Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9A0BCA2E54111EF851251AF762E951A.roa
File: C9A0BCA2E54111EF851251AF762E951A.roa (raw, json)
Hash identifier: RThkeK2RClLQhDopBU0e8dRIgveIsLvDoKPEflrQiCw=
Subject key identifier: 44:25:36:58:35:F7:6B:F5:F6:76:1F:AE:D8:F8:F8:4D:F3:77:1F:A0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011D21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9A0BCA2E54111EF851251AF762E951A.roa
Signing time: Fri 07 Feb 2025 10:53:39 +0000
ROA not before: Fri 07 Feb 2025 10:53:35 +0000
ROA not after: Sat 13 Dec 2025 10:53:35 +0000
asID: 984
IP address blocks: 156.230.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72993 (0x11d21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 7 10:53:35 2025 GMT
Not After : Dec 13 10:53:35 2025 GMT
Subject: CN=67a5e633-693f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e0:d8:ed:03:00:9b:d1:62:c7:20:63:cd:ff:
10:59:26:83:96:be:b7:44:49:50:ef:2b:d0:62:3c:
4e:85:78:42:ae:29:e9:23:84:84:ec:b9:21:9c:4b:
c5:ee:9c:cd:ee:e8:98:02:94:04:64:f3:57:4f:78:
44:88:b2:27:31:64:30:63:ce:19:45:40:2f:1c:3d:
5c:79:24:9c:5e:62:85:52:43:6c:b5:ed:6b:f3:16:
0b:ee:61:4d:dd:86:99:99:3c:b2:57:91:dc:a0:58:
46:0a:47:b9:8c:7c:1c:6f:16:c2:02:09:49:29:c0:
1e:cf:26:50:51:ca:6c:8c:2d:66:65:0a:8d:b7:0b:
27:b1:26:01:d1:55:43:23:65:1c:fd:9f:e9:a5:b6:
23:04:e3:47:b9:ca:dd:f1:39:c4:05:6f:da:f1:26:
d6:5a:05:cd:e6:6b:bc:12:e8:22:4d:ce:4f:4d:dd:
b9:a7:73:96:47:7a:e9:94:80:f0:5d:07:11:19:5c:
36:f1:17:0e:84:1a:ee:32:cf:99:0d:c2:7f:72:75:
ee:75:58:e8:36:86:ff:24:85:11:b9:3a:6c:30:5d:
7b:81:44:5f:69:f4:f6:e3:1b:1e:f5:a4:1a:66:62:
70:6f:64:a9:5e:e5:8e:e2:0f:dc:bf:c8:fd:75:08:
8d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:25:36:58:35:F7:6B:F5:F6:76:1F:AE:D8:F8:F8:4D:F3:77:1F:A0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9A0BCA2E54111EF851251AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.168.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:d9:f0:bb:1b:75:a4:25:59:6b:00:e9:ec:d0:ef:53:84:3c:
94:65:ab:86:c7:ae:cd:2c:0c:46:2a:ed:d8:2f:4a:ad:c0:bc:
91:84:b9:5a:c7:72:ea:37:09:dd:a3:7b:25:29:62:09:13:0d:
df:f9:bc:c4:19:99:6d:80:42:e0:bc:19:38:51:64:b8:cf:35:
b4:ae:26:9d:c2:d0:fc:f3:fe:c9:e6:2a:69:5b:29:41:8b:30:
26:fc:11:6e:62:67:67:5a:af:f1:6c:65:98:90:5f:ae:ee:17:
9d:89:fa:b9:be:c6:63:64:e8:79:9f:6b:c4:77:6a:22:0d:8f:
16:e5:6f:6e:2c:21:c5:cb:7b:fd:a1:79:e5:bc:fd:56:40:df:
f7:e5:5a:05:66:12:5c:7d:ae:34:96:3d:29:50:6d:4e:70:c1:
67:00:5b:28:41:45:0a:48:2b:00:d4:29:27:1e:40:90:cf:ee:
24:0c:ad:8b:10:96:4c:ea:3e:56:c3:37:04:43:a6:2b:64:94:
6c:65:1b:4d:cc:5e:9a:50:e6:13:70:47:46:34:a1:3a:4c:03:
59:3d:72:23:29:d1:da:9e:69:3f:af:6a:02:c2:d6:c1:4e:6b:
85:ce:f1:41:ed:be:71:10:6f:11:1f:87:a2:a8:fd:a1:74:53:
76:f1:a1:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAR0hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjA3MTA1MzM1WhcNMjUxMjEzMTA1MzM1WjAYMRYw
FAYDVQQDEw02N2E1ZTYzMy02OTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr+DY7QMAm9FixyBjzf8QWSaDlr63RElQ7yvQYjxOhXhCrinpI4SE7Lkh
nEvF7pzN7uiYApQEZPNXT3hEiLInMWQwY84ZRUAvHD1ceSScXmKFUkNste1r8xYL
7mFN3YaZmTyyV5HcoFhGCke5jHwcbxbCAglJKcAezyZQUcpsjC1mZQqNtwsnsSYB
0VVDI2Uc/Z/ppbYjBONHucrd8TnEBW/a8SbWWgXN5mu8EugiTc5PTd25p3OWR3rp
lIDwXQcRGVw28RcOhBruMs+ZDcJ/cnXudVjoNob/JIURuTpsMF17gURfafT24xse
9aQaZmJwb2SpXuWO4g/cv8j9dQiNIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEQl
Nlg192v19nYfrtj4+E3zdx+gMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOUEwQkNBMkU1NDExMUVGODUxMjUxQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOaoMA0GCSqGSIb3DQEBCwUA
A4IBAQCL2fC7G3WkJVlrAOns0O9ThDyUZauGx67NLAxGKu3YL0qtwLyRhLlax3Lq
Nwndo3slKWIJEw3f+bzEGZltgELgvBk4UWS4zzW0riadwtD88/7J5ippWylBizAm
/BFuYmdnWq/xbGWYkF+u7hedifq5vsZjZOh5n2vEd2oiDY8W5W9uLCHFy3v9oXnl
vP1WQN/35VoFZhJcfa40lj0pUG1OcMFnAFsoQUUKSCsA1CknHkCQz+4kDK2LEJZM
6j5WwzcEQ6YrZJRsZRtNzF6aUOYTcEdGNKE6TANZPXIjKdHanmk/r2oCwtbBTmuF
zvFB7b5xEG8RH4eiqP2hdFN28aF/
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:10 2025 by rpki-client