Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DCAD23B6F35711EFBDC6A68F762E951A.roa
File: DCAD23B6F35711EFBDC6A68F762E951A.roa (raw, json)
Hash identifier: 0TiqvJFO7Q9Xr4zwIoJiDjaIjxzK/aMQXRiXxhaAaqg=
Subject key identifier: 36:EB:C7:05:62:2D:7A:33:FD:2D:FD:C8:B2:F4:F8:AA:C9:A6:08:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012DFA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DCAD23B6F35711EFBDC6A68F762E951A.roa
Signing time: Tue 25 Feb 2025 09:06:56 +0000
ROA not before: Tue 25 Feb 2025 09:06:52 +0000
ROA not after: Sat 19 Feb 2028 09:06:52 +0000
asID: 17561
IP address blocks: 156.249.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77306 (0x12dfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 25 09:06:52 2025 GMT
Not After : Feb 19 09:06:52 2028 GMT
Subject: CN=67bd8830-9a77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:82:c6:f2:42:83:a7:a1:27:9c:84:25:16:09:
44:1a:6e:98:21:ea:f6:09:22:28:bb:d5:6c:3c:e9:
be:03:a5:c7:80:52:52:f4:5b:cf:5a:18:b4:7a:08:
92:94:38:f6:7a:ed:71:1c:dd:58:ce:ce:07:de:86:
fe:56:0c:95:70:b6:fb:42:e6:57:73:87:a1:69:5e:
43:9d:df:ef:97:45:2a:a0:4d:b0:85:ed:4d:12:83:
a3:6d:ab:6d:e9:0a:de:06:f4:b3:5b:1d:3f:56:d5:
4c:64:b6:13:40:16:cc:00:9f:5e:24:4b:fc:9b:bd:
2c:e5:39:1b:01:e3:77:fb:b0:89:f8:aa:89:77:50:
cd:ca:9d:bb:71:ad:1a:8a:4b:35:b1:92:dd:4f:96:
df:59:15:bc:ac:23:3d:06:bf:ac:88:85:01:9c:32:
aa:80:fa:02:c5:42:a6:d5:eb:00:45:2d:04:87:1a:
31:94:bd:23:cc:69:95:44:2c:55:4e:1f:f3:5b:bc:
fb:85:58:32:8c:ef:c1:4d:72:42:32:d3:2e:ad:40:
e3:1a:b0:fc:fd:88:24:93:26:8f:8f:23:86:5f:c9:
a7:f7:f3:28:47:ce:72:06:92:72:2f:b8:85:c0:86:
fc:9b:db:f0:65:34:cc:56:9c:47:d8:da:d5:0a:94:
b5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EB:C7:05:62:2D:7A:33:FD:2D:FD:C8:B2:F4:F8:AA:C9:A6:08:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DCAD23B6F35711EFBDC6A68F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.250.0/24
Signature Algorithm: sha256WithRSAEncryption
29:7a:01:39:78:70:1a:a6:a3:54:16:91:fd:8c:10:7e:e2:d4:
b7:00:c7:1f:50:71:67:0c:35:a2:a3:2e:8f:14:8d:bc:89:2a:
ba:2c:10:86:79:48:2d:b0:e1:1c:63:da:1b:b8:50:ec:61:eb:
f9:3e:a1:36:1e:03:dd:38:81:14:57:c0:72:13:2e:33:92:cb:
52:40:03:c6:3b:c1:55:bc:de:2d:eb:3e:fb:61:77:8a:2c:30:
67:dd:33:3c:25:78:ef:02:de:50:0f:98:24:66:b4:2c:02:ce:
8b:8b:d2:af:ed:99:b6:57:3c:37:bb:58:d8:7b:d2:4e:54:76:
04:40:65:87:e2:92:48:70:91:61:10:1a:13:76:7d:c0:65:53:
57:76:ea:3c:b7:d6:46:60:e6:86:c5:c9:58:6a:a2:60:c7:62:
4b:ad:c9:69:98:6d:1e:41:39:04:fd:48:25:37:f1:5f:12:24:
cf:cc:69:e0:fa:1b:52:6a:14:d3:56:29:cd:d2:0d:28:f8:34:
f0:a6:63:04:33:e2:93:79:43:11:bf:ba:1b:04:52:87:80:78:
e6:58:94:13:48:e9:7e:48:3a:34:93:d8:37:c5:77:ba:5a:1f:
5e:74:7d:a6:a2:f6:1b:e0:51:ef:10:79:59:13:ce:1c:4a:8f:
04:2f:0b:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS36MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI1MDkwNjUyWhcNMjgwMjE5MDkwNjUyWjAYMRYw
FAYDVQQDEw02N2JkODgzMC05YTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwoLG8kKDp6EnnIQlFglEGm6YIer2CSIou9VsPOm+A6XHgFJS9FvPWhi0
egiSlDj2eu1xHN1Yzs4H3ob+VgyVcLb7QuZXc4ehaV5Dnd/vl0UqoE2whe1NEoOj
batt6QreBvSzWx0/VtVMZLYTQBbMAJ9eJEv8m70s5TkbAeN3+7CJ+KqJd1DNyp27
ca0aiks1sZLdT5bfWRW8rCM9Br+siIUBnDKqgPoCxUKm1esARS0EhxoxlL0jzGmV
RCxVTh/zW7z7hVgyjO/BTXJCMtMurUDjGrD8/YgkkyaPjyOGX8mn9/MoR85yBpJy
L7iFwIb8m9vwZTTMVpxH2NrVCpS1CwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDbr
xwViLXoz/S39yLL0+KrJpgj0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQ0FEMjNCNkYzNTcxMUVGQkRDNkE2OEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPn6MA0GCSqGSIb3DQEBCwUA
A4IBAQApegE5eHAapqNUFpH9jBB+4tS3AMcfUHFnDDWioy6PFI28iSq6LBCGeUgt
sOEcY9obuFDsYev5PqE2HgPdOIEUV8ByEy4zkstSQAPGO8FVvN4t6z77YXeKLDBn
3TM8JXjvAt5QD5gkZrQsAs6Li9Kv7Zm2Vzw3u1jYe9JOVHYEQGWH4pJIcJFhEBoT
dn3AZVNXduo8t9ZGYOaGxclYaqJgx2JLrclpmG0eQTkE/UglN/FfEiTPzGng+htS
ahTTVinN0g0o+DTwpmMEM+KTeUMRv7obBFKHgHjmWJQTSOl+SDo0k9g3xXe6Wh9e
dH2movYb4FHvEHlZE84cSo8ELwu4
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:08:56 2025 by rpki-client