:42:56:59:30:98:8d:f5:0a:4c:7b:51:25:5c:
78:4d:87:a9:fd:3c:77:f5:e7:d7:c2:22:9f:ff:2d:
0f:68:39:3c:66:47:b2:5a:60:ab:a2:d6:33:c8:a8:
2a:4d:0f:d5:54:4d:29:38:ff:50:9f:3b:3b:f4:fc:
3b:52:fb:68:29:8f:00:26:cf:e7:c1:1b:0d:f5:9c:
d1:1a:c3:a5:da:00:20:f9:cd:b6:fc:2b:a4:29:7e:
ad:17:7f:39:76:ec:2b:e0:b3:ac:7c:e6:84:22:49:
c5:30:a1:34:29:d1:48:65:2e:c4:c4:7c:8f:c4:52:
14:82:e8:e3:e1:33:ff:19:e4:27:1a:87:07:db:51:
28:37:4f:6f:a6:41:a8:f2:69:9e:38:47:d5:65:99:
85:a7:ab:48:5f:d0:aa:a1:cf:da:7a:6e:76:f1:a8:
28:34:d4:5d:c8:4a:74:5e:28:12:5b:15:d5:0b:81:
ec:f8:fc:df:ae:c5:d8:b4:1b:74:bb:b8:61:37:c6:
55:ef:c4:96:81:16:11:dd:3b:36:78:f9:53:9c:3f:
74:66:fc:9a:28:fd:53:04:b0:0a:ce:58:d5:91:d3:
a1:bf:46:d2:85:53:6d:80:ab:4d:f0:bd:88:ad:2a:
88:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:48:37:07:55:48:A9:BC:77:C7:BD:B5:1E:65:AC:3F:85:E3:3A:AC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3124988F47E11EF9D71F97C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.50.0/24
Signature Algorithm: sha256WithRSAEncryption
98:4a:c9:db:54:9a:df:e2:de:06:77:ed:8a:ec:04:64:17:27:
d2:c8:04:d9:7b:bc:31:31:6f:85:d5:ea:cb:4d:34:70:8f:7d:
b5:ba:c6:4b:b9:7e:c9:58:09:69:12:bd:f6:0d:ba:e6:7b:d3:
c6:d0:8f:33:e4:94:3c:b7:c1:0f:dc:d2:5a:d2:19:b2:22:fc:
20:7c:4e:6e:fb:f2:ca:ef:d6:ce:f4:77:07:27:56:b8:7f:fa:
34:58:54:5f:16:18:b8:00:9f:56:46:53:b3:af:03:fa:bf:f1:
3c:ad:86:1e:4b:a8:52:39:a9:4d:f7:9b:a2:b9:db:34:6e:3b:
90:d4:6f:c4:c1:0a:bb:c3:8f:de:42:7c:17:9e:28:66:11:ad:
aa:7d:41:d4:80:8f:15:2d:94:6c:1e:b5:01:34:64:20:b4:0f:
58:58:6e:1b:f5:eb:95:bb:22:d2:24:df:50:58:b5:78:ae:27:
02:70:0d:bf:9f:98:2b:6d:3e:22:75:37:f8:4e:c7:57:a0:25:
bf:00:03:89:36:a4:24:87:80:dd:75:39:13:30:86:47:d0:49:
47:96:57:5e:4a:fd:ca:de:06:13:df:46:32:77:67:33:96:c8:
7f:64:2e:e6:78:a3:1a:29:75:f8:23:3a:d7:4a:de:f0:0a:ae:
b9:87:d4:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATd1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MjAxNjU3WhcNMjYwMjE5MjAxNjU3WjAYMRYw
FAYDVQQDEw02N2JmNzZiZC0zOWQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0YmBKv4AfEnZs7hgZ4zsO0JWWTCYjfUKTHtRJVx4TYep/Tx39efXwiKf
/y0PaDk8ZkeyWmCrotYzyKgqTQ/VVE0pOP9Qnzs79Pw7UvtoKY8AJs/nwRsN9ZzR
GsOl2gAg+c22/CukKX6tF385duwr4LOsfOaEIknFMKE0KdFIZS7ExHyPxFIUgujj
4TP/GeQnGocH21EoN09vpkGo8mmeOEfVZZmFp6tIX9Cqoc/aem528agoNNRdyEp0
XigSWxXVC4Hs+PzfrsXYtBt0u7hhN8ZV78SWgRYR3Ts2ePlTnD90ZvyaKP1TBLAK
zljVkdOhv0bShVNtgKtN8L2IrSqIOwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKdI
NwdVSKm8d8e9tR5lrD+F4zqsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMzEyNDk4OEY0N0UxMUVGOUQ3MUY5N0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcyMA0GCSqGSIb3DQEBCwUA
A4IBAQCYSsnbVJrf4t4Gd+2K7ARkFyfSyATZe7wxMW+F1erLTTRwj321usZLuX7J
WAlpEr32Dbrme9PG0I8z5JQ8t8EP3NJa0hmyIvwgfE5u+/LK79bO9HcHJ1a4f/o0
WFRfFhi4AJ9WRlOzrwP6v/E8rYYeS6hSOalN95uiuds0bjuQ1G/EwQq7w4/eQnwX
nihmEa2qfUHUgI8VLZRsHrUBNGQgtA9YWG4b9euVuyLSJN9QWLV4ricCcA2/n5gr
bT4idTf4TsdXoCW/AAOJNqQkh4DddTkTMIZH0ElHlldeSv3K3gYT30Yyd2czlsh/
ZC7meKMaKXX4IzrXSt7wCq65h9Th
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:46 2025 by rpki-client