Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D81B830AEC8C11EF949ED3A0762E951A.roa
File: D81B830AEC8C11EF949ED3A0762E951A.roa (raw, json)
Hash identifier: NF41dBnELeniCyKfptwCSdfhY3hbDcWiS5EPQx0MYQY=
Subject key identifier: 61:DB:93:73:4D:89:34:55:1B:F7:03:15:54:BE:7B:FC:C8:18:96:6A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012452
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D81B830AEC8C11EF949ED3A0762E951A.roa
Signing time: Sun 16 Feb 2025 17:38:34 +0000
ROA not before: Sun 16 Feb 2025 17:38:30 +0000
ROA not after: Mon 13 Dec 2027 17:38:30 +0000
asID: 17561
IP address blocks: 156.230.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74834 (0x12452)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 16 17:38:30 2025 GMT
Not After : Dec 13 17:38:30 2027 GMT
Subject: CN=67b2229a-6828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d8:29:22:5b:b4:97:73:17:87:40:df:80:b5:
04:59:ac:fe:16:36:c0:96:e8:a4:94:5e:a0:ac:8e:
5f:ab:07:1a:17:57:2f:ff:f0:3c:9d:8d:0a:44:c3:
03:43:cd:08:97:37:2f:03:b8:4f:1c:8c:4b:11:ba:
ea:f3:ff:af:18:ca:f1:4e:a0:ee:7a:4f:f4:2b:42:
b2:24:1c:32:46:a7:20:f4:78:7b:79:c0:8d:0b:19:
b8:d9:20:d0:a1:bc:42:38:53:ac:42:c6:85:df:64:
cc:cc:39:18:99:61:d7:f8:31:b8:26:05:30:42:ab:
e9:07:7d:67:ef:4e:69:a8:97:c2:3e:ed:d9:e4:0b:
38:1f:2c:b4:ff:a2:a8:54:d8:bb:bb:85:25:80:e2:
96:25:e4:63:50:c1:2d:a1:9d:1f:2b:c6:bb:e9:7c:
e3:59:c0:cd:5b:66:c2:c2:8e:d9:4e:ef:e5:ab:53:
09:05:74:c6:50:23:9f:9e:b0:dc:63:94:09:5e:3b:
40:1f:2f:aa:74:74:43:1c:39:0e:75:16:9b:9b:29:
56:2e:af:4b:11:74:59:02:37:d3:ae:15:6b:64:96:
c7:98:58:ad:f6:23:be:78:bc:ef:2c:6e:41:17:6d:
86:2a:6e:44:ee:72:f8:86:0e:26:96:6e:00:aa:f1:
5d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DB:93:73:4D:89:34:55:1B:F7:03:15:54:BE:7B:FC:C8:18:96:6A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D81B830AEC8C11EF949ED3A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.145.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:48:d9:9d:af:e4:9e:03:70:27:f3:82:22:53:26:bf:4e:4d:
60:51:8a:29:8d:c4:69:f7:b9:e2:b5:89:2d:d5:6a:eb:41:99:
d6:97:8a:eb:be:5a:e7:7c:c8:c3:7b:0d:eb:1e:13:4f:fe:55:
52:c6:70:00:61:80:6f:ad:1f:f5:9b:84:04:e8:8e:8e:af:48:
62:e8:8c:67:72:82:fd:83:87:31:83:28:3e:6a:39:cf:7f:a9:
dc:c2:da:e1:37:f4:1a:25:28:97:f8:04:3a:2f:68:17:92:17:
b4:c2:cd:66:34:28:00:f6:19:00:db:aa:e4:dc:57:7b:d1:cc:
02:bf:a8:94:38:b6:0b:74:b7:e8:6a:b5:d6:e5:19:0d:49:0b:
5c:d0:6d:09:51:42:3d:1f:c8:80:51:8b:06:1a:85:8d:3a:51:
95:75:81:6c:21:92:ca:eb:be:e1:1f:a6:a1:3b:32:06:09:bb:
23:e5:90:9a:cf:b5:1e:72:24:ec:aa:7b:3a:b2:94:3c:ba:82:
61:5e:e4:46:21:e8:ac:e7:fb:58:b8:9b:0e:1d:98:62:04:75:
de:db:69:98:d0:8f:2c:d6:f4:5e:d9:cf:95:f6:53:0d:97:a4:
3a:4f:d6:1c:27:72:07:f3:cf:dd:f7:35:d0:0e:9e:e7:63:f1:
cc:22:56:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASRSMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjE2MTczODMwWhcNMjcxMjEzMTczODMwWjAYMRYw
FAYDVQQDEw02N2IyMjI5YS02ODI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxdgpIlu0l3MXh0DfgLUEWaz+FjbAluiklF6grI5fqwcaF1cv//A8nY0K
RMMDQ80IlzcvA7hPHIxLEbrq8/+vGMrxTqDuek/0K0KyJBwyRqcg9Hh7ecCNCxm4
2SDQobxCOFOsQsaF32TMzDkYmWHX+DG4JgUwQqvpB31n705pqJfCPu3Z5As4Hyy0
/6KoVNi7u4UlgOKWJeRjUMEtoZ0fK8a76XzjWcDNW2bCwo7ZTu/lq1MJBXTGUCOf
nrDcY5QJXjtAHy+qdHRDHDkOdRabmylWLq9LEXRZAjfTrhVrZJbHmFit9iO+eLzv
LG5BF22GKm5E7nL4hg4mlm4AqvFdXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGHb
k3NNiTRVG/cDFVS+e/zIGJZqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EODFCODMwQUVDOEMxMUVGOTQ5RUQzQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOaRMA0GCSqGSIb3DQEBCwUA
A4IBAQBcSNmdr+SeA3An84IiUya/Tk1gUYopjcRp97nitYkt1WrrQZnWl4rrvlrn
fMjDew3rHhNP/lVSxnAAYYBvrR/1m4QE6I6Or0hi6IxncoL9g4cxgyg+ajnPf6nc
wtrhN/QaJSiX+AQ6L2gXkhe0ws1mNCgA9hkA26rk3Fd70cwCv6iUOLYLdLfoarXW
5RkNSQtc0G0JUUI9H8iAUYsGGoWNOlGVdYFsIZLK677hH6ahOzIGCbsj5ZCaz7Ue
ciTsqns6spQ8uoJhXuRGIeis5/tYuJsOHZhiBHXe22mY0I8s1vRe2c+V9lMNl6Q6
T9YcJ3IH88/d9zXQDp7nY/HMIlal
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:38 2025 by rpki-client