Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB15B7C2F47711EFAEC6D64C762E951A.roa
File: DB15B7C2F47711EFAEC6D64C762E951A.roa (raw, json)
Hash identifier: cT02YeSrOQHAf8T9gNtqDTS5fXcEBMNQ7SyQpF74j+8=
Subject key identifier: 00:3C:64:12:E6:43:5B:1C:5E:E2:A0:24:2C:0A:13:5C:AA:72:11:41
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013709
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB15B7C2F47711EFAEC6D64C762E951A.roa
Signing time: Wed 26 Feb 2025 19:28:29 +0000
ROA not before: Wed 26 Feb 2025 19:28:25 +0000
ROA not after: Thu 19 Feb 2026 19:28:25 +0000
asID: 984
IP address blocks: 156.247.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79625 (0x13709)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 19:28:25 2025 GMT
Not After : Feb 19 19:28:25 2026 GMT
Subject: CN=67bf6b5c-51d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8b:53:ed:c7:72:ed:73:6f:dd:6e:df:9c:72:
f6:dd:0a:c3:75:19:96:62:8d:04:7f:c6:1c:ed:b8:
29:89:cc:af:da:85:b0:f2:a5:7f:44:a0:08:6f:ca:
67:98:10:25:b0:f1:5d:a7:2f:37:d8:2b:ec:8e:e4:
df:91:60:f4:dc:95:f1:c0:e7:40:15:0b:ab:a2:db:
c7:81:55:4a:f1:e7:22:ec:5c:be:36:86:cd:0a:31:
13:93:f9:48:db:80:b8:2b:71:32:a7:0d:24:8a:29:
94:c6:ec:7e:b3:99:a4:5c:4a:9a:4c:70:76:96:cf:
7d:a5:77:23:f8:3c:0d:1d:f0:bc:b8:e6:86:15:41:
12:93:1b:6e:74:cc:de:34:e8:bf:09:d2:7c:00:b7:
61:24:00:7e:fc:1e:bd:f6:27:af:d1:24:84:f7:8b:
07:b3:1b:c7:be:77:c6:43:3d:19:71:b2:a0:91:2e:
2d:a8:ae:17:88:d1:ea:a0:fa:8a:22:4c:72:5f:51:
ee:26:96:9e:39:f9:dc:63:f7:2e:77:c6:88:ac:af:
4f:7b:42:80:47:b3:fb:af:ef:42:fb:08:02:12:a8:
96:20:a3:9c:d6:82:f0:0d:34:68:7d:12:31:fe:43:
40:0e:d9:7f:a5:58:a6:3e:14:46:99:b7:b7:42:50:
d0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3C:64:12:E6:43:5B:1C:5E:E2:A0:24:2C:0A:13:5C:AA:72:11:41
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB15B7C2F47711EFAEC6D64C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.32.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d6:30:72:a7:b3:d5:fb:a2:a2:09:30:37:3d:ab:dd:21:a1:
72:77:4f:b9:32:9d:0e:2c:9b:5e:7f:68:1d:3b:14:99:a4:0d:
bb:89:2c:07:c0:c3:d8:2d:c1:5b:52:3a:ea:76:fa:17:3d:31:
5f:f7:72:4a:cd:72:56:2f:d6:ab:48:23:d2:79:86:b1:0c:25:
c4:fa:87:b4:2e:ef:40:d6:bb:83:41:6b:16:17:fd:12:7d:0e:
68:fe:5b:13:63:cc:2d:d2:39:5f:09:39:a9:d7:8a:1f:6f:95:
96:f3:4f:b7:5e:29:ff:58:96:cc:b6:91:ca:7c:5a:ff:52:4b:
18:50:a9:b1:f7:df:59:57:ee:23:7d:21:6a:cb:17:26:47:28:
69:2a:7f:e3:b6:7e:bc:c7:de:f4:19:86:cd:5e:8f:00:fe:34:
73:1b:6a:98:7a:b0:f9:61:d1:46:e1:dc:39:fc:04:0a:e9:5b:
79:46:de:62:d4:eb:d5:d4:47:11:94:f9:41:df:16:4b:f1:04:
f3:a2:60:b7:85:93:6c:82:70:d8:21:24:5e:f5:71:5e:f4:d4:
94:cd:5b:bd:df:38:49:d1:53:60:ac:f0:d5:9b:c1:87:54:b2:
30:3a:54:e1:27:c2:2a:84:b9:fb:f3:c5:a4:7c:95:6f:a5:c0:
dd:24:4f:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATcJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTkyODI1WhcNMjYwMjE5MTkyODI1WjAYMRYw
FAYDVQQDEw02N2JmNmI1Yy01MWQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuItT7cdy7XNv3W7fnHL23QrDdRmWYo0Ef8Yc7bgpicyv2oWw8qV/RKAI
b8pnmBAlsPFdpy832CvsjuTfkWD03JXxwOdAFQurotvHgVVK8eci7Fy+NobNCjET
k/lI24C4K3Eypw0kiimUxux+s5mkXEqaTHB2ls99pXcj+DwNHfC8uOaGFUESkxtu
dMzeNOi/CdJ8ALdhJAB+/B699iev0SSE94sHsxvHvnfGQz0ZcbKgkS4tqK4XiNHq
oPqKIkxyX1HuJpaeOfncY/cud8aIrK9Pe0KAR7P7r+9C+wgCEqiWIKOc1oLwDTRo
fRIx/kNADtl/pVimPhRGmbe3QlDQYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAA8
ZBLmQ1scXuKgJCwKE1yqchFBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQjE1QjdDMkY0NzcxMUVGQUVDNkQ2NEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcgMA0GCSqGSIb3DQEBCwUA
A4IBAQBE1jByp7PV+6KiCTA3PavdIaFyd0+5Mp0OLJtef2gdOxSZpA27iSwHwMPY
LcFbUjrqdvoXPTFf93JKzXJWL9arSCPSeYaxDCXE+oe0Lu9A1ruDQWsWF/0SfQ5o
/lsTY8wt0jlfCTmp14ofb5WW80+3Xin/WJbMtpHKfFr/UksYUKmx999ZV+4jfSFq
yxcmRyhpKn/jtn68x970GYbNXo8A/jRzG2qYerD5YdFG4dw5/AQK6Vt5Rt5i1OvV
1EcRlPlB3xZL8QTzomC3hZNsgnDYISRe9XFe9NSUzVu93zhJ0VNgrPDVm8GHVLIw
OlThJ8IqhLn788WkfJVvpcDdJE/z
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:37 2025 by rpki-client