Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA37FE6AF46011EF83D519AB762E951A.roa
File: AA37FE6AF46011EF83D519AB762E951A.roa (raw, json)
Hash identifier: guclzS12F8/B5TS916EUWE/QdtlxqaOGZn1V8hUHI7g=
Subject key identifier: D0:7A:25:D1:FA:9E:29:4A:63:D0:A2:4B:AC:55:3E:FA:E3:68:54:42
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0134F6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA37FE6AF46011EF83D519AB762E951A.roa
Signing time: Wed 26 Feb 2025 16:42:28 +0000
ROA not before: Wed 26 Feb 2025 16:42:24 +0000
ROA not after: Sat 19 Feb 2028 16:42:24 +0000
asID: 17561
IP address blocks: 156.233.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79094 (0x134f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 16:42:24 2025 GMT
Not After : Feb 19 16:42:24 2028 GMT
Subject: CN=67bf4474-da6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:30:f1:99:7b:42:b1:bb:35:50:1f:d9:55:78:
a6:ab:5f:ad:8c:55:6d:74:f8:04:22:17:e0:c4:d4:
2c:8c:20:7d:43:bf:70:46:3d:07:7d:c0:5c:ce:c0:
37:07:e7:22:6c:a7:80:8b:47:96:e4:b9:47:e2:58:
56:de:08:b5:b7:df:17:aa:78:98:b0:7f:18:98:e1:
e4:b9:16:95:65:16:4c:f9:de:f2:03:3d:b6:cd:f4:
31:c1:83:25:72:04:82:7f:8a:8a:37:93:7a:04:bd:
96:6d:06:6a:94:42:16:8c:71:17:04:65:e5:4c:d5:
6b:08:98:97:d8:82:5a:b0:8d:66:e2:b7:03:07:e9:
81:d2:ac:e4:ee:ea:2b:e9:d8:74:e0:d4:2c:95:64:
75:dd:3b:35:ff:f4:24:c8:d6:9c:2d:68:1f:d6:e3:
06:1b:f0:0d:2b:69:cb:78:e6:11:a5:10:23:f0:3b:
a6:a4:a9:fa:d9:14:62:92:33:60:6b:a7:22:f6:0c:
71:01:95:d3:78:8f:90:4c:e2:1b:85:e4:62:ea:6e:
18:d4:62:67:61:34:6e:c7:64:aa:64:d0:c3:2b:95:
d2:46:b3:fe:2c:53:0e:7c:15:0f:57:c6:65:99:82:
7f:07:29:d6:78:c4:56:50:8b:53:c3:da:32:c0:e9:
8f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7A:25:D1:FA:9E:29:4A:63:D0:A2:4B:AC:55:3E:FA:E3:68:54:42
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AA37FE6AF46011EF83D519AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.36.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a1:a5:cb:a6:60:4b:e8:2f:4f:eb:54:b1:04:9f:d8:46:eb:
f4:c7:eb:9b:1a:69:37:3c:2d:6e:10:39:d3:9e:24:b7:69:d6:
1f:a4:9b:25:3a:e3:aa:06:ba:e4:ed:e2:4f:58:27:fc:41:64:
c2:08:bd:7b:08:e3:51:78:04:54:15:e5:2a:e8:fd:5a:da:d2:
61:6d:15:39:ab:21:68:da:06:c4:4a:c2:7c:d2:20:45:43:1b:
b8:5e:fc:bc:57:13:6b:9a:32:26:8f:2c:fa:3a:46:c2:a0:69:
1d:a8:2c:3c:aa:76:68:23:10:75:4b:23:e6:82:17:b2:a4:70:
ca:16:9c:a0:fb:2b:48:8c:b5:54:b8:67:f2:47:2b:dd:93:40:
24:d3:13:c1:bd:1e:36:64:43:ff:c9:08:a1:cb:ae:d1:ba:67:
26:9e:3c:d2:a9:d4:bc:7f:1c:64:1b:87:f8:53:77:37:39:c8:
5f:7c:f6:00:98:3f:eb:64:ce:19:1a:f6:3f:de:5d:58:3d:2e:
f0:9e:11:da:62:17:7b:5f:e1:da:cb:9d:6e:d6:77:e2:6f:c4:
01:9c:1c:e5:c0:ef:32:57:89:d1:46:cf:01:09:0a:91:69:60:
6c:d4:bc:da:c9:bf:68:1d:1b:98:f6:64:c0:3b:02:30:dc:db:
89:44:c2:7e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATT2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTY0MjI0WhcNMjgwMjE5MTY0MjI0WjAYMRYw
FAYDVQQDEw02N2JmNDQ3NC1kYTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7TDxmXtCsbs1UB/ZVXimq1+tjFVtdPgEIhfgxNQsjCB9Q79wRj0HfcBc
zsA3B+cibKeAi0eW5LlH4lhW3gi1t98XqniYsH8YmOHkuRaVZRZM+d7yAz22zfQx
wYMlcgSCf4qKN5N6BL2WbQZqlEIWjHEXBGXlTNVrCJiX2IJasI1m4rcDB+mB0qzk
7uor6dh04NQslWR13Ts1//QkyNacLWgf1uMGG/ANK2nLeOYRpRAj8DumpKn62RRi
kjNga6ci9gxxAZXTeI+QTOIbheRi6m4Y1GJnYTRux2SqZNDDK5XSRrP+LFMOfBUP
V8ZlmYJ/BynWeMRWUItTw9oywOmPhQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNB6
JdH6nilKY9CiS6xVPvrjaFRCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQTM3RkU2QUY0NjAxMUVGODNENTE5QUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkkMA0GCSqGSIb3DQEBCwUA
A4IBAQAAoaXLpmBL6C9P61SxBJ/YRuv0x+ubGmk3PC1uEDnTniS3adYfpJslOuOq
Brrk7eJPWCf8QWTCCL17CONReARUFeUq6P1a2tJhbRU5qyFo2gbESsJ80iBFQxu4
Xvy8VxNrmjImjyz6OkbCoGkdqCw8qnZoIxB1SyPmgheypHDKFpyg+ytIjLVUuGfy
Ryvdk0Ak0xPBvR42ZEP/yQihy67RumcmnjzSqdS8fxxkG4f4U3c3OchffPYAmD/r
ZM4ZGvY/3l1YPS7wnhHaYhd7X+Hay51u1nfib8QBnBzlwO8yV4nRRs8BCQqRaWBs
1Lzayb9oHRuY9mTAOwIw3NuJRMJ+
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:03 2025 by rpki-client