Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB97046A0CC611F0AA5F0155762E951A.roa
File: CB97046A0CC611F0AA5F0155762E951A.roa (raw, json)
Hash identifier: JpQUESQBWs7eJHQGLStj8MevVtQ5MHfB73fNk9xK2+M=
Subject key identifier: F8:C6:8B:64:AF:41:08:B4:7D:F7:DD:F8:CD:2D:CB:8B:06:D1:B1:53
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0148D8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB97046A0CC611F0AA5F0155762E951A.roa
Signing time: Sat 29 Mar 2025 17:54:01 +0000
ROA not before: Sat 29 Mar 2025 17:53:57 +0000
ROA not after: Mon 05 May 2025 17:53:57 +0000
asID: 209242
IP address blocks: 156.224.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84184 (0x148d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 29 17:53:57 2025 GMT
Not After : May 5 17:53:57 2025 GMT
Subject: CN=67e833b9-64f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:83:58:9a:eb:73:06:01:98:6e:38:50:00:b7:
b8:72:4d:b5:2d:22:55:34:d2:0e:8c:09:26:2b:f1:
39:52:e7:c4:21:1b:e2:91:a4:ff:f4:52:48:26:92:
b6:08:39:2a:f5:04:d2:01:2d:f6:76:41:24:9f:42:
a9:9e:34:51:5a:32:92:d3:99:31:09:a1:fe:15:24:
19:e0:d7:32:48:c0:6b:ca:d4:99:3d:09:99:5a:3c:
50:85:dd:43:15:28:41:47:6c:4e:1e:b3:2f:74:48:
8d:3a:3e:4c:ba:56:0b:df:1a:75:38:a5:97:42:56:
34:08:93:3e:a2:80:9c:a9:b9:13:66:fe:de:ed:9e:
ec:9c:8b:f1:a7:04:05:a1:46:30:4d:e1:26:b9:ae:
c3:76:ec:07:44:7f:21:c9:3d:e2:4b:f6:6a:b5:cf:
37:23:74:20:f6:49:01:32:53:59:e0:e9:e3:de:99:
20:1b:c0:15:2d:2b:17:05:53:c0:9c:d7:dd:c2:89:
ff:f8:b7:46:4f:56:50:a0:37:35:33:cd:38:f4:83:
c3:ce:19:fe:b3:83:e9:b5:f0:c3:39:41:fc:bb:a2:
d7:75:2e:74:d7:c7:a6:2d:0d:99:f0:37:e4:34:1b:
b5:50:57:a1:c7:54:65:23:d3:21:1b:17:ea:bf:2a:
55:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C6:8B:64:AF:41:08:B4:7D:F7:DD:F8:CD:2D:CB:8B:06:D1:B1:53
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB97046A0CC611F0AA5F0155762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.73.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:ba:75:f4:9f:c9:0a:b1:74:54:6f:32:18:27:2d:cd:65:cf:
f2:f8:21:29:d4:82:b7:ad:7c:38:46:72:86:17:3d:9b:cd:02:
77:74:8c:a2:e1:fe:6c:e6:3c:08:54:d7:31:8a:1c:34:ad:e0:
66:47:de:ea:9d:90:16:fd:83:0a:1a:33:ce:3b:a0:64:8e:54:
b0:a0:51:ae:35:e0:a5:cb:d8:d0:2a:f4:41:d7:74:1c:71:bf:
b2:79:3b:87:0b:44:b5:87:93:4c:2d:dd:3b:fc:22:f9:b6:86:
4c:a9:d6:29:b0:4e:4d:5e:05:fd:70:27:3d:f9:46:70:c0:0d:
30:ca:d5:2c:2a:7c:ea:ba:8d:d4:3b:f8:73:b1:bb:2a:ff:58:
16:4e:f6:19:ed:22:39:c1:d7:90:9a:03:91:d6:00:28:3a:33:
56:b3:cc:0f:74:e7:70:4b:07:a6:ed:08:16:d8:58:81:ef:02:
31:f9:38:78:f2:c8:9a:a5:4e:1a:95:94:56:1a:7a:90:67:de:
d1:78:2e:e6:e2:55:7f:83:97:1c:fa:65:c6:bd:92:b5:b5:41:
1d:f6:fd:37:67:e9:ec:77:84:89:7f:db:5f:d6:d9:3f:fa:ae:
f0:e9:51:4b:f6:28:94:6c:c4:94:91:7a:76:a5:25:bf:f9:e7:
b0:57:27:35
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUjYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTc1MzU3WhcNMjUwNTA1MTc1MzU3WjAYMRYw
FAYDVQQDEw02N2U4MzNiOS02NGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyoNYmutzBgGYbjhQALe4ck21LSJVNNIOjAkmK/E5UufEIRvikaT/9FJI
JpK2CDkq9QTSAS32dkEkn0KpnjRRWjKS05kxCaH+FSQZ4NcySMBrytSZPQmZWjxQ
hd1DFShBR2xOHrMvdEiNOj5MulYL3xp1OKWXQlY0CJM+ooCcqbkTZv7e7Z7snIvx
pwQFoUYwTeEmua7DduwHRH8hyT3iS/Zqtc83I3Qg9kkBMlNZ4Onj3pkgG8AVLSsX
BVPAnNfdwon/+LdGT1ZQoDc1M8049IPDzhn+s4PptfDDOUH8u6LXdS5018emLQ2Z
8DfkNBu1UFehx1RlI9MhGxfqvypVHQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPjG
i2SvQQi0fffd+M0ty4sG0bFTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQjk3MDQ2QTBDQzYxMUYwQUE1RjAxNTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOBJMA0GCSqGSIb3DQEBCwUA
A4IBAQC4unX0n8kKsXRUbzIYJy3NZc/y+CEp1IK3rXw4RnKGFz2bzQJ3dIyi4f5s
5jwIVNcxihw0reBmR97qnZAW/YMKGjPOO6BkjlSwoFGuNeCly9jQKvRB13Qccb+y
eTuHC0S1h5NMLd07/CL5toZMqdYpsE5NXgX9cCc9+UZwwA0wytUsKnzquo3UO/hz
sbsq/1gWTvYZ7SI5wdeQmgOR1gAoOjNWs8wPdOdwSwem7QgW2FiB7wIx+Th48sia
pU4alZRWGnqQZ97ReC7m4lV/g5cc+mXGvZK1tUEd9v03Z+nsd4SJf9tf1tk/+q7w
6VFL9iiUbMSUkXp2pSW/+eewVyc1
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:37:34 2025 by rpki-client