Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAD3DB28F42D11EFB9226346762E951A.roa
File: BAD3DB28F42D11EFB9226346762E951A.roa (raw, json)
Hash identifier: R74vBcVGphJZnRb5Nd6o3z8YUFqtVN2vhY/hsyKTW7I=
Subject key identifier: EB:60:0C:7E:19:E9:92:FE:35:AC:36:00:35:6E:C2:D5:2F:4C:0A:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01313D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAD3DB28F42D11EFB9226346762E951A.roa
Signing time: Wed 26 Feb 2025 10:37:52 +0000
ROA not before: Wed 26 Feb 2025 10:37:48 +0000
ROA not after: Thu 19 Feb 2026 10:37:48 +0000
asID: 984
IP address blocks: 156.252.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78141 (0x1313d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:37:48 2025 GMT
Not After : Feb 19 10:37:48 2026 GMT
Subject: CN=67beef00-e897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f3:42:39:c8:2d:92:3d:be:be:d4:60:7b:b1:
45:60:da:29:5a:0f:68:8a:3b:68:41:da:c9:20:1a:
88:61:ec:e3:11:aa:25:c6:31:17:14:b9:02:fb:5e:
6b:62:df:f1:ee:21:63:7b:f8:1e:7f:35:1c:20:a0:
ad:6e:9e:b1:d6:79:46:65:19:bf:11:57:51:47:db:
69:37:5d:de:41:5a:98:45:19:ef:34:c7:e1:13:38:
c5:bf:ba:34:e2:03:07:33:9d:c8:57:9c:b4:ac:77:
8e:ed:51:70:b2:d6:9c:3c:41:bd:b5:97:f3:78:d7:
b6:0a:af:15:44:a2:28:4f:86:15:4a:35:f6:32:be:
cf:98:c6:10:8a:5c:61:ab:5a:53:fc:af:fb:2c:ec:
62:54:b8:a2:65:1b:a8:c7:d9:06:66:f6:33:36:e5:
c8:5e:5e:9e:02:7b:ef:10:09:58:27:2d:e1:a3:9f:
95:1a:fc:af:54:ef:33:13:28:b4:00:12:7b:58:d2:
53:81:6d:5b:7b:68:82:24:cc:ea:d8:be:e8:87:fc:
62:e4:be:70:fd:35:81:ee:65:70:b2:a9:a6:e0:2e:
00:25:72:db:68:59:dc:d7:5d:3d:1b:38:c6:42:7d:
b9:6c:d0:f5:ef:05:bb:55:92:c7:17:82:40:29:a8:
35:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:60:0C:7E:19:E9:92:FE:35:AC:36:00:35:6E:C2:D5:2F:4C:0A:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAD3DB28F42D11EFB9226346762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.94.0/24
Signature Algorithm: sha256WithRSAEncryption
81:31:c8:55:14:b2:a3:8e:7c:82:3a:49:21:23:33:66:3b:07:
07:ae:7e:f8:10:16:4b:87:0b:ea:91:02:8f:1c:37:7d:25:2f:
cc:9e:f5:44:d7:0f:96:e1:af:27:7a:c4:dc:fa:d2:ed:d2:bc:
df:75:87:ef:b2:3d:a0:a9:66:c0:f6:d1:5d:f7:92:55:95:78:
ce:a8:a3:9e:25:b9:d2:bf:c7:33:2e:c5:4d:9f:cd:7b:b6:92:
01:84:a8:a5:9e:9d:1d:10:47:a9:38:ab:9a:0c:cb:ed:11:1a:
15:37:4f:f8:52:5e:a2:6e:20:38:a4:d3:13:81:1d:a6:d8:3f:
3a:39:a8:a0:a9:e1:b8:a9:60:d9:62:d1:9f:0c:3c:5a:5a:cb:
78:d4:29:f4:bb:de:a1:48:39:39:12:83:d6:e0:ce:93:f1:e1:
0b:85:06:af:cf:d7:ab:eb:06:53:44:39:7d:71:7c:a0:f1:f0:
23:1d:88:e9:4a:37:62:b2:12:40:1a:e1:0b:7f:50:bc:ce:49:
6f:d8:55:dc:dc:23:c5:47:25:bf:cc:8c:47:31:7d:25:06:43:
3f:c3:a7:f4:54:a6:8a:99:df:41:73:97:4e:98:b4:b0:7e:a3:
73:ba:dd:e5:0b:0b:93:87:bf:9b:4e:49:01:86:68:e1:fc:aa:
f7:74:96:13
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATE9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTAzNzQ4WhcNMjYwMjE5MTAzNzQ4WjAYMRYw
FAYDVQQDEw02N2JlZWYwMC1lODk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr/NCOcgtkj2+vtRge7FFYNopWg9oijtoQdrJIBqIYezjEaolxjEXFLkC
+15rYt/x7iFje/gefzUcIKCtbp6x1nlGZRm/EVdRR9tpN13eQVqYRRnvNMfhEzjF
v7o04gMHM53IV5y0rHeO7VFwstacPEG9tZfzeNe2Cq8VRKIoT4YVSjX2Mr7PmMYQ
ilxhq1pT/K/7LOxiVLiiZRuox9kGZvYzNuXIXl6eAnvvEAlYJy3ho5+VGvyvVO8z
Eyi0ABJ7WNJTgW1be2iCJMzq2L7oh/xi5L5w/TWB7mVwsqmm4C4AJXLbaFnc1109
GzjGQn25bND17wW7VZLHF4JAKag1uQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOtg
DH4Z6ZL+Naw2ADVuwtUvTApUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQUQzREIyOEY0MkQxMUVGQjkyMjYzNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPxeMA0GCSqGSIb3DQEBCwUA
A4IBAQCBMchVFLKjjnyCOkkhIzNmOwcHrn74EBZLhwvqkQKPHDd9JS/MnvVE1w+W
4a8nesTc+tLt0rzfdYfvsj2gqWbA9tFd95JVlXjOqKOeJbnSv8czLsVNn817tpIB
hKilnp0dEEepOKuaDMvtERoVN0/4Ul6ibiA4pNMTgR2m2D86OaigqeG4qWDZYtGf
DDxaWst41Cn0u96hSDk5EoPW4M6T8eELhQavz9er6wZTRDl9cXyg8fAjHYjpSjdi
shJAGuELf1C8zklv2FXc3CPFRyW/zIxHMX0lBkM/w6f0VKaKmd9Bc5dOmLSwfqNz
ut3lCwuTh7+bTkkBhmjh/Kr3dJYT
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:38 2025 by rpki-client