Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ADC4D9F0F42D11EF847E0B46762E951A.roa
File: ADC4D9F0F42D11EF847E0B46762E951A.roa (raw, json)
Hash identifier: G9uQbOlmKLsjD788jJqh0Z/jIe99wTF2i5Agf2H/CGo=
Subject key identifier: 3B:09:3B:71:FD:F7:CD:D8:D9:E8:25:5B:90:1C:44:EB:A8:B8:EF:B3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01313B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ADC4D9F0F42D11EF847E0B46762E951A.roa
Signing time: Wed 26 Feb 2025 10:37:30 +0000
ROA not before: Wed 26 Feb 2025 10:37:26 +0000
ROA not after: Thu 19 Feb 2026 10:37:26 +0000
asID: 328608
IP address blocks: 156.253.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78139 (0x1313b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:37:26 2025 GMT
Not After : Feb 19 10:37:26 2026 GMT
Subject: CN=67beeeea-6654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1a:e8:5c:6d:0c:50:9e:5b:3f:29:bc:48:aa:
12:8e:b4:59:2a:c6:10:a6:93:4b:ea:b3:ca:ff:90:
29:be:a9:f6:0d:d1:f6:30:8e:11:36:12:26:04:2a:
21:32:8c:e1:54:0e:97:c3:d6:e6:e8:eb:20:9a:7a:
bd:33:17:ba:99:da:de:86:36:cc:ad:fb:c1:63:6a:
b0:8a:7d:93:05:7f:66:1a:22:90:86:a2:37:93:08:
0e:64:79:6e:52:12:49:e2:ab:c9:36:bb:e4:6f:57:
d5:90:b9:64:db:40:12:b7:dd:d9:66:f4:b9:b9:03:
ce:c0:d2:c9:4d:1e:b2:90:1e:85:2b:76:5e:18:59:
4e:2d:20:5a:4c:15:69:ca:0b:69:19:5e:d5:87:69:
02:15:4f:ad:b3:3e:9c:15:bd:ee:08:68:f8:f1:d0:
67:f2:e7:33:80:95:56:01:67:6a:af:3a:38:bf:49:
66:8f:89:89:2a:3a:13:f2:3d:3e:c7:da:d3:d6:82:
a7:a3:38:63:24:8f:a5:f7:a4:25:ac:2a:15:d9:ac:
d7:cb:9c:c3:fa:d8:40:05:2b:24:d4:13:18:fa:77:
c3:31:a4:91:b5:9a:98:8b:cf:51:55:83:d2:ce:ea:
5b:23:67:60:7f:b9:c9:3f:d0:ee:e0:93:27:46:fe:
47:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:09:3B:71:FD:F7:CD:D8:D9:E8:25:5B:90:1C:44:EB:A8:B8:EF:B3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ADC4D9F0F42D11EF847E0B46762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.141.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:53:47:68:2f:d9:33:69:ca:88:92:62:31:26:1e:6c:98:ea:
fd:c9:6a:d9:3f:a8:74:6c:e7:20:23:43:e8:67:a1:3e:35:da:
0a:ef:de:bd:a1:d4:9f:01:6b:41:9f:f4:5f:19:6f:94:7e:76:
60:c4:9a:99:ae:1f:9f:aa:02:67:d8:cb:1e:ee:26:23:5a:5c:
10:d8:38:78:15:f2:c2:72:34:24:4d:97:d4:50:fd:74:45:94:
42:79:fd:67:d0:00:71:49:cb:1a:16:f4:59:82:b8:47:71:bd:
4e:55:0e:bd:aa:dd:e7:20:98:74:86:3f:68:84:db:de:7b:51:
9c:04:73:e1:1d:67:d8:20:7a:56:71:ad:87:a5:fa:db:d4:63:
7a:b9:63:6c:b6:e9:bc:b6:2e:8a:cd:c2:c5:8e:a6:a6:bd:8c:
82:67:73:b3:a6:39:6d:32:0b:f4:15:b2:83:cd:93:f1:fc:7e:
10:06:25:c8:8c:b8:c0:01:26:64:29:db:8f:f9:22:00:49:ae:
6f:cf:9d:68:b6:5e:bf:62:d6:06:16:61:9e:86:a0:bc:3c:57:
06:14:0e:4c:77:23:cf:47:12:a7:46:c0:8e:14:6d:7a:68:a9:
62:52:b6:c6:43:f1:df:51:de:0e:83:9a:f9:38:78:2d:74:fe:
98:2b:10:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATE7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTAzNzI2WhcNMjYwMjE5MTAzNzI2WjAYMRYw
FAYDVQQDEw02N2JlZWVlYS02NjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvhroXG0MUJ5bPym8SKoSjrRZKsYQppNL6rPK/5Apvqn2DdH2MI4RNhIm
BCohMozhVA6Xw9bm6Osgmnq9Mxe6mdrehjbMrfvBY2qwin2TBX9mGiKQhqI3kwgO
ZHluUhJJ4qvJNrvkb1fVkLlk20ASt93ZZvS5uQPOwNLJTR6ykB6FK3ZeGFlOLSBa
TBVpygtpGV7Vh2kCFU+tsz6cFb3uCGj48dBn8uczgJVWAWdqrzo4v0lmj4mJKjoT
8j0+x9rT1oKnozhjJI+l96QlrCoV2azXy5zD+thABSsk1BMY+nfDMaSRtZqYi89R
VYPSzupbI2dgf7nJP9Du4JMnRv5HRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDsJ
O3H9983Y2eglW5AcROuouO+zMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BREM0RDlGMEY0MkQxMUVGODQ3RTBCNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP2NMA0GCSqGSIb3DQEBCwUA
A4IBAQCnU0doL9kzacqIkmIxJh5smOr9yWrZP6h0bOcgI0PoZ6E+NdoK7969odSf
AWtBn/RfGW+UfnZgxJqZrh+fqgJn2Mse7iYjWlwQ2Dh4FfLCcjQkTZfUUP10RZRC
ef1n0ABxScsaFvRZgrhHcb1OVQ69qt3nIJh0hj9ohNvee1GcBHPhHWfYIHpWca2H
pfrb1GN6uWNstum8ti6KzcLFjqamvYyCZ3OzpjltMgv0FbKDzZPx/H4QBiXIjLjA
ASZkKduP+SIASa5vz51otl6/YtYGFmGehqC8PFcGFA5MdyPPRxKnRsCOFG16aKli
UrbGQ/HfUd4Og5r5OHgtdP6YKxDd
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:01 2025 by rpki-client