Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE344AD2F42E11EF9E30934B762E951A.roa
File: AE344AD2F42E11EF9E30934B762E951A.roa (raw, json)
Hash identifier: bk9vq+vLEAz+C29IKgigTyoP0+DKTPcOhjX5O/SLTDo=
Subject key identifier: 6C:9E:A4:D7:39:0F:B5:FB:01:B8:AA:FF:07:80:ED:43:2A:E2:FD:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013156
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE344AD2F42E11EF9E30934B762E951A.roa
Signing time: Wed 26 Feb 2025 10:44:40 +0000
ROA not before: Wed 26 Feb 2025 10:44:36 +0000
ROA not after: Thu 19 Feb 2026 10:44:36 +0000
asID: 328608
IP address blocks: 156.253.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78166 (0x13156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:44:36 2025 GMT
Not After : Feb 19 10:44:36 2026 GMT
Subject: CN=67bef098-1970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:5a:76:85:07:21:ba:56:8b:df:ed:c8:b1:
54:9f:c4:24:68:79:a1:30:38:13:06:e9:28:a4:24:
3a:ed:17:b9:82:c3:a1:c2:83:c5:17:53:87:fd:4c:
e6:9b:24:ad:34:cb:88:74:aa:54:d9:23:ba:cd:99:
02:0f:2e:41:36:ca:41:0f:2b:16:a9:b2:bd:4a:9a:
93:2e:d8:ac:30:ea:72:bb:a3:5e:35:64:4e:37:c5:
c3:e8:1c:50:37:57:95:6a:0f:73:ad:df:28:a3:a3:
9a:1f:ad:2c:c4:62:61:39:0d:35:9e:1a:89:37:1c:
8f:6b:f3:a5:0d:b7:fe:8d:91:b5:71:aa:25:27:f0:
39:69:4a:c2:a8:28:88:22:93:1a:68:af:cf:36:da:
9b:a3:6e:bd:80:da:4f:7b:2c:90:8b:75:d7:8a:3d:
4a:e3:62:98:f6:1a:5c:a1:b6:73:c1:34:88:ab:e3:
c5:f7:e7:e2:c0:79:64:9d:3c:a6:c7:f0:ee:2e:75:
61:39:8b:67:99:e5:51:83:4a:69:9d:e9:82:40:aa:
a6:e3:c9:b2:56:a1:6f:2d:55:26:cd:15:9e:96:47:
c9:ef:6e:99:87:29:ba:f1:7d:ae:50:16:2b:be:1d:
93:16:d5:2c:30:83:5c:2e:5e:ee:74:12:29:2b:30:
94:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9E:A4:D7:39:0F:B5:FB:01:B8:AA:FF:07:80:ED:43:2A:E2:FD:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE344AD2F42E11EF9E30934B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.191.0/24
Signature Algorithm: sha256WithRSAEncryption
55:46:35:fd:b0:83:3c:bd:4f:52:c6:6a:ff:92:a0:b1:5a:a2:
ea:3b:6b:68:75:f5:4e:89:49:e2:3f:2c:7d:ea:f4:9d:06:43:
25:5e:f0:5e:8d:47:4c:44:7a:fb:98:ab:15:01:ea:5f:a6:42:
8b:f3:d4:e0:07:3c:f6:ef:00:2e:93:93:13:7e:e9:58:25:d8:
66:b6:4f:1f:38:e6:cd:ae:ee:f7:28:0e:17:38:80:91:44:fa:
65:32:15:88:c8:13:f4:88:9c:07:84:84:20:3a:ff:aa:d2:7e:
a8:11:31:da:6d:db:16:0c:fa:92:42:c3:92:6b:7c:cd:86:bd:
00:3b:4a:05:13:65:b3:e3:a6:85:a8:1b:8a:8b:0b:39:c2:d4:
84:5c:e1:7f:7f:ae:bf:f3:de:d7:83:a6:18:76:a9:a1:43:53:
22:a5:ed:b4:51:55:10:e8:0b:6f:23:0d:37:98:85:12:41:9f:
92:4c:01:2c:3c:8f:ba:b4:d1:8e:95:7d:99:4f:e1:a6:62:88:
41:3c:a9:d1:68:8a:70:ef:c9:03:b1:b6:e4:f8:2c:2e:4b:f0:
0e:c2:82:cd:7e:e0:c5:2c:9b:79:d6:5e:83:1f:c8:e3:fe:59:
31:fb:a9:af:f3:07:88:6a:54:29:50:f8:6e:73:eb:5b:0b:71:
fc:49:90:28
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATFWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTA0NDM2WhcNMjYwMjE5MTA0NDM2WjAYMRYw
FAYDVQQDEw02N2JlZjA5OC0xOTcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuCBadoUHIbpWi9/tyLFUn8QkaHmhMDgTBukopCQ67Re5gsOhwoPFF1OH
/UzmmyStNMuIdKpU2SO6zZkCDy5BNspBDysWqbK9SpqTLtisMOpyu6NeNWRON8XD
6BxQN1eVag9zrd8oo6OaH60sxGJhOQ01nhqJNxyPa/OlDbf+jZG1caolJ/A5aUrC
qCiIIpMaaK/PNtqbo269gNpPeyyQi3XXij1K42KY9hpcobZzwTSIq+PF9+fiwHlk
nTymx/DuLnVhOYtnmeVRg0ppnemCQKqm48myVqFvLVUmzRWelkfJ726Zhym68X2u
UBYrvh2TFtUsMINcLl7udBIpKzCUKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGye
pNc5D7X7Abiq/weA7UMq4v0RMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRTM0NEFEMkY0MkUxMUVGOUUzMDkzNEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP2/MA0GCSqGSIb3DQEBCwUA
A4IBAQBVRjX9sIM8vU9Sxmr/kqCxWqLqO2todfVOiUniPyx96vSdBkMlXvBejUdM
RHr7mKsVAepfpkKL89TgBzz27wAuk5MTfulYJdhmtk8fOObNru73KA4XOICRRPpl
MhWIyBP0iJwHhIQgOv+q0n6oETHabdsWDPqSQsOSa3zNhr0AO0oFE2Wz46aFqBuK
iws5wtSEXOF/f66/897Xg6YYdqmhQ1Mipe20UVUQ6AtvIw03mIUSQZ+STAEsPI+6
tNGOlX2ZT+GmYohBPKnRaIpw78kDsbbk+CwuS/AOwoLNfuDFLJt51l6DH8jj/lkx
+6mv8weIalQpUPhuc+tbC3H8SZAo
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:58 2025 by rpki-client