Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B08E7BF8FB3C11EF9F48B260762E951A.roa
File: B08E7BF8FB3C11EF9F48B260762E951A.roa (raw, json)
Hash identifier: 9QEnT5dS3uXJRiU1LRzFhWnbyI1Gu8OzdFCK3k0h/Wg=
Subject key identifier: C3:1A:B9:B0:65:4A:0E:B8:8D:39:69:24:9A:FC:10:0C:C5:26:95:BD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014416
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B08E7BF8FB3C11EF9F48B260762E951A.roa
Signing time: Fri 07 Mar 2025 10:12:35 +0000
ROA not before: Fri 07 Mar 2025 10:12:31 +0000
ROA not after: Sun 13 Apr 2025 10:12:31 +0000
asID: 394432
IP address blocks: 156.227.160.0/20 maxlen: 24
156.227.176.0/20 maxlen: 24
156.252.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82966 (0x14416)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 7 10:12:31 2025 GMT
Not After : Apr 13 10:12:31 2025 GMT
Subject: CN=67cac693-a9e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:da:a5:f0:bb:f4:47:1f:c6:30:41:a7:27:bd:
88:ff:89:7c:4f:13:32:a6:bf:53:98:35:af:f5:45:
49:0b:f3:5e:a5:df:3c:eb:3c:25:21:b1:13:e6:5e:
82:f4:63:28:14:94:8d:04:ee:45:25:84:54:56:ea:
00:4e:cb:50:37:f8:c8:3b:a5:c4:99:8b:38:be:8f:
65:74:2b:50:38:5d:20:9d:c0:ca:0a:d2:af:b4:c2:
22:1e:c8:75:39:72:dd:43:c0:07:f3:68:6c:1e:a5:
c0:19:c7:a1:e2:1b:f2:98:49:84:33:d3:5f:d5:cd:
b7:8a:c0:7d:cc:13:6a:e8:8f:eb:c5:09:da:0f:1d:
78:8b:60:93:1a:ea:6e:2e:8c:e7:63:a8:20:b9:e8:
4a:4d:a4:61:25:ca:c5:ab:d5:fb:5c:0f:e7:29:bb:
43:5f:68:b3:84:61:12:d1:6f:cd:b4:b5:c1:72:96:
07:18:55:69:18:b8:fd:e2:96:ee:92:b1:04:6c:50:
3d:43:4f:56:48:e8:1a:07:af:c9:75:ec:93:c6:d2:
ee:4d:19:eb:a4:5b:cf:cd:89:fa:0e:ef:d3:e9:68:
78:3f:3a:bb:df:cc:3a:9f:8a:c3:1f:dc:13:d2:cf:
ea:a4:24:4a:76:a5:a3:47:b6:bb:87:9f:d9:90:a7:
25:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:1A:B9:B0:65:4A:0E:B8:8D:39:69:24:9A:FC:10:0C:C5:26:95:BD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B08E7BF8FB3C11EF9F48B260762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.160.0/19
156.252.96.0/19
Signature Algorithm: sha256WithRSAEncryption
4b:aa:69:63:d5:f9:ec:c2:62:30:69:be:a7:10:f8:61:d3:bd:
88:12:d4:ce:11:8b:ec:18:fc:34:b6:a8:7e:8a:1b:3f:01:47:
78:5c:2b:d8:6a:dd:66:91:10:dc:c4:27:9c:6b:eb:63:36:fe:
d4:10:6d:7c:1a:9b:b2:f9:21:92:e5:81:c1:b9:09:19:c5:c6:
fe:bb:e4:44:ea:aa:e3:c2:2e:56:5e:6a:5e:96:ff:76:f9:60:
3a:c5:09:3a:77:10:16:58:85:fe:c6:55:06:fb:db:46:c3:c3:
33:2d:87:4d:97:8f:e8:c2:f1:14:c8:c5:35:63:23:54:8c:02:
fb:41:eb:00:85:f4:81:b0:e7:cc:08:39:9a:a1:40:0c:c4:77:
cc:9f:6a:8b:82:e8:ef:ee:d9:99:d1:69:f1:a1:09:87:7b:98:
73:6b:79:aa:1b:b4:30:55:e4:1f:4b:1a:4b:9a:f6:1f:6f:d0:
94:ea:94:53:a5:29:41:ec:a6:05:9b:d6:7d:c6:b5:9b:c1:e9:
16:74:50:cf:17:0b:58:3d:fb:a2:88:4a:bb:cc:e1:e9:4b:c8:
5c:21:58:b5:7a:20:4d:be:1a:ec:b6:27:63:cc:60:a9:1a:de:
0a:18:bc:26:09:9a:0f:cf:7c:fe:de:34:99:2b:61:dc:d7:78:
d7:61:98:52
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUQWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzA3MTAxMjMxWhcNMjUwNDEzMTAxMjMxWjAYMRYw
FAYDVQQDEw02N2NhYzY5My1hOWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAztql8Lv0Rx/GMEGnJ72I/4l8TxMypr9TmDWv9UVJC/Nepd886zwlIbET
5l6C9GMoFJSNBO5FJYRUVuoATstQN/jIO6XEmYs4vo9ldCtQOF0gncDKCtKvtMIi
Hsh1OXLdQ8AH82hsHqXAGceh4hvymEmEM9Nf1c23isB9zBNq6I/rxQnaDx14i2CT
GupuLoznY6gguehKTaRhJcrFq9X7XA/nKbtDX2izhGES0W/NtLXBcpYHGFVpGLj9
4pbukrEEbFA9Q09WSOgaB6/JdeyTxtLuTRnrpFvPzYn6Du/T6Wh4Pzq738w6n4rD
H9wT0s/qpCRKdqWjR7a7h5/ZkKclowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMMa
ubBlSg64jTlpJJr8EAzFJpW9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMDhFN0JGOEZCM0MxMUVGOUY0OEIyNjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFnOOgAwQFnPxgMA0GCSqGSIb3
DQEBCwUAA4IBAQBLqmlj1fnswmIwab6nEPhh072IEtTOEYvsGPw0tqh+ihs/AUd4
XCvYat1mkRDcxCeca+tjNv7UEG18Gpuy+SGS5YHBuQkZxcb+u+RE6qrjwi5WXmpe
lv92+WA6xQk6dxAWWIX+xlUG+9tGw8MzLYdNl4/owvEUyMU1YyNUjAL7QesAhfSB
sOfMCDmaoUAMxHfMn2qLgujv7tmZ0WnxoQmHe5hza3mqG7QwVeQfSxpLmvYfb9CU
6pRTpSlB7KYFm9Z9xrWbwekWdFDPFwtYPfuiiEq7zOHpS8hcIVi1eiBNvhrstidj
zGCpGt4KGLwmCZoPz3z+3jSZK2Hc13jXYZhS
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:09 2025 by rpki-client