Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAE99EBA00CA11F08E27C388762E951A.roa
File: AAE99EBA00CA11F08E27C388762E951A.roa (raw, json)
Hash identifier: w5VTEyRe5q6b05jxpO3kKhcyXhPVbqbhFYq7m/zJE5s=
Subject key identifier: D9:E9:F2:CD:28:DC:A3:FD:81:7E:B2:79:CE:A3:46:19:40:2F:F7:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01461C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAE99EBA00CA11F08E27C388762E951A.roa
Signing time: Fri 14 Mar 2025 11:51:30 +0000
ROA not before: Fri 14 Mar 2025 11:51:26 +0000
ROA not after: Sun 20 Apr 2025 11:51:26 +0000
asID: 20326
IP address blocks: 156.233.10.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83484 (0x1461c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 14 11:51:26 2025 GMT
Not After : Apr 20 11:51:26 2025 GMT
Subject: CN=67d41842-5846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:00:19:75:3a:3e:a7:96:ff:12:db:6b:ec:45:
26:2f:47:00:e8:76:fa:5a:b0:4f:e1:79:4b:a7:1b:
ae:f5:53:0e:37:4a:a0:8a:9b:37:07:39:39:b3:ca:
12:26:f2:60:e7:3f:14:16:bc:96:00:f4:0d:b8:e9:
94:5c:27:eb:7f:d8:1d:07:d3:45:a2:ee:c5:dd:e6:
18:1b:c9:f2:9a:d9:fa:29:0d:17:94:10:5b:a5:9d:
d1:af:76:96:cb:66:ee:6d:91:72:7c:de:29:aa:3b:
f8:96:83:e2:4b:72:28:e8:a0:87:40:18:6f:c3:8b:
63:39:62:f8:a6:f2:48:aa:c9:93:05:2d:80:8f:88:
ed:05:22:17:12:4d:e9:1c:0e:81:2f:bf:27:df:94:
b2:b7:8e:8b:48:39:fc:93:5f:3f:11:da:9c:f3:24:
3b:4d:df:18:a3:50:f9:cb:3c:59:94:70:2f:7a:2e:
b0:66:8e:ff:60:aa:86:b0:69:31:39:ac:0f:af:d0:
ff:35:08:2d:e1:2c:13:e4:e3:02:45:0c:f0:ca:27:
5a:21:93:ca:b4:3e:79:d9:6d:2c:38:6c:d5:9a:26:
4a:e8:56:17:e0:eb:2b:f6:84:fd:fe:53:98:52:ec:
9e:ac:a3:b3:1c:b2:1c:f7:e5:c0:ba:d7:60:5d:43:
19:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E9:F2:CD:28:DC:A3:FD:81:7E:B2:79:CE:A3:46:19:40:2F:F7:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AAE99EBA00CA11F08E27C388762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.10.0/23
Signature Algorithm: sha256WithRSAEncryption
79:f1:97:d9:ac:8c:97:35:16:56:06:72:8d:09:ef:27:62:54:
cb:6e:8f:2c:53:f7:5e:c8:04:48:4e:af:2e:18:c3:7a:9e:3e:
45:83:45:10:4f:f7:9a:f4:99:b8:a4:7b:3e:c3:be:49:a7:72:
37:d9:ff:c1:f6:36:78:3c:2b:37:62:fc:69:b0:66:ba:58:1f:
6d:f8:a9:7f:5f:28:9c:ad:cb:18:27:ec:d5:22:a4:88:57:89:
04:59:2f:49:a0:5c:f3:42:77:af:db:7d:5a:59:de:05:6d:b6:
40:3f:4a:62:51:2c:2c:44:e9:3a:b1:47:83:5d:ee:21:d6:e4:
0a:fd:3a:f3:70:4b:2f:50:c4:15:e0:d9:8b:f1:58:27:58:a5:
3b:38:4c:6a:5b:25:de:ce:b2:f5:d0:f7:97:e4:79:d6:e8:1c:
d2:c4:63:15:00:99:17:4e:3f:26:00:03:44:3b:fe:28:6a:58:
c4:ed:f4:e5:7e:9b:0e:1f:92:8a:bb:9c:c9:98:07:e7:1a:6b:
c3:ca:0c:18:3b:f6:bb:54:cc:5f:a1:a8:4f:45:c1:72:05:67:
ca:a3:80:11:ae:a2:d9:2a:13:d5:99:59:ba:45:67:0f:e5:6a:
5e:48:5e:e5:f9:79:e3:8d:00:06:a4:07:b9:e9:33:70:b9:e6:
2f:8f:8c:b1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUYcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE0MTE1MTI2WhcNMjUwNDIwMTE1MTI2WjAYMRYw
FAYDVQQDEw02N2Q0MTg0Mi01ODQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0gAZdTo+p5b/Ettr7EUmL0cA6Hb6WrBP4XlLpxuu9VMON0qgips3Bzk5
s8oSJvJg5z8UFryWAPQNuOmUXCfrf9gdB9NFou7F3eYYG8nymtn6KQ0XlBBbpZ3R
r3aWy2bubZFyfN4pqjv4loPiS3Io6KCHQBhvw4tjOWL4pvJIqsmTBS2Aj4jtBSIX
Ek3pHA6BL78n35Syt46LSDn8k18/Edqc8yQ7Td8Yo1D5yzxZlHAvei6wZo7/YKqG
sGkxOawPr9D/NQgt4SwT5OMCRQzwyidaIZPKtD552W0sOGzVmiZK6FYX4Osr9oT9
/lOYUuyerKOzHLIc9+XAutdgXUMZvwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNnp
8s0o3KP9gX6yec6jRhlAL/c9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQUU5OUVCQTAwQ0ExMUYwOEUyN0MzODg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOkKMA0GCSqGSIb3DQEBCwUA
A4IBAQB58ZfZrIyXNRZWBnKNCe8nYlTLbo8sU/deyARITq8uGMN6nj5Fg0UQT/ea
9Jm4pHs+w75Jp3I32f/B9jZ4PCs3YvxpsGa6WB9t+Kl/XyicrcsYJ+zVIqSIV4kE
WS9JoFzzQnev231aWd4FbbZAP0piUSwsROk6sUeDXe4h1uQK/TrzcEsvUMQV4NmL
8VgnWKU7OExqWyXezrL10PeX5HnW6BzSxGMVAJkXTj8mAANEO/4oaljE7fTlfpsO
H5KKu5zJmAfnGmvDygwYO/a7VMxfoahPRcFyBWfKo4ARrqLZKhPVmVm6RWcP5Wpe
SF7l+XnjjQAGpAe56TNwueYvj4yx
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:11:55 2025 by rpki-client