Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B345A464E54011EFA16A3AA7762E951A.roa
File: B345A464E54011EFA16A3AA7762E951A.roa (raw, json)
Hash identifier: lT++76aJ6ggrC/wJLcaWN2ZXuBtR3DhPxCZyjBh/w1A=
Subject key identifier: 1E:0B:71:12:B6:61:73:9F:7F:D5:C3:DE:5E:AB:2D:6B:3E:AD:23:15
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011D19
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B345A464E54011EFA16A3AA7762E951A.roa
Signing time: Fri 07 Feb 2025 10:45:52 +0000
ROA not before: Fri 07 Feb 2025 10:45:48 +0000
ROA not after: Mon 13 Dec 2027 10:45:48 +0000
asID: 17561
IP address blocks: 156.230.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72985 (0x11d19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 7 10:45:48 2025 GMT
Not After : Dec 13 10:45:48 2027 GMT
Subject: CN=67a5e460-7a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:62:32:18:71:ce:04:b8:6e:5c:4f:1b:c8:a4:
e6:2d:35:e2:a1:e3:9b:92:76:49:f2:43:ad:d3:41:
16:f7:dc:6d:d4:97:eb:32:8f:91:d4:46:fa:27:58:
46:72:94:0d:6d:d2:f3:87:c5:aa:5f:95:16:52:c2:
d3:bf:7a:9f:aa:6e:e1:31:40:02:72:97:b2:3e:de:
cb:2e:3f:04:22:b9:0f:9b:6c:9b:65:56:9c:2b:0b:
2e:2a:82:44:ff:8a:94:70:5b:ac:fe:34:02:9c:f3:
80:52:f7:84:c3:76:d1:1d:43:11:ff:af:52:5d:7b:
64:ce:fe:f1:63:f4:be:29:62:10:25:51:b9:3d:55:
2e:a8:9f:80:e7:8d:e5:61:06:72:3d:03:da:2c:14:
c9:04:64:27:48:15:cf:fd:b7:e1:7a:43:bb:52:9e:
ef:d8:22:1d:b5:7f:36:0f:f3:48:87:fa:4b:0c:96:
33:6d:2f:09:35:15:5d:18:31:f5:88:cb:01:a5:cc:
c8:59:c9:83:62:cf:62:33:fe:8c:43:ef:c0:e4:bf:
80:b6:46:f5:bf:7e:f8:aa:76:34:08:b8:b4:1f:56:
92:8d:34:3f:b8:90:9e:bd:f6:bd:b8:31:d1:39:c4:
80:cc:f6:da:8e:d4:42:9c:c7:c1:18:0e:56:05:e1:
6d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0B:71:12:B6:61:73:9F:7F:D5:C3:DE:5E:AB:2D:6B:3E:AD:23:15
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B345A464E54011EFA16A3AA7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.164.0/24
Signature Algorithm: sha256WithRSAEncryption
11:3a:73:4f:03:bd:19:57:04:f4:68:e4:73:2e:ea:b6:40:e2:
27:9d:58:8b:2e:06:0f:83:f9:5d:2b:79:e0:12:c3:49:3c:5b:
45:65:07:ea:ac:d8:76:4a:1a:05:6e:b5:e4:6f:2d:64:de:cc:
7f:7a:b8:fe:a6:1a:56:d6:c2:63:27:57:a5:39:db:6b:96:4f:
28:a7:6b:a7:04:75:32:76:5e:dc:9c:4c:8b:b4:95:cb:fd:99:
d6:4b:74:72:23:28:4c:96:85:bf:a1:3f:09:e1:3d:77:40:45:
a6:0c:11:de:93:d1:e0:c5:7a:c1:c4:b5:58:6c:f9:de:5a:af:
54:5e:33:11:1d:a5:9e:94:f4:ef:45:33:9e:9f:0f:91:1d:54:
ee:b0:30:4c:f7:dc:b9:80:0b:d7:41:54:0a:df:38:20:77:82:
96:31:b0:5f:23:8d:9c:d0:81:13:e6:bf:0c:dc:1f:3b:58:e2:
51:bf:bb:64:e1:93:11:a7:69:80:cb:5e:c2:86:25:6f:b5:f5:
3e:2d:c3:3f:fd:51:aa:e2:e9:dc:dd:63:88:2c:a6:26:4e:5e:
bf:86:c9:06:b1:86:f8:37:13:32:ed:44:02:54:74:b7:c4:c7:
da:ae:fe:d5:ab:4a:e9:7a:0b:e9:e4:e4:16:8c:81:c5:a4:c3:
03:30:a6:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAR0ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjA3MTA0NTQ4WhcNMjcxMjEzMTA0NTQ4WjAYMRYw
FAYDVQQDEw02N2E1ZTQ2MC03YTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxmIyGHHOBLhuXE8byKTmLTXioeObknZJ8kOt00EW99xt1JfrMo+R1Eb6
J1hGcpQNbdLzh8WqX5UWUsLTv3qfqm7hMUACcpeyPt7LLj8EIrkPm2ybZVacKwsu
KoJE/4qUcFus/jQCnPOAUveEw3bRHUMR/69SXXtkzv7xY/S+KWIQJVG5PVUuqJ+A
543lYQZyPQPaLBTJBGQnSBXP/bfhekO7Up7v2CIdtX82D/NIh/pLDJYzbS8JNRVd
GDH1iMsBpczIWcmDYs9iM/6MQ+/A5L+Atkb1v374qnY0CLi0H1aSjTQ/uJCevfa9
uDHROcSAzPbajtRCnMfBGA5WBeFtMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB4L
cRK2YXOff9XD3l6rLWs+rSMVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMzQ1QTQ2NEU1NDAxMUVGQTE2QTNBQTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOakMA0GCSqGSIb3DQEBCwUA
A4IBAQAROnNPA70ZVwT0aORzLuq2QOInnViLLgYPg/ldK3ngEsNJPFtFZQfqrNh2
ShoFbrXkby1k3sx/erj+phpW1sJjJ1elOdtrlk8op2unBHUydl7cnEyLtJXL/ZnW
S3RyIyhMloW/oT8J4T13QEWmDBHek9HgxXrBxLVYbPneWq9UXjMRHaWelPTvRTOe
nw+RHVTusDBM99y5gAvXQVQK3zggd4KWMbBfI42c0IET5r8M3B87WOJRv7tk4ZMR
p2mAy17ChiVvtfU+LcM//VGq4unc3WOILKYmTl6/hskGsYb4NxMy7UQCVHS3xMfa
rv7Vq0rpegvp5OQWjIHFpMMDMKac
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:38 2025 by rpki-client