Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AD1886C8F44611EF9923F574762E951A.roa
File: AD1886C8F44611EF9923F574762E951A.roa (raw, json)
Hash identifier: /CAxpUFcGBIczMSduxeh3+heTvlgUp0jyiPSEizS/bA=
Subject key identifier: 5E:F1:71:D1:3B:30:1E:5C:65:55:31:15:9A:E9:A5:21:F6:5A:CC:8D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01333E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AD1886C8F44611EF9923F574762E951A.roa
Signing time: Wed 26 Feb 2025 13:36:26 +0000
ROA not before: Wed 26 Feb 2025 13:36:22 +0000
ROA not after: Thu 19 Feb 2026 13:36:22 +0000
asID: 984
IP address blocks: 156.231.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78654 (0x1333e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 13:36:22 2025 GMT
Not After : Feb 19 13:36:22 2026 GMT
Subject: CN=67bf18da-7620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:45:ea:73:68:3e:9b:e8:c8:9b:9d:56:93:37:
4a:7e:9b:a1:4d:68:77:ea:cb:f4:e1:39:b1:a0:b8:
39:c8:47:fe:68:6f:81:27:41:76:f1:73:bc:99:61:
eb:c4:c4:f7:c1:c2:4d:39:3d:8a:28:f0:69:f3:65:
9f:b8:aa:9c:6e:e9:bd:15:7b:db:47:a5:35:07:df:
fb:da:eb:cb:40:e4:38:e1:5b:ed:78:7d:e6:c5:af:
15:6d:18:b2:b7:d0:bd:3c:e7:d1:ef:f5:80:b9:73:
c3:eb:c4:ee:91:21:be:fe:68:7a:6a:53:1f:0d:32:
03:ca:24:e3:bd:26:e2:a2:11:f4:ea:c0:18:11:a0:
50:6c:dc:48:c2:d0:e5:5a:80:da:60:ae:d9:84:bc:
56:ca:7f:54:c1:39:05:30:3b:28:ae:93:06:e3:77:
00:e5:65:74:2e:87:41:1b:ed:f4:89:f4:6d:f9:c3:
be:50:16:ce:21:40:91:d0:b2:14:79:c4:fa:b0:74:
13:67:1a:82:55:70:f1:ec:39:21:d5:d6:53:19:e1:
5e:0a:52:ad:19:23:94:89:09:1e:99:fa:a8:43:a2:
76:39:71:60:65:ed:d2:3b:26:bf:4e:48:80:ad:7a:
1a:02:9c:d8:b5:1a:b1:11:7b:80:e5:24:95:46:09:
ae:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F1:71:D1:3B:30:1E:5C:65:55:31:15:9A:E9:A5:21:F6:5A:CC:8D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AD1886C8F44611EF9923F574762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.128.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:9f:d6:bf:9c:31:41:7b:11:42:c7:8c:25:96:0e:71:eb:3c:
e3:1c:9a:4a:b8:be:b9:84:f2:08:99:17:e9:99:36:64:6b:0d:
4e:d0:f2:84:2c:7e:89:78:4b:2c:e2:ed:32:25:09:2b:f0:2d:
eb:7a:5d:83:f3:a2:35:50:ee:f4:a1:3b:f0:dd:ed:9b:25:3c:
46:5d:85:7e:9e:3a:b2:b2:b9:32:ac:53:91:76:41:78:10:bb:
ed:da:23:c7:3d:fd:de:9c:b5:bf:57:a5:4a:73:a7:a1:0c:b6:
56:30:79:d7:fd:e2:ba:dd:47:21:be:a2:61:84:6d:13:8b:b0:
cf:03:55:12:7b:55:40:d9:69:32:92:c7:7a:20:a6:55:5c:47:
7d:3c:c4:95:7c:b5:80:78:2b:7b:7c:61:e3:cf:8c:b8:0e:fc:
5b:00:6e:59:6b:1e:e3:60:82:ae:39:16:f0:af:ee:9c:26:98:
1e:14:dd:c7:53:4f:e4:61:f2:4e:84:17:b9:f9:1a:51:f4:fd:
e4:71:17:06:1a:92:d5:3d:c1:14:34:1b:97:df:be:17:0b:90:
9d:6b:55:44:15:1b:b5:87:60:63:69:0b:33:b8:17:e5:56:55:
16:b0:2e:98:f5:c7:8b:e7:ff:e5:e0:9e:75:23:7c:16:31:ba:
77:00:64:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATM+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTMzNjIyWhcNMjYwMjE5MTMzNjIyWjAYMRYw
FAYDVQQDEw02N2JmMThkYS03NjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu0Xqc2g+m+jIm51WkzdKfpuhTWh36sv04TmxoLg5yEf+aG+BJ0F28XO8
mWHrxMT3wcJNOT2KKPBp82WfuKqcbum9FXvbR6U1B9/72uvLQOQ44VvteH3mxa8V
bRiyt9C9POfR7/WAuXPD68TukSG+/mh6alMfDTIDyiTjvSbiohH06sAYEaBQbNxI
wtDlWoDaYK7ZhLxWyn9UwTkFMDsorpMG43cA5WV0LodBG+30ifRt+cO+UBbOIUCR
0LIUecT6sHQTZxqCVXDx7Dkh1dZTGeFeClKtGSOUiQkemfqoQ6J2OXFgZe3SOya/
TkiArXoaApzYtRqxEXuA5SSVRgmurQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF7x
cdE7MB5cZVUxFZrppSH2WsyNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRDE4ODZDOEY0NDYxMUVGOTkyM0Y1NzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOeAMA0GCSqGSIb3DQEBCwUA
A4IBAQAMn9a/nDFBexFCx4wllg5x6zzjHJpKuL65hPIImRfpmTZkaw1O0PKELH6J
eEss4u0yJQkr8C3rel2D86I1UO70oTvw3e2bJTxGXYV+njqysrkyrFORdkF4ELvt
2iPHPf3enLW/V6VKc6ehDLZWMHnX/eK63UchvqJhhG0Ti7DPA1USe1VA2Wkyksd6
IKZVXEd9PMSVfLWAeCt7fGHjz4y4DvxbAG5Zax7jYIKuORbwr+6cJpgeFN3HU0/k
YfJOhBe5+RpR9P3kcRcGGpLVPcEUNBuX374XC5Cda1VEFRu1h2BjaQszuBflVlUW
sC6Y9ceL5//l4J51I3wWMbp3AGRG
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:05 2025 by rpki-client