Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BBD949ACF42511EFA984F98B762E951A.roa
File: BBD949ACF42511EFA984F98B762E951A.roa (raw, json)
Hash identifier: XdcMrrDaiE9dalM4BDv1mcxPc3Md9bCxrLjZRLxup24=
Subject key identifier: CE:E2:84:D9:78:45:E0:11:B3:EC:87:F0:BF:8D:FA:1A:C1:98:62:73
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013090
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BBD949ACF42511EFA984F98B762E951A.roa
Signing time: Wed 26 Feb 2025 09:40:37 +0000
ROA not before: Wed 26 Feb 2025 09:40:34 +0000
ROA not after: Thu 19 Feb 2026 09:40:34 +0000
asID: 984
IP address blocks: 156.252.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77968 (0x13090)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 09:40:34 2025 GMT
Not After : Feb 19 09:40:34 2026 GMT
Subject: CN=67bee195-b14a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fd:40:27:5d:1d:b6:77:95:cb:d3:78:dc:0d:
78:72:d1:43:ac:3a:58:fe:8d:29:e9:95:40:02:4d:
d1:37:0a:de:7b:f0:f6:e2:1a:92:61:48:1b:ab:c4:
b9:54:65:d3:e6:51:8a:96:bb:28:8a:05:28:e6:6d:
a6:a7:8d:10:38:81:f1:60:58:27:64:05:ad:43:60:
bf:b4:44:29:28:a6:0e:4a:6e:29:ec:a8:1b:5d:c6:
93:ce:25:00:f3:be:32:f2:bf:96:8e:dc:91:88:90:
30:42:e1:6b:44:2b:5e:49:d8:e2:ee:5e:33:0d:fe:
f9:0e:c6:d5:d3:eb:33:ef:4b:6e:9d:e6:be:84:46:
c6:55:3b:96:d2:2c:23:02:c7:bd:78:84:da:9e:b0:
35:49:76:34:8c:2f:28:b5:33:80:88:70:39:7b:25:
8b:4f:b0:bd:8a:07:27:c3:7e:d6:88:0e:70:e4:5c:
14:93:80:e9:8d:51:5f:b3:d7:3b:91:69:4d:7d:5c:
20:b6:c8:6f:5b:bb:1f:56:9d:18:50:d9:ec:37:62:
36:42:33:fa:d9:06:b0:bc:f7:7e:91:21:23:3d:87:
b4:d5:d6:d3:b7:97:c6:03:6d:8f:5a:17:44:1b:b4:
be:72:d7:9c:6f:23:73:31:7f:bb:ce:b3:75:53:e4:
c3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E2:84:D9:78:45:E0:11:B3:EC:87:F0:BF:8D:FA:1A:C1:98:62:73
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BBD949ACF42511EFA984F98B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.63.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:be:50:23:1d:f5:ed:8a:77:a2:5a:21:cf:98:d3:0a:1a:30:
a0:1d:92:00:b4:51:16:37:9e:6b:fd:5c:3c:0a:6f:74:4c:b5:
31:cc:66:25:51:3a:d5:85:50:77:81:1b:65:ee:58:c5:d9:a2:
61:c0:e0:d6:4c:7c:01:5b:b4:61:33:f3:81:e5:6f:e7:9b:99:
f6:e9:07:4b:c2:17:43:41:22:b8:10:fc:52:99:b3:6c:ab:d2:
23:2c:25:d1:66:63:d3:c9:59:22:ea:0a:fb:cd:ca:8d:9f:96:
53:b5:bc:9e:d3:ce:2a:7e:46:a3:00:76:43:e6:fc:d4:b6:22:
ae:eb:e4:a1:c0:81:a5:3f:0f:34:f3:cb:10:92:44:b3:2c:d9:
02:7b:98:f9:14:b0:80:42:7b:16:d6:82:9d:11:27:54:5e:ab:
6f:da:50:a6:71:f8:62:7c:0f:f9:6b:d7:3e:69:9d:b4:fc:2b:
bd:30:1f:1d:0e:85:16:d6:0d:6e:f3:18:bf:4d:2d:e0:47:a1:
9d:14:3b:ae:5c:c8:3e:ba:ef:fe:a3:cc:6d:5e:21:35:27:e6:
39:0b:de:c9:dc:9d:e9:ed:8c:8f:8b:51:85:be:94:2e:7b:26:
e1:59:78:ed:b7:93:1d:e1:d1:a0:2f:f8:2b:df:7c:18:41:5b:
ba:7d:aa:28
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATCQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDk0MDM0WhcNMjYwMjE5MDk0MDM0WjAYMRYw
FAYDVQQDEw02N2JlZTE5NS1iMTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArv1AJ10dtneVy9N43A14ctFDrDpY/o0p6ZVAAk3RNwree/D24hqSYUgb
q8S5VGXT5lGKlrsoigUo5m2mp40QOIHxYFgnZAWtQ2C/tEQpKKYOSm4p7KgbXcaT
ziUA874y8r+WjtyRiJAwQuFrRCteSdji7l4zDf75DsbV0+sz70tunea+hEbGVTuW
0iwjAse9eITanrA1SXY0jC8otTOAiHA5eyWLT7C9igcnw37WiA5w5FwUk4DpjVFf
s9c7kWlNfVwgtshvW7sfVp0YUNnsN2I2QjP62QawvPd+kSEjPYe01dbTt5fGA22P
WhdEG7S+ctecbyNzMX+7zrN1U+TDwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM7i
hNl4ReARs+yH8L+N+hrBmGJzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQkQ5NDlBQ0Y0MjUxMUVGQTk4NEY5OEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPw/MA0GCSqGSIb3DQEBCwUA
A4IBAQCzvlAjHfXtineiWiHPmNMKGjCgHZIAtFEWN55r/Vw8Cm90TLUxzGYlUTrV
hVB3gRtl7ljF2aJhwODWTHwBW7RhM/OB5W/nm5n26QdLwhdDQSK4EPxSmbNsq9Ij
LCXRZmPTyVki6gr7zcqNn5ZTtbye084qfkajAHZD5vzUtiKu6+ShwIGlPw8088sQ
kkSzLNkCe5j5FLCAQnsW1oKdESdUXqtv2lCmcfhifA/5a9c+aZ20/Cu9MB8dDoUW
1g1u8xi/TS3gR6GdFDuuXMg+uu/+o8xtXiE1J+Y5C97J3J3p7YyPi1GFvpQueybh
WXjtt5Md4dGgL/gr33wYQVu6faoo
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:04 2025 by rpki-client