Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D105F044ED1511EFA517E3A3762E951A.roa
File: D105F044ED1511EFA517E3A3762E951A.roa (raw, json)
Hash identifier: MQI61oRgXLpwZSBuCBld3GeTtQRj3+v81cLUJFnhA1o=
Subject key identifier: 95:2F:FF:18:00:2E:C6:96:96:7D:2D:7E:5D:10:06:6C:39:AB:83:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0124CA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D105F044ED1511EFA517E3A3762E951A.roa
Signing time: Mon 17 Feb 2025 09:59:03 +0000
ROA not before: Mon 17 Feb 2025 09:58:59 +0000
ROA not after: Tue 18 Mar 2025 09:58:59 +0000
asID: 137899
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 15 Mar 2025 00:26:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74954 (0x124ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 17 09:58:59 2025 GMT
Not After : Mar 18 09:58:59 2025 GMT
Subject: CN=67b30867-5c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:40:78:f2:75:fd:f2:fc:83:2f:9e:3d:97:79:
24:ae:aa:ae:86:2c:c4:eb:67:fb:2c:8b:11:ce:07:
98:fd:ab:cb:fa:b8:07:59:1b:69:e8:d8:60:8f:31:
ff:53:23:3a:cd:55:68:60:2c:55:52:6f:86:cf:4a:
c1:ca:67:42:53:ee:8a:ff:c2:10:18:fc:ac:f3:31:
fe:30:41:34:0a:a0:62:6d:d2:f5:f7:3c:50:73:5d:
fb:6f:6d:d1:a3:88:e3:76:97:d4:7d:e6:f2:23:d5:
4e:9c:2d:4e:b8:0e:7d:9f:cd:8b:d4:63:44:e4:97:
b1:4b:89:b9:9a:f3:6d:78:41:db:e2:cd:5e:7e:5f:
3f:7f:49:e3:d2:9d:10:40:11:5b:5b:bd:44:52:2c:
f9:8a:9a:96:75:9d:68:13:09:96:86:83:df:a9:5a:
1a:0a:41:6b:af:d9:1a:bf:da:46:53:1b:04:a8:a5:
62:ee:5d:46:08:87:25:3b:c7:60:38:a8:7c:61:63:
d7:f6:1c:39:65:9d:a4:33:b3:37:1e:03:79:dc:53:
c2:11:3c:bc:7b:e0:83:c9:d8:b5:09:b0:3b:e1:4b:
0a:cb:57:f4:f4:58:d7:15:89:29:ff:46:c2:c3:04:
b6:b2:87:16:3b:9f:43:e0:0a:73:f1:66:d6:c5:9c:
f0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2F:FF:18:00:2E:C6:96:96:7D:2D:7E:5D:10:06:6C:39:AB:83:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D105F044ED1511EFA517E3A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
82:fb:01:56:8a:57:39:6d:85:f7:46:a6:ab:33:6d:93:43:d0:
21:89:52:21:ee:1a:e9:3c:15:f5:8a:4c:a4:fa:9f:8b:ef:2e:
06:b5:b5:69:1c:30:81:b5:58:68:ab:ba:fd:1f:e1:d6:dc:cd:
9f:d6:08:dc:45:45:cc:6a:f2:18:24:d2:a0:52:ec:6f:57:92:
81:e3:8b:01:f3:c3:23:74:de:52:eb:54:aa:bc:4c:68:59:8e:
d9:8b:61:a3:01:08:ef:cb:a6:7a:3a:d6:0c:3a:ae:5d:1e:3b:
84:96:68:92:fe:d6:3c:c7:6b:03:21:69:e4:c9:b2:7c:a1:e0:
bc:51:66:a7:cc:52:0f:67:81:81:0c:85:77:e5:a8:28:ed:1d:
d5:18:17:b0:af:e1:f8:50:e8:d6:83:01:89:2f:44:14:f0:43:
3a:d0:7a:f2:34:2d:17:94:e4:1f:3a:c0:95:9c:9a:85:5a:c4:
bc:23:c5:98:10:95:c4:e1:35:05:12:7a:90:99:97:12:d0:b2:
70:41:c9:65:27:44:f0:14:e8:d0:64:2d:23:7f:30:51:a6:7b:
49:1a:fa:bd:ce:38:26:1c:e5:7a:2b:f5:7a:d2:a6:de:13:ae:
30:35:86:85:ee:a7:23:10:fc:b3:c2:80:a8:6b:06:98:19:27:
bf:f9:a4:ae
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASTKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjE3MDk1ODU5WhcNMjUwMzE4MDk1ODU5WjAYMRYw
FAYDVQQDEw02N2IzMDg2Ny01YzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsUB48nX98vyDL549l3kkrqquhizE62f7LIsRzgeY/avL+rgHWRtp6Nhg
jzH/UyM6zVVoYCxVUm+Gz0rBymdCU+6K/8IQGPys8zH+MEE0CqBibdL19zxQc137
b23Ro4jjdpfUfebyI9VOnC1OuA59n82L1GNE5JexS4m5mvNteEHb4s1efl8/f0nj
0p0QQBFbW71EUiz5ipqWdZ1oEwmWhoPfqVoaCkFrr9kav9pGUxsEqKVi7l1GCIcl
O8dgOKh8YWPX9hw5ZZ2kM7M3HgN53FPCETy8e+CDydi1CbA74UsKy1f09FjXFYkp
/0bCwwS2socWO59D4Apz8WbWxZzwYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJUv
/xgALsaWln0tfl0QBmw5q4NkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMTA1RjA0NEVEMTUxMUVGQTUxN0UzQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQCC+wFWilc5bYX3RqarM22TQ9AhiVIh7hrpPBX1ikyk+p+L7y4GtbVpHDCB
tVhoq7r9H+HW3M2f1gjcRUXMavIYJNKgUuxvV5KB44sB88MjdN5S61SqvExoWY7Z
i2GjAQjvy6Z6OtYMOq5dHjuElmiS/tY8x2sDIWnkybJ8oeC8UWanzFIPZ4GBDIV3
5ago7R3VGBewr+H4UOjWgwGJL0QU8EM60HryNC0XlOQfOsCVnJqFWsS8I8WYEJXE
4TUFEnqQmZcS0LJwQcllJ0TwFOjQZC0jfzBRpntJGvq9zjgmHOV6K/V60qbeE64w
NYaF7qcjEPyzwoCoawaYGSe/+aSu
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:07:45 2025 by rpki-client