Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4DCE314095111F08CADF2A9762E951A.roa
File: D4DCE314095111F08CADF2A9762E951A.roa (raw, json)
Hash identifier: yTbNheb2DppoP4m9FfjWia9prCyvTFQyNRtFVAaqwnQ=
Subject key identifier: 28:18:47:9C:67:57:44:D3:2E:A8:3C:1C:FE:0F:76:0C:49:41:FF:F0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0147FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4DCE314095111F08CADF2A9762E951A.roa
Signing time: Tue 25 Mar 2025 08:19:12 +0000
ROA not before: Tue 25 Mar 2025 08:19:08 +0000
ROA not after: Mon 14 Apr 2025 08:19:08 +0000
asID: 20473
IP address blocks: 156.246.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83963 (0x147fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 25 08:19:08 2025 GMT
Not After : Apr 14 08:19:08 2025 GMT
Subject: CN=67e26700-cb64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c4:52:e8:e5:fb:58:f2:b9:a4:ab:93:5a:2b:
a7:1e:cf:f7:1c:23:c8:03:fd:43:14:56:bf:fc:73:
e9:53:ff:0a:76:ce:3b:7e:a1:4b:e2:f0:6e:19:2e:
4d:ab:37:98:dc:98:9c:39:12:13:f3:02:ba:0a:50:
34:f4:f9:b2:3d:c2:9a:35:2b:c2:56:de:ea:60:e5:
db:d8:28:34:12:42:89:f1:b4:66:ec:9e:4d:ca:8f:
a5:30:36:5f:e6:0b:f3:49:19:ec:d4:70:ea:72:a8:
50:ab:df:bf:26:23:f8:53:44:35:0d:38:74:1f:6f:
3d:2d:fa:bd:57:d6:53:cf:97:eb:79:e9:41:4f:00:
a1:51:80:f5:9f:7b:9c:fc:30:4f:bb:a7:91:eb:f5:
fd:10:73:0e:d9:57:b2:22:26:65:fa:89:48:a6:af:
ed:55:7e:34:83:bd:82:c9:60:9b:4a:e2:b9:95:94:
ac:e4:ee:25:29:ac:67:d4:dd:ea:5b:16:67:e9:7b:
c0:95:4f:79:d8:38:02:31:ab:f3:80:f0:d2:36:ce:
5e:52:81:61:14:b9:f8:0f:2b:23:5f:30:5d:ff:91:
be:23:91:65:0e:67:89:64:0d:00:71:13:f4:b4:55:
30:70:88:cb:28:7a:27:77:a6:02:91:db:6b:8f:f6:
01:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:18:47:9C:67:57:44:D3:2E:A8:3C:1C:FE:0F:76:0C:49:41:FF:F0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4DCE314095111F08CADF2A9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.29.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:62:a0:3e:40:fa:fb:ee:0b:bf:30:6e:e3:a2:73:c8:36:c2:
ce:a4:51:28:c0:5a:e0:b5:a9:ce:a5:0f:08:46:f5:60:09:d7:
32:6a:71:71:9f:73:e7:90:b1:c2:64:42:7a:d2:5a:88:4b:9c:
cb:6a:3e:18:57:05:a2:9c:b6:22:6a:a1:8b:e1:c7:53:59:f7:
04:e3:54:1b:29:ed:c1:82:b3:a7:5f:9c:37:d7:bd:c5:f2:3a:
95:0e:9d:b1:be:31:18:72:84:65:3b:66:cf:ca:ef:0a:9d:fc:
7e:a1:38:be:1a:2d:60:9f:99:df:ab:c9:17:80:0f:3b:db:cf:
0d:05:9c:ab:9f:15:ce:2f:8c:18:79:d2:83:c2:71:ba:bd:21:
c1:c5:14:86:94:e1:01:2b:a3:a3:e3:24:a0:ee:99:b2:ce:7a:
1d:70:53:97:4c:6e:f7:da:e7:33:f8:55:41:b7:f0:1f:1e:2f:
a9:b6:6a:6a:ba:51:0d:72:48:68:d3:17:7c:52:ea:09:d4:a8:
35:1b:56:08:aa:4b:a3:29:80:b7:fe:14:79:a5:bf:10:1e:9e:
f1:33:b5:dd:30:c8:50:d8:aa:1b:26:43:0b:e8:03:6b:2c:01:
78:10:1c:16:20:6b:de:fc:56:b0:ad:80:c3:51:8b:9b:8a:28:
4a:c5:ce:e3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUf7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI1MDgxOTA4WhcNMjUwNDE0MDgxOTA4WjAYMRYw
FAYDVQQDEw02N2UyNjcwMC1jYjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxcRS6OX7WPK5pKuTWiunHs/3HCPIA/1DFFa//HPpU/8Kds47fqFL4vBu
GS5NqzeY3JicORIT8wK6ClA09PmyPcKaNSvCVt7qYOXb2Cg0EkKJ8bRm7J5Nyo+l
MDZf5gvzSRns1HDqcqhQq9+/JiP4U0Q1DTh0H289Lfq9V9ZTz5freelBTwChUYD1
n3uc/DBPu6eR6/X9EHMO2VeyIiZl+olIpq/tVX40g72CyWCbSuK5lZSs5O4lKaxn
1N3qWxZn6XvAlU952DgCMavzgPDSNs5eUoFhFLn4DysjXzBd/5G+I5FlDmeJZA0A
cRP0tFUwcIjLKHond6YCkdtrj/YBhwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCgY
R5xnV0TTLqg8HP4PdgxJQf/wMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENERDRTMxNDA5NTExMUYwOENBREYyQTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPYdMA0GCSqGSIb3DQEBCwUA
A4IBAQCwYqA+QPr77gu/MG7jonPINsLOpFEowFrgtanOpQ8IRvVgCdcyanFxn3Pn
kLHCZEJ60lqIS5zLaj4YVwWinLYiaqGL4cdTWfcE41QbKe3BgrOnX5w3173F8jqV
Dp2xvjEYcoRlO2bPyu8Knfx+oTi+Gi1gn5nfq8kXgA87288NBZyrnxXOL4wYedKD
wnG6vSHBxRSGlOEBK6Oj4ySg7pmyznodcFOXTG732ucz+FVBt/AfHi+ptmpqulEN
ckho0xd8UuoJ1Kg1G1YIqkujKYC3/hR5pb8QHp7xM7XdMMhQ2KobJkML6ANrLAF4
EBwWIGve/FawrYDDUYubiihKxc7j
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:07 2025 by rpki-client