Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C871FA4CF42F11EF8CDED854762E951A.roa
File: C871FA4CF42F11EF8CDED854762E951A.roa (raw, json)
Hash identifier: OzGHdDvqfRFs9EFf+zA1OwbfCefCg/TFiPqvQO2Kjqk=
Subject key identifier: B1:0B:66:79:E7:28:F4:35:0A:44:24:A1:B0:0F:57:AE:97:14:C8:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013170
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C871FA4CF42F11EF8CDED854762E951A.roa
Signing time: Wed 26 Feb 2025 10:52:34 +0000
ROA not before: Wed 26 Feb 2025 10:52:30 +0000
ROA not after: Thu 19 Feb 2026 10:52:30 +0000
asID: 984
IP address blocks: 156.252.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78192 (0x13170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:52:30 2025 GMT
Not After : Feb 19 10:52:30 2026 GMT
Subject: CN=67bef271-6aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6e:f9:bb:88:2d:c9:f5:6b:ba:67:3d:6a:2b:
62:04:6c:6a:90:77:78:2f:1a:90:b8:fc:3a:96:6a:
f3:9e:c8:26:75:ab:e7:8b:8b:41:3c:2a:a3:05:b8:
bb:ad:45:99:b0:b4:05:4f:5b:26:9c:35:24:4d:be:
69:64:02:c7:b6:5a:e0:87:8e:a3:7f:3a:03:ec:22:
1e:5c:53:43:ee:74:f6:96:36:bf:83:c5:64:31:e9:
17:d5:55:a8:7f:e5:bf:11:97:2d:5a:17:df:d7:f4:
11:9b:f3:a2:80:b5:9b:4c:06:8a:ad:b4:89:c5:b9:
0e:56:7c:80:95:36:c0:f9:eb:47:f5:c9:97:23:bc:
cc:9f:ec:c6:ac:38:4c:80:43:b9:5c:16:49:8e:37:
1a:51:77:1e:c1:e6:8d:ce:d3:9d:50:ea:9d:d6:a1:
54:11:fe:23:cb:da:87:17:a0:11:d0:04:01:f5:2a:
74:33:24:b5:7d:da:0b:59:6e:3b:f4:99:f6:fb:e8:
59:30:a8:73:17:c4:32:12:2b:0a:51:c3:4b:ac:a4:
06:47:fd:1b:40:1d:16:4d:25:9d:bf:d0:4e:80:29:
35:a7:47:3c:d3:55:20:3b:af:ab:32:f4:fd:a7:28:
d3:4e:af:30:e7:56:6e:42:bd:8c:d4:3d:97:56:b9:
31:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0B:66:79:E7:28:F4:35:0A:44:24:A1:B0:0F:57:AE:97:14:C8:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C871FA4CF42F11EF8CDED854762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.101.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:57:e8:99:6b:20:f0:4d:a5:83:3c:52:9f:34:66:f0:69:7b:
4b:14:d3:6b:63:d9:f1:14:fb:04:42:b8:cb:ff:16:71:c3:c4:
f9:67:e2:ee:dc:5c:d1:e1:c5:60:68:97:58:1d:43:97:47:cb:
dd:9f:81:a3:ae:9c:e1:73:0c:67:70:63:90:da:e5:ff:87:c4:
94:8c:8f:94:78:91:06:59:2e:05:a9:2a:46:f8:72:1f:1b:bc:
37:5a:f4:13:fa:9a:eb:f0:d8:0d:24:91:34:64:41:ac:63:a4:
fc:10:36:a0:6a:c6:05:47:2d:a7:f3:68:d7:1d:ea:a6:a0:e9:
82:cc:d0:22:8e:83:b2:9b:c2:2a:24:54:c7:36:1d:ca:fa:fd:
53:99:cc:42:40:e0:fe:06:89:a5:ab:bb:ea:f7:09:ea:d3:6f:
42:89:8f:99:5a:b0:d7:eb:d9:42:3e:26:b2:85:fe:a5:cb:5f:
68:fc:11:18:45:94:e4:ac:0d:1e:ac:8c:9b:5d:83:35:00:6c:
a4:36:65:7d:7c:9e:81:63:d7:14:18:46:a1:f9:84:b7:20:f5:
94:ac:48:23:57:3a:60:e0:22:18:56:78:71:1c:97:a0:29:ab:
0c:e6:23:57:a8:b4:9f:cd:38:84:1a:9f:80:ce:77:61:45:80:
e4:94:8a:c7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATFwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTA1MjMwWhcNMjYwMjE5MTA1MjMwWjAYMRYw
FAYDVQQDEw02N2JlZjI3MS02YWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlW75u4gtyfVrumc9aitiBGxqkHd4LxqQuPw6lmrznsgmdavni4tBPCqj
Bbi7rUWZsLQFT1smnDUkTb5pZALHtlrgh46jfzoD7CIeXFND7nT2lja/g8VkMekX
1VWof+W/EZctWhff1/QRm/OigLWbTAaKrbSJxbkOVnyAlTbA+etH9cmXI7zMn+zG
rDhMgEO5XBZJjjcaUXceweaNztOdUOqd1qFUEf4jy9qHF6AR0AQB9Sp0MyS1fdoL
WW479Jn2++hZMKhzF8QyEisKUcNLrKQGR/0bQB0WTSWdv9BOgCk1p0c801UgO6+r
MvT9pyjTTq8w51ZuQr2M1D2XVrkx9QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLEL
ZnnnKPQ1CkQkobAPV66XFMjhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DODcxRkE0Q0Y0MkYxMUVGOENERUQ4NTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPxlMA0GCSqGSIb3DQEBCwUA
A4IBAQAtV+iZayDwTaWDPFKfNGbwaXtLFNNrY9nxFPsEQrjL/xZxw8T5Z+Lu3FzR
4cVgaJdYHUOXR8vdn4GjrpzhcwxncGOQ2uX/h8SUjI+UeJEGWS4FqSpG+HIfG7w3
WvQT+prr8NgNJJE0ZEGsY6T8EDagasYFRy2n82jXHeqmoOmCzNAijoOym8IqJFTH
Nh3K+v1TmcxCQOD+Bomlq7vq9wnq029CiY+ZWrDX69lCPiayhf6ly19o/BEYRZTk
rA0erIybXYM1AGykNmV9fJ6BY9cUGEah+YS3IPWUrEgjVzpg4CIYVnhxHJegKasM
5iNXqLSfzTiEGp+AzndhRYDklIrH
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:13 2025 by rpki-client