Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BBED676EF42711EFBC30EE99762E951A.roa
File: BBED676EF42711EFBC30EE99762E951A.roa (raw, json)
Hash identifier: HoT8UIEgn5Fh1hZSwwEEXh/TzsEgz/2ZqNeIhgh0b8U=
Subject key identifier: B0:0D:AB:BA:75:42:B6:8E:ED:9F:0B:84:1F:10:C5:04:6A:BD:93:86
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0130B4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BBED676EF42711EFBC30EE99762E951A.roa
Signing time: Wed 26 Feb 2025 09:54:57 +0000
ROA not before: Wed 26 Feb 2025 09:54:53 +0000
ROA not after: Thu 19 Feb 2026 09:54:53 +0000
asID: 984
IP address blocks: 156.230.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78004 (0x130b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 09:54:53 2025 GMT
Not After : Feb 19 09:54:53 2026 GMT
Subject: CN=67bee4f0-e7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b3:66:70:10:7c:b7:d2:66:88:5c:ba:e8:dd:
f4:cf:03:e7:70:3c:8d:f1:55:0f:a3:cc:fd:0d:a1:
1a:08:82:44:10:67:64:d0:58:65:69:d4:08:c9:03:
07:c8:79:80:d3:33:af:64:85:19:60:8c:08:26:1c:
fa:30:8a:47:fa:36:d4:c2:8c:37:f1:9d:d2:7b:eb:
23:30:ef:50:a9:93:d4:79:39:9b:4b:53:ac:73:a0:
ba:20:b9:cd:d1:47:e7:d3:aa:b4:3a:5c:57:31:d2:
77:ca:b9:b0:ac:c5:46:de:f6:57:63:65:d1:76:04:
6b:bd:83:60:64:db:34:68:11:02:32:96:67:2d:16:
fa:27:1f:11:26:47:4d:19:5f:06:6c:d7:e7:7a:7a:
4e:f6:a1:77:54:61:66:f3:1b:a3:e9:39:89:ec:89:
11:fb:66:3e:2d:b0:6e:a2:7f:95:b9:8f:fb:1f:5b:
ae:27:dd:b8:24:66:a1:9c:07:e4:0c:37:74:fa:4c:
7b:da:73:13:bf:8b:31:d1:b8:e3:ff:ac:b4:e1:0c:
5c:c9:47:e2:c6:7d:a0:ac:c2:9b:fe:54:e6:29:67:
89:e6:ee:6e:6b:56:8c:04:1f:02:99:fc:f1:f1:0b:
51:29:75:27:39:2d:83:00:7e:bc:a2:e1:23:2b:80:
77:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:0D:AB:BA:75:42:B6:8E:ED:9F:0B:84:1F:10:C5:04:6A:BD:93:86
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BBED676EF42711EFBC30EE99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.57.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:54:85:4f:76:ea:95:57:1a:63:e8:6e:44:4b:4d:7c:ec:17:
cb:41:9f:e8:ad:ab:7e:f8:74:0e:5f:f6:7c:d1:f2:f8:e2:a8:
cc:6a:ae:5e:b2:07:ef:3a:18:63:5e:88:f5:16:20:4c:c4:e9:
85:dd:2f:14:b8:29:bd:8d:ed:f7:ba:e8:86:b0:48:73:e6:ad:
91:58:8c:9c:94:be:d6:9a:54:e6:e1:ff:e6:13:33:f7:6e:85:
a6:bb:7e:32:8c:7d:93:fc:64:22:b7:af:99:54:e6:db:9c:95:
75:c9:77:0c:54:ba:29:8d:d7:c9:76:e2:7e:96:d6:92:76:f6:
c0:88:a7:87:0b:0d:6e:4f:42:d2:8b:25:f9:9f:c5:d6:35:d4:
3c:50:50:32:92:7f:92:4a:9c:7f:00:75:8b:65:c7:c8:de:f8:
fc:e4:7d:db:a4:b8:03:86:c8:cb:d1:d8:bf:53:fc:a1:99:74:
42:7b:98:18:2b:38:c5:64:7e:89:67:1d:66:5c:59:87:af:3a:
71:2e:03:7c:27:3b:53:4f:20:e5:98:54:54:85:99:6a:c9:ea:
1c:9a:2b:cd:6b:5e:0a:89:e8:dd:eb:80:74:92:d8:b3:5e:40:
d6:67:3e:59:01:3e:1a:61:4a:c2:87:5b:29:7b:9e:ff:7a:6f:
de:4f:91:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATC0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDk1NDUzWhcNMjYwMjE5MDk1NDUzWjAYMRYw
FAYDVQQDEw02N2JlZTRmMC1lN2MyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl7NmcBB8t9JmiFy66N30zwPncDyN8VUPo8z9DaEaCIJEEGdk0FhladQI
yQMHyHmA0zOvZIUZYIwIJhz6MIpH+jbUwow38Z3Se+sjMO9QqZPUeTmbS1Osc6C6
ILnN0Ufn06q0OlxXMdJ3yrmwrMVG3vZXY2XRdgRrvYNgZNs0aBECMpZnLRb6Jx8R
JkdNGV8GbNfnenpO9qF3VGFm8xuj6TmJ7IkR+2Y+LbBuon+VuY/7H1uuJ924JGah
nAfkDDd0+kx72nMTv4sx0bjj/6y04QxcyUfixn2grMKb/lTmKWeJ5u5ua1aMBB8C
mfzx8QtRKXUnOS2DAH68ouEjK4B3kQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLAN
q7p1QraO7Z8LhB8QxQRqvZOGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQkVENjc2RUY0MjcxMUVGQkMzMEVFOTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOY5MA0GCSqGSIb3DQEBCwUA
A4IBAQAvVIVPduqVVxpj6G5ES0187BfLQZ/orat++HQOX/Z80fL44qjMaq5esgfv
OhhjXoj1FiBMxOmF3S8UuCm9je33uuiGsEhz5q2RWIyclL7WmlTm4f/mEzP3boWm
u34yjH2T/GQit6+ZVObbnJV1yXcMVLopjdfJduJ+ltaSdvbAiKeHCw1uT0LSiyX5
n8XWNdQ8UFAykn+SSpx/AHWLZcfI3vj85H3bpLgDhsjL0di/U/yhmXRCe5gYKzjF
ZH6JZx1mXFmHrzpxLgN8JztTTyDlmFRUhZlqyeocmivNa14Kiejd64B0ktizXkDW
Zz5ZAT4aYUrCh1spe57/em/eT5Ei
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:20 2025 by rpki-client