Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B1FB8390F43511EFBDEE277C762E951A.roa
File: B1FB8390F43511EFBDEE277C762E951A.roa (raw, json)
Hash identifier: B+eayW3Fbxooz/1Iqb58XnuVx7gQCeL9CiYON436WUk=
Subject key identifier: C2:3F:C2:3C:4D:E2:AF:5A:13:3A:BC:7D:B1:87:99:06:0A:C9:4E:62
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0131D4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B1FB8390F43511EFBDEE277C762E951A.roa
Signing time: Wed 26 Feb 2025 11:34:53 +0000
ROA not before: Wed 26 Feb 2025 11:34:41 +0000
ROA not after: Thu 19 Feb 2026 11:34:41 +0000
asID: 984
IP address blocks: 156.252.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78292 (0x131d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 11:34:41 2025 GMT
Not After : Feb 19 11:34:41 2026 GMT
Subject: CN=67befc5d-bb32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:47:23:d4:0f:b3:22:ec:98:0e:39:0a:62:49:
b9:95:35:d4:6b:49:c5:4b:98:b8:ce:86:8c:5f:08:
dc:24:66:b9:54:93:42:f8:be:e5:76:f9:f9:b8:f5:
3f:61:aa:68:c7:03:60:d3:c0:e1:c5:4d:ff:e2:64:
bb:1f:d2:4e:73:73:04:35:40:00:d1:3d:3b:bf:32:
82:69:d5:bb:bb:de:06:81:fe:9a:dd:a1:9e:2a:98:
33:3d:cf:6c:e0:05:57:50:9b:ac:e1:4a:13:e9:7c:
cd:6f:f1:75:cc:c0:4e:9b:51:d5:f6:85:66:70:6e:
e2:a0:90:e9:75:74:af:1c:f8:51:96:10:e8:4c:8d:
a7:cd:39:84:73:47:fe:c9:76:5e:9a:19:67:f0:f9:
61:ab:3e:ba:01:ad:81:41:96:65:a9:6c:82:c7:c4:
b4:d4:e1:ae:82:65:35:a7:53:83:da:7b:77:07:ef:
54:f1:81:38:78:7a:3c:5e:f1:c1:d3:14:d9:58:b3:
b9:55:3a:7e:a4:83:41:80:4f:37:c2:31:59:af:3d:
97:d9:b2:47:9d:83:74:b1:ab:3b:53:53:5e:2a:b2:
6c:f8:be:2a:63:cc:35:ea:72:16:7f:48:50:90:bc:
89:57:de:87:cb:74:51:7b:ca:03:8c:3d:d3:70:1d:
0d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:3F:C2:3C:4D:E2:AF:5A:13:3A:BC:7D:B1:87:99:06:0A:C9:4E:62
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B1FB8390F43511EFBDEE277C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.117.0/24
Signature Algorithm: sha256WithRSAEncryption
42:7a:9c:77:fd:9b:c7:a0:d1:20:0a:6d:bf:6a:4b:42:db:b1:
4f:b4:08:f6:44:88:99:7c:5d:e9:ec:7d:38:ca:71:a0:8c:b5:
e0:d1:89:7b:e5:3a:d8:c3:7f:d8:39:1d:71:0a:20:6a:a0:a5:
d7:d3:5e:5f:95:4f:4f:52:e6:e1:7a:0a:1a:65:8e:88:7e:2b:
70:bf:9f:28:df:a5:78:54:b0:ea:ea:34:28:4a:54:34:59:56:
3b:dc:9c:7e:c0:10:6d:76:b1:23:37:6e:07:fd:b4:ac:06:b6:
2f:b3:09:d8:38:2c:9a:4e:1b:ad:6d:58:44:49:a9:b6:57:ee:
e3:b7:02:c0:ee:76:b3:7f:19:5e:0a:27:eb:b8:69:98:09:30:
24:f9:1d:c8:fe:a2:11:0f:93:59:59:58:64:f3:af:61:17:22:
1c:cd:dc:e6:77:b9:b1:2b:90:67:38:f8:95:34:cb:1b:61:77:
5d:e2:64:09:a7:ef:74:29:fc:71:9f:af:91:b3:dc:ea:7f:d0:
b3:c2:29:3a:f3:a5:ca:c1:31:12:55:b2:58:95:12:55:f0:22:
8a:2f:30:07:66:52:10:49:74:00:18:41:4e:4d:7a:7f:6a:ea:
a0:17:ab:61:39:11:ae:9f:f0:d5:60:f0:d1:d0:c7:5c:0f:14:
ca:a0:1f:d5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATHUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTEzNDQxWhcNMjYwMjE5MTEzNDQxWjAYMRYw
FAYDVQQDEw02N2JlZmM1ZC1iYjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA20cj1A+zIuyYDjkKYkm5lTXUa0nFS5i4zoaMXwjcJGa5VJNC+L7ldvn5
uPU/YapoxwNg08DhxU3/4mS7H9JOc3MENUAA0T07vzKCadW7u94Ggf6a3aGeKpgz
Pc9s4AVXUJus4UoT6XzNb/F1zMBOm1HV9oVmcG7ioJDpdXSvHPhRlhDoTI2nzTmE
c0f+yXZemhln8Plhqz66Aa2BQZZlqWyCx8S01OGugmU1p1OD2nt3B+9U8YE4eHo8
XvHB0xTZWLO5VTp+pINBgE83wjFZrz2X2bJHnYN0sas7U1NeKrJs+L4qY8w16nIW
f0hQkLyJV96Hy3RRe8oDjD3TcB0N9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMI/
wjxN4q9aEzq8fbGHmQYKyU5iMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMUZCODM5MEY0MzUxMUVGQkRFRTI3N0M3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPx1MA0GCSqGSIb3DQEBCwUA
A4IBAQBCepx3/ZvHoNEgCm2/aktC27FPtAj2RIiZfF3p7H04ynGgjLXg0Yl75TrY
w3/YOR1xCiBqoKXX015flU9PUubhegoaZY6Ifitwv58o36V4VLDq6jQoSlQ0WVY7
3Jx+wBBtdrEjN24H/bSsBrYvswnYOCyaThutbVhESam2V+7jtwLA7nazfxleCifr
uGmYCTAk+R3I/qIRD5NZWVhk869hFyIczdzmd7mxK5BnOPiVNMsbYXdd4mQJp+90
Kfxxn6+Rs9zqf9Czwik686XKwTESVbJYlRJV8CKKLzAHZlIQSXQAGEFOTXp/auqg
F6thORGun/DVYPDR0MdcDxTKoB/V
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:29 2025 by rpki-client