Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B97720D2E9B511EF93044EAC762E951A.roa
File: B97720D2E9B511EF93044EAC762E951A.roa (raw, json)
Hash identifier: z3Qf+eQzcbiKpLQmKw4CfN8E/wSq8ze7D3tnYrII1T0=
Subject key identifier: DA:50:81:00:33:3F:8E:BF:99:D4:88:BA:AA:65:79:1D:35:6A:DB:55
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0121AC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B97720D2E9B511EF93044EAC762E951A.roa
Signing time: Thu 13 Feb 2025 02:53:38 +0000
ROA not before: Thu 13 Feb 2025 02:53:34 +0000
ROA not after: Wed 31 Dec 2025 02:53:34 +0000
asID: 17561
IP address blocks: 156.236.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74156 (0x121ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 13 02:53:34 2025 GMT
Not After : Dec 31 02:53:34 2025 GMT
Subject: CN=67ad5eb2-63af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cb:bd:e5:74:50:06:8c:d3:3c:59:99:8e:49:
d1:e9:e5:d4:f1:77:00:66:13:49:33:29:c7:0f:e7:
45:eb:4b:e3:6d:92:4b:b2:05:d6:a6:b2:2c:9f:fa:
9c:94:9e:22:50:ad:30:0a:b9:30:20:2b:a5:df:a3:
da:77:e0:00:fb:de:53:97:ad:0a:85:cd:b2:e4:84:
71:40:c1:1d:d7:b4:00:9c:ee:5e:f2:95:24:40:b2:
86:44:4d:69:47:bd:1b:49:70:1f:1c:a8:18:8c:ac:
e3:ce:2b:d5:4a:91:75:94:81:76:5f:79:f2:c7:f4:
83:63:b9:04:2f:2e:85:d0:b3:11:d4:a2:29:81:08:
4d:b4:d7:46:d4:48:40:e1:27:8a:82:47:ca:8d:b7:
00:ae:94:bb:7e:8f:de:1c:a5:00:d0:74:2d:bd:a7:
d0:ad:ae:c0:3b:fd:b5:a4:e5:55:61:4e:c2:48:c7:
eb:69:aa:1f:eb:e9:1b:be:b4:ec:d2:99:44:b0:e2:
b1:39:f8:e6:23:03:db:20:60:9e:2a:30:d6:1b:b8:
ff:2c:ce:8b:f9:97:a5:f1:35:3e:ec:8c:18:4e:4a:
8f:64:ef:d9:b8:54:02:2c:5b:fc:0c:0b:ec:41:0c:
97:04:30:c7:42:93:af:24:d2:14:b7:cd:25:5d:b3:
c2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:50:81:00:33:3F:8E:BF:99:D4:88:BA:AA:65:79:1D:35:6A:DB:55
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B97720D2E9B511EF93044EAC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.38.0/24
Signature Algorithm: sha256WithRSAEncryption
52:28:d3:9a:21:04:49:e0:ae:c0:95:6b:b0:25:cd:3e:2a:59:
04:c1:91:ef:a7:7a:19:4d:53:e8:97:67:2f:b3:63:22:fe:59:
bf:d2:d4:14:50:cd:50:e9:e0:71:ad:44:92:63:c7:10:22:3b:
cf:99:44:84:82:90:f4:66:81:da:f4:27:96:d5:25:a8:d6:46:
71:7b:1d:c8:fc:8b:86:73:01:be:e1:20:c0:a7:3e:bf:13:bf:
b7:38:13:36:ef:52:6f:2b:6b:8c:dc:0d:13:4e:76:54:39:71:
37:d4:7c:93:ee:7e:26:c5:d5:00:59:cb:71:83:88:64:ab:95:
f8:44:25:0a:5f:c1:76:0a:f3:c9:ad:83:b2:83:99:5f:74:b8:
45:a2:e7:88:dc:18:83:17:a0:d7:fe:fa:66:2a:63:1a:45:38:
40:19:0c:5b:d2:52:4d:ad:2c:a3:7b:f1:23:6f:51:50:20:ea:
23:d4:ec:6b:8c:21:39:3c:07:80:89:94:9e:0a:dd:6a:e3:fe:
20:28:d9:0d:92:bc:1a:b5:6d:6c:77:99:2a:0f:24:4b:5f:87:
ce:1d:9b:90:b6:13:74:dd:0c:76:f0:c8:3f:b9:e4:d7:a4:e0:
6a:ee:94:99:d8:5b:56:e7:01:40:79:f8:a1:a7:86:d9:d4:df:
2b:d0:7a:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASGsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjEzMDI1MzM0WhcNMjUxMjMxMDI1MzM0WjAYMRYw
FAYDVQQDEw02N2FkNWViMi02M2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt8u95XRQBozTPFmZjknR6eXU8XcAZhNJMynHD+dF60vjbZJLsgXWprIs
n/qclJ4iUK0wCrkwICul36Pad+AA+95Tl60Khc2y5IRxQMEd17QAnO5e8pUkQLKG
RE1pR70bSXAfHKgYjKzjzivVSpF1lIF2X3nyx/SDY7kELy6F0LMR1KIpgQhNtNdG
1EhA4SeKgkfKjbcArpS7fo/eHKUA0HQtvafQra7AO/21pOVVYU7CSMfraaof6+kb
vrTs0plEsOKxOfjmIwPbIGCeKjDWG7j/LM6L+Zel8TU+7IwYTkqPZO/ZuFQCLFv8
DAvsQQyXBDDHQpOvJNIUt80lXbPCgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNpQ
gQAzP46/mdSIuqpleR01attVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COTc3MjBEMkU5QjUxMUVGOTMwNDRFQUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwmMA0GCSqGSIb3DQEBCwUA
A4IBAQBSKNOaIQRJ4K7AlWuwJc0+KlkEwZHvp3oZTVPol2cvs2Mi/lm/0tQUUM1Q
6eBxrUSSY8cQIjvPmUSEgpD0ZoHa9CeW1SWo1kZxex3I/IuGcwG+4SDApz6/E7+3
OBM271JvK2uM3A0TTnZUOXE31HyT7n4mxdUAWctxg4hkq5X4RCUKX8F2CvPJrYOy
g5lfdLhFoueI3BiDF6DX/vpmKmMaRThAGQxb0lJNrSyje/Ejb1FQIOoj1OxrjCE5
PAeAiZSeCt1q4/4gKNkNkrwatW1sd5kqDyRLX4fOHZuQthN03Qx28Mg/ueTXpOBq
7pSZ2FtW5wFAefihp4bZ1N8r0HpO
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:52 2025 by rpki-client