Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B82C7E0AF44311EF948D995F762E951A.roa
File: B82C7E0AF44311EF948D995F762E951A.roa (raw, json)
Hash identifier: /pjSusyMUavqIdAhON9bop+Op3zBfNWO3hSdJHNxq6U=
Subject key identifier: 09:DD:F8:86:BF:CA:BE:55:93:D9:DA:C3:83:6E:02:5A:89:E9:C1:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013301
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B82C7E0AF44311EF948D995F762E951A.roa
Signing time: Wed 26 Feb 2025 13:15:16 +0000
ROA not before: Wed 26 Feb 2025 13:15:13 +0000
ROA not after: Thu 19 Feb 2026 13:15:13 +0000
asID: 984
IP address blocks: 156.252.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78593 (0x13301)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 13:15:13 2025 GMT
Not After : Feb 19 13:15:13 2026 GMT
Subject: CN=67bf13e4-fa95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:61:42:66:15:a2:8d:8e:8c:18:ec:90:5e:1e:
59:24:b6:5c:b1:13:48:8a:e9:71:cc:7c:1b:0a:50:
cb:38:4a:e0:5a:67:73:7c:72:7c:f6:64:1c:09:4a:
5a:ad:76:75:b5:33:a7:3d:bf:2b:e6:74:a9:29:8b:
19:80:f9:0f:22:50:2e:75:2c:cb:82:e0:cf:29:78:
4c:a7:8e:08:65:a3:08:4e:c0:dd:35:3f:c9:01:a4:
cf:6b:c6:ab:e7:7b:ce:2a:ee:79:e9:33:30:0d:77:
f9:82:49:47:fd:69:dd:f2:cf:a1:7c:60:e9:6c:91:
ba:4f:3c:27:0f:d2:9f:5d:59:95:13:28:ee:51:55:
ee:b8:22:ce:82:f1:9a:d5:bb:2c:40:92:2d:c4:71:
9a:83:cd:4c:98:ba:ac:fe:7a:3b:98:41:79:6d:4d:
f8:a7:7a:c6:e0:eb:03:2f:61:db:11:18:84:05:0e:
cf:51:fb:3f:28:2c:2d:64:9d:f3:d8:6e:e8:e0:01:
7f:13:4f:02:3b:2e:2b:76:b6:6f:06:37:7d:ad:8a:
5f:bd:27:c8:57:7e:c1:74:78:28:6e:e8:a5:69:0c:
85:14:ee:b9:58:e6:95:bc:02:93:f2:4e:cc:5f:d3:
17:58:5f:1b:16:0b:5c:ca:c2:41:bc:74:69:e2:31:
f5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DD:F8:86:BF:CA:BE:55:93:D9:DA:C3:83:6E:02:5A:89:E9:C1:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B82C7E0AF44311EF948D995F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.163.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:ff:f8:e1:c1:ea:72:0a:a4:bb:e5:8f:d2:23:3c:c3:94:95:
71:d2:d9:e3:17:4d:74:cc:b2:97:c6:e4:a4:7b:29:49:86:5f:
2d:5b:4b:e8:ee:27:97:be:69:39:74:d7:e2:2a:3b:e8:d7:44:
ec:16:5b:a2:eb:92:41:9c:17:d2:cd:c7:d8:57:d3:e6:97:2f:
5a:2d:c2:80:b5:35:d8:de:55:2c:3b:28:3b:2f:37:34:5d:a5:
fd:12:5e:63:86:5b:b6:2c:1a:a9:94:9c:b6:f3:f1:5a:34:a3:
60:65:61:cb:ae:26:ce:dd:58:f9:b6:c7:d6:0c:3c:a1:8b:96:
61:e9:24:c0:3d:1c:7e:19:ec:6b:65:a2:ca:80:e9:fd:a0:c6:
1b:4e:93:82:e0:83:c7:a3:87:c5:fe:4f:f6:9e:8c:db:b2:fa:
db:39:90:53:06:2a:d6:6d:79:5f:61:82:f1:3c:ab:d5:3b:20:
26:32:9b:48:73:ba:21:2a:7d:e1:a6:ba:84:6e:f6:09:75:0e:
ec:97:5b:82:b4:2d:d3:e2:b3:67:1a:f8:e5:eb:1f:ab:c1:19:
09:b5:8f:80:f6:e6:9f:ea:8a:1b:f1:72:ee:58:23:fa:fd:15:
ef:aa:90:bd:c0:c2:06:9a:6a:76:a0:dc:a4:3a:37:14:50:ed:
fc:48:d9:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATMBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTMxNTEzWhcNMjYwMjE5MTMxNTEzWjAYMRYw
FAYDVQQDEw02N2JmMTNlNC1mYTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs2FCZhWijY6MGOyQXh5ZJLZcsRNIiulxzHwbClDLOErgWmdzfHJ89mQc
CUparXZ1tTOnPb8r5nSpKYsZgPkPIlAudSzLguDPKXhMp44IZaMITsDdNT/JAaTP
a8ar53vOKu556TMwDXf5gklH/Wnd8s+hfGDpbJG6TzwnD9KfXVmVEyjuUVXuuCLO
gvGa1bssQJItxHGag81MmLqs/no7mEF5bU34p3rG4OsDL2HbERiEBQ7PUfs/KCwt
ZJ3z2G7o4AF/E08COy4rdrZvBjd9rYpfvSfIV37BdHgobuilaQyFFO65WOaVvAKT
8k7MX9MXWF8bFgtcysJBvHRp4jH1IQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAnd
+Ia/yr5Vk9naw4NuAlqJ6cFpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CODJDN0UwQUY0NDMxMUVGOTQ4RDk5NUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPyjMA0GCSqGSIb3DQEBCwUA
A4IBAQBd//jhwepyCqS75Y/SIzzDlJVx0tnjF010zLKXxuSkeylJhl8tW0vo7ieX
vmk5dNfiKjvo10TsFlui65JBnBfSzcfYV9Pmly9aLcKAtTXY3lUsOyg7Lzc0XaX9
El5jhlu2LBqplJy28/FaNKNgZWHLribO3Vj5tsfWDDyhi5Zh6STAPRx+GexrZaLK
gOn9oMYbTpOC4IPHo4fF/k/2nozbsvrbOZBTBirWbXlfYYLxPKvVOyAmMptIc7oh
Kn3hprqEbvYJdQ7sl1uCtC3T4rNnGvjl6x+rwRkJtY+A9uaf6oob8XLuWCP6/RXv
qpC9wMIGmmp2oNykOjcUUO38SNmg
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:21 2025 by rpki-client