Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5F868E0E54811EFACC5265D762E951A.roa
File: D5F868E0E54811EFACC5265D762E951A.roa (raw, json)
Hash identifier: kP4n99LTtEjWjUgkoOQBVF0WjVTIAZ9Xle2eTo7YLoE=
Subject key identifier: 01:26:C5:2D:F9:84:B7:B5:67:2F:5B:4E:20:8E:92:91:33:56:E2:1D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011D47
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5F868E0E54811EFACC5265D762E951A.roa
Signing time: Fri 07 Feb 2025 11:44:07 +0000
ROA not before: Fri 07 Feb 2025 11:44:00 +0000
ROA not after: Mon 13 Dec 2027 11:44:00 +0000
asID: 17561
IP address blocks: 156.230.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73031 (0x11d47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 7 11:44:00 2025 GMT
Not After : Dec 13 11:44:00 2027 GMT
Subject: CN=67a5f206-9cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:60:e1:f4:52:16:c2:ba:f3:b0:0a:e2:d1:f1:
1f:bf:e5:64:e2:6e:66:56:c8:42:5c:39:3d:af:a6:
c2:b5:08:0f:5a:60:af:8a:70:87:19:7a:4e:97:1e:
83:7c:43:62:b2:79:d9:2c:d5:0e:7e:a6:d0:2d:5e:
f6:c0:31:b5:e8:60:99:5e:3a:0c:a5:70:94:e8:ba:
d6:48:d6:2d:87:e3:29:b2:30:ed:48:c8:bd:57:33:
de:bf:93:c2:88:bf:27:e6:33:df:6c:dd:b2:9b:52:
8b:57:ca:d1:0f:df:ea:e6:4b:cd:fe:8d:30:ee:33:
07:50:0c:af:b6:98:44:77:db:3e:33:dd:f8:1d:74:
1f:89:75:3f:6e:bb:9a:fa:24:d2:f6:b3:f8:19:99:
f0:cb:20:44:8b:a0:72:69:cd:23:53:e7:09:ff:d3:
14:9d:df:9d:47:3f:0f:3d:ae:57:4a:51:ad:3f:0c:
d8:19:1e:8f:01:fd:23:ca:e2:78:e6:db:57:8e:e1:
28:9d:ee:2b:8c:48:72:b1:cb:15:21:c2:d3:34:c7:
25:4f:b3:0c:06:90:31:75:41:f2:d3:84:45:bf:2f:
6b:2a:e3:93:f4:88:12:18:f3:18:ec:09:d9:04:63:
f5:10:fa:30:e9:9d:58:b3:79:09:0e:e6:4e:ff:6e:
90:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:26:C5:2D:F9:84:B7:B5:67:2F:5B:4E:20:8E:92:91:33:56:E2:1D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D5F868E0E54811EFACC5265D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.187.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:8a:0a:a5:23:a8:74:18:24:b1:c3:39:ae:80:6c:1f:c3:8d:
b6:cc:2c:a4:33:25:a7:d5:35:71:52:87:6c:82:c5:ce:e7:43:
aa:18:da:c9:c3:b7:08:86:f9:57:57:c4:65:6e:d6:f4:64:94:
98:0a:f0:fc:0e:24:bb:26:47:5b:0b:75:3e:ea:b7:ff:28:db:
60:ee:ad:63:97:c9:79:ee:89:f8:b4:3f:fa:57:bb:ee:25:d9:
b0:cc:f9:b6:a3:c2:4f:5a:65:73:7c:52:0b:4a:51:57:ea:3e:
dc:9e:8f:04:d8:b4:5b:a1:da:24:1f:9b:e1:8f:1f:54:00:98:
c8:f0:c2:3b:58:b5:60:53:a9:88:d7:4c:d2:18:b8:ba:ab:13:
c0:e9:e5:22:85:66:20:c7:fb:50:e9:cd:57:26:52:32:34:d3:
42:fd:bb:ef:a4:af:cf:4b:4e:47:88:cc:b4:d6:53:0b:b0:29:
7a:2f:04:fc:c6:8b:3c:e7:68:da:2a:19:1b:37:a7:52:2b:17:
09:77:29:e7:2a:71:bb:b7:33:a9:50:ee:66:6f:03:62:57:ef:
10:eb:1a:af:e5:ca:d4:da:00:d7:18:a5:05:79:18:72:e1:90:
04:4c:78:58:67:6f:60:40:cf:54:36:9f:cd:52:ab:20:d4:43:
d7:e0:86:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAR1HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjA3MTE0NDAwWhcNMjcxMjEzMTE0NDAwWjAYMRYw
FAYDVQQDEw02N2E1ZjIwNi05Y2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4GDh9FIWwrrzsAri0fEfv+Vk4m5mVshCXDk9r6bCtQgPWmCvinCHGXpO
lx6DfENisnnZLNUOfqbQLV72wDG16GCZXjoMpXCU6LrWSNYth+MpsjDtSMi9VzPe
v5PCiL8n5jPfbN2ym1KLV8rRD9/q5kvN/o0w7jMHUAyvtphEd9s+M934HXQfiXU/
brua+iTS9rP4GZnwyyBEi6Byac0jU+cJ/9MUnd+dRz8PPa5XSlGtPwzYGR6PAf0j
yuJ45ttXjuEone4rjEhyscsVIcLTNMclT7MMBpAxdUHy04RFvy9rKuOT9IgSGPMY
7AnZBGP1EPow6Z1Ys3kJDuZO/26QIQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAEm
xS35hLe1Zy9bTiCOkpEzVuIdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENUY4NjhFMEU1NDgxMUVGQUNDNTI2NUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOa7MA0GCSqGSIb3DQEBCwUA
A4IBAQCeigqlI6h0GCSxwzmugGwfw422zCykMyWn1TVxUodsgsXO50OqGNrJw7cI
hvlXV8Rlbtb0ZJSYCvD8DiS7JkdbC3U+6rf/KNtg7q1jl8l57on4tD/6V7vuJdmw
zPm2o8JPWmVzfFILSlFX6j7cno8E2LRbodokH5vhjx9UAJjI8MI7WLVgU6mI10zS
GLi6qxPA6eUihWYgx/tQ6c1XJlIyNNNC/bvvpK/PS05HiMy01lMLsCl6LwT8xos8
52jaKhkbN6dSKxcJdynnKnG7tzOpUO5mbwNiV+8Q6xqv5crU2gDXGKUFeRhy4ZAE
THhYZ29gQM9UNp/NUqsg1EPX4IbK
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:35 2025 by rpki-client