Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD5138BA058211F0B22CC669762E951A.roa
File: DD5138BA058211F0B22CC669762E951A.roa (raw, json)
Hash identifier: ANS4RaikkeNEGMn1hH8xZenfuqXDrgyW3wGZr+WiAhY=
Subject key identifier: FC:01:22:50:2A:26:19:24:C0:AB:39:68:FA:3C:1E:0A:93:ED:88:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014748
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD5138BA058211F0B22CC669762E951A.roa
Signing time: Thu 20 Mar 2025 12:00:06 +0000
ROA not before: Thu 20 Mar 2025 12:00:02 +0000
ROA not after: Mon 28 Apr 2025 12:00:02 +0000
asID: 996
IP address blocks: 156.235.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83784 (0x14748)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 20 12:00:02 2025 GMT
Not After : Apr 28 12:00:02 2025 GMT
Subject: CN=67dc0346-fa27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:88:79:e5:78:b8:1b:09:35:75:eb:6d:c3:da:
db:24:b0:36:c0:20:9c:70:d5:40:ff:09:2e:40:35:
a7:40:a7:2e:91:ae:13:ae:4a:6e:25:f5:6f:46:bd:
20:79:15:e8:8f:ff:bb:0c:0c:d6:be:4d:50:6a:84:
ff:a9:3c:76:9b:21:49:19:5b:86:c2:0e:42:00:30:
cd:ac:b2:d7:6f:cf:41:05:54:15:3b:fe:e6:ff:98:
89:b4:e1:72:0f:f8:e8:06:69:5a:ae:b1:bc:52:cc:
7f:3b:d9:f4:4f:4b:78:1e:be:4e:38:79:a9:79:fa:
67:26:8c:0c:1e:48:0a:e3:05:46:c9:bd:06:52:59:
a3:7a:00:b0:11:32:4f:ed:d8:da:91:04:ae:7b:37:
24:a1:5b:36:bd:28:3b:84:06:62:78:e8:c3:b9:e1:
4e:bf:e0:76:3a:c1:7b:b6:77:5c:fc:9a:88:d0:63:
9d:98:0b:c0:51:ae:64:2a:47:ad:b3:fb:7f:07:12:
55:68:44:20:20:3e:3f:3e:94:52:ea:81:bf:9b:77:
72:35:d2:7f:21:9f:b9:cd:56:98:c7:fe:ec:ce:24:
44:74:8d:67:1a:17:f9:65:15:82:07:24:ba:a3:7b:
96:e2:5d:62:e1:01:59:32:25:45:a7:16:d3:35:7d:
dd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:01:22:50:2A:26:19:24:C0:AB:39:68:FA:3C:1E:0A:93:ED:88:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DD5138BA058211F0B22CC669762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.94.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:f8:e3:34:e4:5b:8a:4b:73:79:69:90:82:61:f9:7b:bf:86:
3e:34:31:f7:b9:6f:95:0f:71:12:80:36:92:8a:f2:34:c2:70:
f3:6d:50:1f:c3:29:54:59:7d:85:45:79:6d:6b:d0:76:ba:bd:
04:33:12:f3:ec:b6:e3:91:27:c9:76:ee:de:5a:87:21:b9:e2:
00:83:6b:0e:a6:3b:df:51:b4:30:0a:52:0b:03:07:24:01:2d:
f3:ae:6d:28:95:69:c2:d6:10:3a:c3:07:22:b2:bd:bd:80:4d:
0b:e7:0a:be:c8:28:bd:0a:5a:e5:3a:bb:f8:52:74:76:5a:fc:
4a:70:d7:50:0b:90:97:30:93:24:0e:fd:42:39:d8:60:89:be:
89:2d:b8:f7:93:10:92:17:bd:69:d1:05:f4:05:79:28:eb:75:
fe:55:a2:3f:9c:07:01:42:f7:78:0f:3b:95:7c:b6:af:e3:2a:
21:fb:41:03:6e:06:93:88:78:14:0d:71:74:62:7d:32:be:bc:
84:81:ef:7c:7d:0b:eb:bf:ca:d6:6f:f5:e3:17:86:7f:01:7c:
ae:66:95:2f:74:69:b0:73:f5:07:ed:36:24:08:c7:f5:91:cd:
e3:8d:6b:84:5b:09:71:3c:37:2c:ab:cb:12:49:8b:ba:1c:50:
50:57:16:fc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUdIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzIwMTIwMDAyWhcNMjUwNDI4MTIwMDAyWjAYMRYw
FAYDVQQDEw02N2RjMDM0Ni1mYTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA/Yh55Xi4Gwk1dettw9rbJLA2wCCccNVA/wkuQDWnQKcuka4TrkpuJfVv
Rr0geRXoj/+7DAzWvk1QaoT/qTx2myFJGVuGwg5CADDNrLLXb89BBVQVO/7m/5iJ
tOFyD/joBmlarrG8Usx/O9n0T0t4Hr5OOHmpefpnJowMHkgK4wVGyb0GUlmjegCw
ETJP7djakQSuezckoVs2vSg7hAZieOjDueFOv+B2OsF7tndc/JqI0GOdmAvAUa5k
Kkets/t/BxJVaEQgID4/PpRS6oG/m3dyNdJ/IZ+5zVaYx/7sziREdI1nGhf5ZRWC
ByS6o3uW4l1i4QFZMiVFpxbTNX3dRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPwB
IlAqJhkkwKs5aPo8HgqT7YjCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERDUxMzhCQTA1ODIxMUYwQjIyQ0M2Njk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOteMA0GCSqGSIb3DQEBCwUA
A4IBAQAP+OM05FuKS3N5aZCCYfl7v4Y+NDH3uW+VD3ESgDaSivI0wnDzbVAfwylU
WX2FRXlta9B2ur0EMxLz7LbjkSfJdu7eWochueIAg2sOpjvfUbQwClILAwckAS3z
rm0olWnC1hA6wwcisr29gE0L5wq+yCi9ClrlOrv4UnR2WvxKcNdQC5CXMJMkDv1C
Odhgib6JLbj3kxCSF71p0QX0BXko63X+VaI/nAcBQvd4DzuVfLav4yoh+0EDbgaT
iHgUDXF0Yn0yvryEge98fQvrv8rWb/XjF4Z/AXyuZpUvdGmwc/UH7TYkCMf1kc3j
jWuEWwlxPDcsq8sSSYu6HFBQVxb8
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:16:56 2025 by rpki-client