Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF2CB922F44911EFA0547B8B762E951A.roa
File: AF2CB922F44911EFA0547B8B762E951A.roa (raw, json)
Hash identifier: /bs6rUw2BHTVfIpiIKYDN4uaSSfTbmV0B18LHDU2iLc=
Subject key identifier: 9D:CE:3A:C8:52:B5:62:A6:00:66:91:61:E3:0C:77:2B:51:48:F3:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013377
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF2CB922F44911EFA0547B8B762E951A.roa
Signing time: Wed 26 Feb 2025 13:57:58 +0000
ROA not before: Wed 26 Feb 2025 13:57:54 +0000
ROA not after: Thu 19 Feb 2026 13:57:54 +0000
asID: 984
IP address blocks: 156.252.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78711 (0x13377)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 13:57:54 2025 GMT
Not After : Feb 19 13:57:54 2026 GMT
Subject: CN=67bf1de6-7dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:60:d5:2e:f2:1a:40:4d:51:63:72:16:b1:ce:
ca:25:6d:79:2c:8d:4a:b6:a7:47:79:0d:95:97:ef:
2f:3f:30:28:5c:37:8a:92:eb:1e:30:17:5e:db:07:
8e:6f:ad:be:73:e3:a0:6f:85:fc:ab:00:36:81:cd:
2e:68:b5:82:77:68:83:88:e1:88:5b:4a:a2:ab:40:
ce:f8:d5:cf:9c:26:93:b3:5a:e0:00:26:fe:ff:11:
f9:d8:89:ae:e1:39:25:23:83:59:25:a9:11:96:55:
36:1d:a9:38:fe:b9:a0:10:d4:bd:87:77:e0:1e:dd:
63:5d:ba:c2:f7:34:64:4a:11:95:52:82:08:f6:cc:
b9:5f:3b:d7:7e:2e:f5:10:05:02:7c:65:e7:db:16:
f4:8a:3e:4c:24:ea:87:2c:0f:ab:07:20:32:2e:33:
ed:70:c4:60:b8:e4:e7:91:03:0d:6c:d8:94:f9:39:
f6:34:62:33:5d:8c:11:bd:9b:54:b8:38:13:c8:65:
72:c3:5e:b8:05:92:c5:37:15:b4:8c:80:46:34:4a:
70:31:f1:3a:2e:e1:7a:8f:14:5a:a6:b6:89:4b:0f:
b4:0e:97:1f:1a:8f:3c:07:28:7a:70:1f:1a:c0:03:
8a:dc:13:3d:7f:84:f4:e3:57:04:09:3e:3d:8e:fc:
76:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CE:3A:C8:52:B5:62:A6:00:66:91:61:E3:0C:77:2B:51:48:F3:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF2CB922F44911EFA0547B8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.180.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:56:cf:de:66:02:ff:d5:59:bc:2a:b5:cf:e4:1b:ca:6e:5a:
52:ce:9d:4a:ad:5d:c7:8c:eb:88:c6:fb:93:b7:9d:78:08:b8:
c9:f9:98:17:7a:bc:7e:58:36:e8:a4:0c:e7:f0:1c:95:22:ce:
e6:9d:f4:e7:12:cc:e3:e3:8a:77:50:28:f1:6b:16:21:b5:93:
c3:58:1b:24:73:c4:44:3c:71:ba:2c:4e:2d:38:5d:fe:ab:d6:
65:6b:60:5a:c0:a5:bb:27:c5:a1:5a:99:db:68:f9:ad:bd:89:
c0:8e:40:5b:83:26:84:84:7c:de:2e:5e:e4:06:c0:bd:24:5d:
14:83:43:52:7d:9a:18:db:b9:d1:6c:8b:b7:f1:33:fc:de:7d:
8d:f9:c2:36:24:93:e2:23:03:1f:fc:b1:d6:4a:1b:08:46:52:
37:ab:d3:04:37:1f:6c:72:aa:bd:7f:0f:98:2a:13:06:f5:36:
00:02:0d:a4:fc:38:5e:18:ae:8b:f6:4d:16:51:0d:af:24:8a:
c4:e5:4d:f7:9f:6c:49:f4:a7:67:6f:37:1b:25:3b:29:c9:e0:
4e:05:66:75:69:b1:32:92:4b:e7:a2:5b:4a:2e:75:27:e9:85:
34:42:39:50:44:e3:a3:3b:a6:89:e4:ca:60:9b:fd:12:f9:a5:
4b:26:b7:3f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATN3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTM1NzU0WhcNMjYwMjE5MTM1NzU0WjAYMRYw
FAYDVQQDEw02N2JmMWRlNi03ZGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxmDVLvIaQE1RY3IWsc7KJW15LI1KtqdHeQ2Vl+8vPzAoXDeKkuseMBde
2weOb62+c+Ogb4X8qwA2gc0uaLWCd2iDiOGIW0qiq0DO+NXPnCaTs1rgACb+/xH5
2Imu4TklI4NZJakRllU2Hak4/rmgENS9h3fgHt1jXbrC9zRkShGVUoII9sy5XzvX
fi71EAUCfGXn2xb0ij5MJOqHLA+rByAyLjPtcMRguOTnkQMNbNiU+Tn2NGIzXYwR
vZtUuDgTyGVyw164BZLFNxW0jIBGNEpwMfE6LuF6jxRapraJSw+0DpcfGo88Byh6
cB8awAOK3BM9f4T041cECT49jvx2VwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ3O
OshStWKmAGaRYeMMdytRSPPMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjJDQjkyMkY0NDkxMUVGQTA1NDdCOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPy0MA0GCSqGSIb3DQEBCwUA
A4IBAQBvVs/eZgL/1Vm8KrXP5BvKblpSzp1KrV3HjOuIxvuTt514CLjJ+ZgXerx+
WDbopAzn8ByVIs7mnfTnEszj44p3UCjxaxYhtZPDWBskc8REPHG6LE4tOF3+q9Zl
a2BawKW7J8WhWpnbaPmtvYnAjkBbgyaEhHzeLl7kBsC9JF0Ug0NSfZoY27nRbIu3
8TP83n2N+cI2JJPiIwMf/LHWShsIRlI3q9MENx9scqq9fw+YKhMG9TYAAg2k/Dhe
GK6L9k0WUQ2vJIrE5U33n2xJ9KdnbzcbJTspyeBOBWZ1abEykkvnoltKLnUn6YU0
QjlQROOjO6aJ5Mpgm/0S+aVLJrc/
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:41 2025 by rpki-client