Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3DE9B0E0B8A11F0AFE855B6762E951A.roa
File: B3DE9B0E0B8A11F0AFE855B6762E951A.roa (raw, json)
Hash identifier: wO25c88cyxeol0cZM37E++1jl+S5Roc3iRyXGkjIoXg=
Subject key identifier: 28:CD:9E:68:DA:C6:77:78:A2:4D:A5:C2:8E:03:34:2C:2E:75:88:A9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01487F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3DE9B0E0B8A11F0AFE855B6762E951A.roa
Signing time: Fri 28 Mar 2025 04:11:20 +0000
ROA not before: Fri 28 Mar 2025 04:11:15 +0000
ROA not after: Thu 17 Apr 2025 04:11:15 +0000
asID: 21859
IP address blocks: 156.241.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84095 (0x1487f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 28 04:11:15 2025 GMT
Not After : Apr 17 04:11:15 2025 GMT
Subject: CN=67e62168-5ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ab:00:2d:c8:e4:b4:41:e7:58:7c:31:2d:d2:
0a:b5:3b:b7:86:e6:7f:3a:a1:de:cb:c7:46:88:79:
33:7e:3a:17:29:7d:e3:cb:8d:d3:b7:99:51:9f:52:
86:2f:d4:2c:3d:58:57:b9:84:8a:3b:6c:f3:a6:89:
45:c1:c8:b9:b9:2c:a6:59:03:ca:c5:b7:1d:a2:11:
39:89:06:c1:6c:0d:c4:95:9e:a7:0a:80:b7:4e:eb:
4b:cd:63:0b:85:0a:de:2c:dc:dd:5f:95:33:78:ab:
24:fb:7e:dd:2e:2a:6b:3f:c2:3a:54:78:4f:64:ee:
7e:22:f5:eb:df:92:65:e9:67:2c:bb:a7:1c:31:ee:
0c:34:db:8e:99:71:33:9c:3e:fe:41:b5:01:e0:86:
85:d1:4a:63:58:3d:62:7e:97:d6:b4:53:ef:6b:30:
93:14:18:58:74:36:32:dd:24:f7:2b:27:06:2f:a6:
91:5a:2f:b1:4a:48:e0:16:b7:23:0c:e2:ca:37:03:
dd:6a:bd:77:67:e2:87:02:4a:af:13:dc:0e:27:87:
43:8d:c3:71:cd:a9:3a:87:c0:00:3e:76:35:eb:fa:
5e:31:a5:12:02:4f:59:31:a5:98:4a:7a:ef:34:a0:
97:ce:78:eb:f2:e7:99:50:3b:36:44:83:57:7e:00:
07:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CD:9E:68:DA:C6:77:78:A2:4D:A5:C2:8E:03:34:2C:2E:75:88:A9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3DE9B0E0B8A11F0AFE855B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:d5:f7:e9:a5:a4:6f:1c:81:1b:13:fb:34:5a:63:32:8a:26:
55:72:ae:a7:d8:a8:45:5c:56:5d:8f:b4:a2:4f:b2:18:2a:bf:
1e:fd:fb:d7:e0:81:39:fe:fc:e7:94:2d:f5:67:53:9a:6c:f6:
8c:c0:57:de:77:7d:13:17:ca:94:a1:45:22:c6:95:e7:78:07:
e3:09:eb:7d:97:5e:31:be:e5:08:2a:ee:c3:1c:9b:cd:91:f7:
d8:61:a4:36:47:84:88:71:c9:cc:04:e3:75:d9:02:9e:1f:54:
d2:8e:ac:b3:74:4f:93:a3:23:8f:65:83:bd:1f:0b:0a:7a:29:
fa:a6:97:8c:01:c0:2e:8c:b8:4b:81:ab:23:c1:48:e8:ac:ce:
18:03:b6:9f:cd:69:9e:61:4e:16:d3:11:94:4d:c5:d0:12:1e:
74:62:a9:d4:20:4b:49:85:dc:7b:b8:40:6e:a6:ff:c1:fb:4a:
59:b9:60:10:2e:f5:91:6b:d9:01:b0:21:72:90:58:80:63:36:
8c:68:c1:9b:78:e9:be:58:50:68:9e:9d:74:7a:29:31:30:9f:
2c:03:a6:f6:0e:03:e7:eb:8b:a9:e8:39:2a:52:6d:79:10:8d:
53:0a:29:e5:38:3e:8e:df:1c:da:6f:b0:62:ff:13:e7:c6:e2:
91:6e:2f:70
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUh/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI4MDQxMTE1WhcNMjUwNDE3MDQxMTE1WjAYMRYw
FAYDVQQDEw02N2U2MjE2OC01ZWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6KsALcjktEHnWHwxLdIKtTu3huZ/OqHey8dGiHkzfjoXKX3jy43Tt5lR
n1KGL9QsPVhXuYSKO2zzpolFwci5uSymWQPKxbcdohE5iQbBbA3ElZ6nCoC3TutL
zWMLhQreLNzdX5UzeKsk+37dLiprP8I6VHhPZO5+IvXr35Jl6Wcsu6ccMe4MNNuO
mXEznD7+QbUB4IaF0UpjWD1ifpfWtFPvazCTFBhYdDYy3ST3KycGL6aRWi+xSkjg
FrcjDOLKNwPdar13Z+KHAkqvE9wOJ4dDjcNxzak6h8AAPnY16/peMaUSAk9ZMaWY
SnrvNKCXznjr8ueZUDs2RINXfgAHSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCjN
nmjaxnd4ok2lwo4DNCwudYipMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CM0RFOUIwRTBCOEExMUYwQUZFODU1QjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPGBMA0GCSqGSIb3DQEBCwUA
A4IBAQCx1ffppaRvHIEbE/s0WmMyiiZVcq6n2KhFXFZdj7SiT7IYKr8e/fvX4IE5
/vznlC31Z1OabPaMwFfed30TF8qUoUUixpXneAfjCet9l14xvuUIKu7DHJvNkffY
YaQ2R4SIccnMBON12QKeH1TSjqyzdE+ToyOPZYO9HwsKein6ppeMAcAujLhLgasj
wUjorM4YA7afzWmeYU4W0xGUTcXQEh50YqnUIEtJhdx7uEBupv/B+0pZuWAQLvWR
a9kBsCFykFiAYzaMaMGbeOm+WFBonp10eikxMJ8sA6b2DgPn64up6DkqUm15EI1T
CinlOD6O3xzab7Bi/xPnxuKRbi9w
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:37 2025 by rpki-client