Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB4FB9DC058311F0B7751E6E762E951A.roa
File: DB4FB9DC058311F0B7751E6E762E951A.roa (raw, json)
Hash identifier: TMI5zxU5GPs8Psg1DfkozQn9BQSb3zvhlkil/79rn+Q=
Subject key identifier: 1E:5B:7C:97:06:48:07:ED:C7:3D:E6:D3:F3:93:8D:2A:16:9B:03:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014750
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB4FB9DC058311F0B7751E6E762E951A.roa
Signing time: Thu 20 Mar 2025 12:07:13 +0000
ROA not before: Thu 20 Mar 2025 12:07:09 +0000
ROA not after: Tue 29 Apr 2025 12:07:09 +0000
asID: 5068
IP address blocks: 156.224.84.0/22 maxlen: 24
156.224.92.0/22 maxlen: 24
156.224.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83792 (0x14750)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 20 12:07:09 2025 GMT
Not After : Apr 29 12:07:09 2025 GMT
Subject: CN=67dc04f1-6851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9c:ef:f9:40:54:0c:33:91:38:c3:38:99:6a:
5b:a1:36:b5:6c:cf:44:82:ef:3e:4c:0c:ea:d8:d3:
b4:fc:f2:01:63:02:e9:ec:bd:82:13:a4:23:ef:1b:
fe:c7:95:aa:e4:25:1d:9a:99:b7:66:e1:45:0e:be:
29:e9:20:c1:51:d9:6e:08:e7:58:90:78:05:ce:4b:
9f:45:a6:33:35:c5:4d:47:89:04:a9:a6:7a:87:2b:
d1:09:be:08:75:61:f6:66:91:8b:3d:c7:02:da:9b:
10:15:65:de:6d:9c:1f:df:b6:96:f5:8b:7a:3b:31:
ab:f0:0f:8c:0b:62:1b:e0:04:f6:fe:dc:f3:12:3c:
46:0d:0f:3c:5f:19:0b:57:a4:49:c1:43:83:c2:88:
1e:35:30:71:a0:ae:02:c5:3b:dc:fc:13:36:2f:67:
e0:03:0f:57:9e:b1:67:1f:09:46:d6:e4:41:19:93:
b4:cc:fd:52:57:f3:cd:9a:79:bf:63:8d:ff:98:07:
5a:47:43:de:1c:4f:76:b6:88:ac:9a:94:9d:9f:8e:
73:d6:ab:c1:12:d1:78:c9:3c:7a:1b:b6:8e:5f:50:
22:46:e5:0d:7f:26:c4:84:fc:4b:e6:8d:4a:67:84:
ee:b5:d2:cc:0d:54:e3:2a:56:27:73:96:d7:d1:54:
0a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5B:7C:97:06:48:07:ED:C7:3D:E6:D3:F3:93:8D:2A:16:9B:03:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB4FB9DC058311F0B7751E6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.84.0/22
156.224.92.0-156.224.127.255
Signature Algorithm: sha256WithRSAEncryption
1a:ed:91:0a:2a:4a:8d:48:09:52:a7:2b:79:2d:04:cf:f1:b7:
31:cc:d2:d8:82:63:85:ef:b5:92:14:f5:b6:61:cb:59:67:30:
fc:d7:d9:29:49:89:06:89:67:6f:1c:43:5b:06:11:0a:49:ad:
18:ba:10:18:6f:a3:d2:03:80:1a:9d:01:b1:0a:aa:3d:68:0f:
cb:d4:a8:33:f2:10:c3:0b:20:ba:84:33:27:48:8c:32:ca:c6:
dd:c5:25:e1:8d:ed:25:43:31:94:3f:65:d6:3c:e6:02:59:4c:
c4:27:16:ff:3d:9e:53:49:e4:05:b6:c2:d5:29:31:2f:3c:ea:
6f:e7:46:d7:0d:a8:86:01:1d:23:4f:96:76:b6:dd:64:3f:c2:
5f:48:4d:43:ab:d8:ae:2b:c4:87:92:42:5e:e8:9a:b0:32:bc:
bd:fe:c0:ac:17:94:f9:ac:a3:00:28:e8:d8:8f:34:fa:ea:9f:
44:c9:4e:7a:49:90:7d:71:19:82:72:dd:2b:cd:79:4b:eb:55:
88:58:62:04:6c:cf:54:dd:ab:82:41:a7:a3:9a:3e:96:97:6a:
93:ad:4c:83:8e:d7:3d:37:75:6d:ec:4d:f5:15:68:c1:7f:e0:
70:6b:a5:5d:e8:a0:d8:70:03:5a:3d:f2:ea:ab:cc:41:f0:79:
ef:fa:5c:6a
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUdQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzIwMTIwNzA5WhcNMjUwNDI5MTIwNzA5WjAYMRYw
FAYDVQQDEw02N2RjMDRmMS02ODUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvJzv+UBUDDOROMM4mWpboTa1bM9Egu8+TAzq2NO0/PIBYwLp7L2CE6Qj
7xv+x5Wq5CUdmpm3ZuFFDr4p6SDBUdluCOdYkHgFzkufRaYzNcVNR4kEqaZ6hyvR
Cb4IdWH2ZpGLPccC2psQFWXebZwf37aW9Yt6OzGr8A+MC2Ib4AT2/tzzEjxGDQ88
XxkLV6RJwUODwogeNTBxoK4CxTvc/BM2L2fgAw9XnrFnHwlG1uRBGZO0zP1SV/PN
mnm/Y43/mAdaR0PeHE92toismpSdn45z1qvBEtF4yTx6G7aOX1AiRuUNfybEhPxL
5o1KZ4TutdLMDVTjKlYnc5bX0VQK/wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFB5b
fJcGSAftxz3m0/OTjSoWmwOoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQjRGQjlEQzA1ODMxMUYwQjc3NTFFNkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCnOBUMAwDBAKc4FwDBAec4AAw
DQYJKoZIhvcNAQELBQADggEBABrtkQoqSo1ICVKnK3ktBM/xtzHM0tiCY4XvtZIU
9bZhy1lnMPzX2SlJiQaJZ28cQ1sGEQpJrRi6EBhvo9IDgBqdAbEKqj1oD8vUqDPy
EMMLILqEMydIjDLKxt3FJeGN7SVDMZQ/ZdY85gJZTMQnFv89nlNJ5AW2wtUpMS88
6m/nRtcNqIYBHSNPlna23WQ/wl9ITUOr2K4rxIeSQl7omrAyvL3+wKwXlPmsowAo
6NiPNPrqn0TJTnpJkH1xGYJy3SvNeUvrVYhYYgRsz1Tdq4JBp6OaPpaXapOtTIOO
1z03dW3sTfUVaMF/4HBrpV3ooNhwA1o98uqrzEHwee/6XGo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:41 2025 by rpki-client