Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBAB7A38F43A11EFBB9112A2762E951A.roa
File: DBAB7A38F43A11EFBB9112A2762E951A.roa (raw, json)
Hash identifier: 6PYLIpgN+AlP7Gi/BtSqMBqPQV3hOF5TJ+6iudyFkzI=
Subject key identifier: 3E:A6:3C:D0:60:0C:D1:4A:D2:C8:2D:5B:0F:59:E0:ED:CF:39:5B:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01323A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBAB7A38F43A11EFBB9112A2762E951A.roa
Signing time: Wed 26 Feb 2025 12:11:50 +0000
ROA not before: Wed 26 Feb 2025 12:11:46 +0000
ROA not after: Thu 19 Feb 2026 12:11:46 +0000
asID: 984
IP address blocks: 156.252.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78394 (0x1323a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 12:11:46 2025 GMT
Not After : Feb 19 12:11:46 2026 GMT
Subject: CN=67bf0506-df9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4e:fc:7f:15:d6:c0:45:71:3d:d1:1f:5e:d0:
6d:48:ab:21:bb:22:ff:ac:90:88:cf:2d:05:d8:f1:
f3:c2:eb:16:fb:3c:65:35:b4:94:0a:b8:f6:fe:d7:
61:47:58:8a:1b:cb:56:75:52:93:06:9f:64:42:a7:
df:ca:dc:d7:30:05:97:a1:d9:db:e5:94:82:79:c5:
42:01:3a:d5:d2:67:28:f6:40:71:f2:16:05:f1:de:
d0:3f:35:04:23:f6:c7:86:9a:92:33:19:8d:8d:f4:
fc:27:58:83:f3:9b:2a:ed:15:46:ff:d3:91:09:0a:
02:ca:7f:86:0c:43:bb:64:e8:17:6f:db:56:09:7b:
1d:69:ee:a0:69:51:f6:75:fb:85:ec:d6:2d:9e:91:
d4:28:4a:70:c3:a2:ee:32:f5:f4:9c:8b:1a:1f:2d:
5d:a6:18:c2:22:30:55:f4:7c:6f:36:67:f0:b0:b3:
f8:ac:96:d9:87:67:99:b8:16:47:9c:83:7e:f5:31:
23:75:ef:50:19:1e:84:e4:d0:03:76:b8:d9:27:50:
f0:6a:a2:20:d5:4d:35:cd:54:51:60:33:92:9f:be:
14:5b:a2:3c:32:b5:c3:d6:e2:91:c8:72:1e:ed:96:
68:96:1a:41:77:29:61:7e:00:92:cf:b4:a1:8d:08:
04:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A6:3C:D0:60:0C:D1:4A:D2:C8:2D:5B:0F:59:E0:ED:CF:39:5B:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBAB7A38F43A11EFBB9112A2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.137.0/24
Signature Algorithm: sha256WithRSAEncryption
20:78:f6:5c:02:c1:a1:ca:5b:00:73:84:b6:6a:54:e0:98:4d:
4d:c6:ec:1b:2e:40:ad:3a:d4:1a:7e:ce:dc:ad:0e:e3:ad:21:
62:36:19:16:87:1c:0f:db:3c:47:b3:11:ef:bb:6f:a7:3a:7d:
00:a0:03:20:a1:61:f7:07:b8:d5:e2:4f:96:b2:2c:bd:27:ca:
c1:44:f4:9a:9a:1d:ff:04:e7:c1:88:da:ce:75:88:09:06:92:
a4:b9:c0:18:f5:1b:7f:16:f7:3c:71:4b:4f:5c:87:97:f3:a7:
47:23:2c:f4:0b:20:0a:dd:c4:e3:99:8d:20:81:44:7b:db:d1:
f3:75:7f:0a:be:fb:a8:c5:42:1a:ee:2e:f2:f7:16:06:2e:cb:
a6:92:02:fa:0b:cf:05:95:66:d7:c7:66:a8:30:60:56:17:d7:
97:e1:1c:f2:84:b2:c5:7e:ee:59:0c:9a:a2:f1:24:5f:8f:b9:
e2:9a:72:eb:dc:65:6d:6e:f2:61:5f:7a:e2:a1:20:89:f0:00:
4a:bf:fb:84:56:8a:53:ab:c6:2c:fe:af:bd:25:c9:26:a3:c4:
1c:db:a7:f3:e0:b9:a8:cd:c1:e5:78:4f:23:a5:d5:ea:7e:6c:
6d:b5:10:91:10:6c:6a:d3:65:20:f4:0d:cf:99:03:d2:63:76:
11:84:9e:74
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATI6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTIxMTQ2WhcNMjYwMjE5MTIxMTQ2WjAYMRYw
FAYDVQQDEw02N2JmMDUwNi1kZjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzU78fxXWwEVxPdEfXtBtSKshuyL/rJCIzy0F2PHzwusW+zxlNbSUCrj2
/tdhR1iKG8tWdVKTBp9kQqffytzXMAWXodnb5ZSCecVCATrV0mco9kBx8hYF8d7Q
PzUEI/bHhpqSMxmNjfT8J1iD85sq7RVG/9ORCQoCyn+GDEO7ZOgXb9tWCXsdae6g
aVH2dfuF7NYtnpHUKEpww6LuMvX0nIsaHy1dphjCIjBV9HxvNmfwsLP4rJbZh2eZ
uBZHnIN+9TEjde9QGR6E5NADdrjZJ1DwaqIg1U01zVRRYDOSn74UW6I8MrXD1uKR
yHIe7ZZolhpBdylhfgCSz7ShjQgEXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFD6m
PNBgDNFK0sgtWw9Z4O3POVudMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQkFCN0EzOEY0M0ExMUVGQkI5MTEyQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPyJMA0GCSqGSIb3DQEBCwUA
A4IBAQAgePZcAsGhylsAc4S2alTgmE1NxuwbLkCtOtQafs7crQ7jrSFiNhkWhxwP
2zxHsxHvu2+nOn0AoAMgoWH3B7jV4k+Wsiy9J8rBRPSamh3/BOfBiNrOdYgJBpKk
ucAY9Rt/Fvc8cUtPXIeX86dHIyz0CyAK3cTjmY0ggUR729HzdX8KvvuoxUIa7i7y
9xYGLsumkgL6C88FlWbXx2aoMGBWF9eX4RzyhLLFfu5ZDJqi8SRfj7nimnLr3GVt
bvJhX3rioSCJ8ABKv/uEVopTq8Ys/q+9Jckmo8Qc26fz4LmozcHleE8jpdXqfmxt
tRCREGxq02Ug9A3PmQPSY3YRhJ50
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:51 2025 by rpki-client