Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDCC7C80F44F11EFBE1258B6762E951A.roa
File: DDCC7C80F44F11EFBE1258B6762E951A.roa (raw, json)
Hash identifier: vByhHRXYO3roRJa4CDwSrRlqGJ1Dl5VkXLWE1LzehPw=
Subject key identifier: C9:28:2C:16:32:43:AA:CD:49:0B:A0:29:DF:19:C5:1B:EB:C7:E7:EC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0133DF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDCC7C80F44F11EFBE1258B6762E951A.roa
Signing time: Wed 26 Feb 2025 14:42:13 +0000
ROA not before: Wed 26 Feb 2025 14:42:09 +0000
ROA not after: Thu 19 Feb 2026 14:42:09 +0000
asID: 984
IP address blocks: 156.252.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78815 (0x133df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 14:42:09 2025 GMT
Not After : Feb 19 14:42:09 2026 GMT
Subject: CN=67bf2845-f7a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:39:4e:05:10:6f:8d:bd:43:9e:88:0d:16:4f:
a2:9c:80:0a:36:c9:3b:0b:7f:5a:34:17:c8:aa:c6:
ad:82:c3:2d:56:e9:41:1c:8d:c7:12:89:82:2e:d2:
a5:a9:bc:f7:9f:22:4f:8e:0b:39:67:42:39:0f:f0:
28:b2:9a:a0:f5:4c:cb:ac:92:61:0e:a3:dc:df:a5:
1e:e3:b4:db:c8:e4:8a:c8:67:63:3f:e3:d7:fd:08:
a9:90:47:1d:3e:a6:42:3c:0a:e8:3e:b6:98:f7:a6:
94:fe:b9:2d:99:d9:2e:67:fd:7b:fa:82:9e:4f:83:
3c:b9:71:a2:63:96:2d:a6:de:11:83:95:2b:2b:7c:
ca:e1:97:d3:73:88:97:79:32:59:cf:98:e1:08:58:
e8:b3:79:35:5a:65:cf:2c:b4:15:cf:f0:02:2e:50:
f2:e5:14:3c:39:eb:5a:d8:24:22:da:15:8e:65:58:
bd:9c:66:cc:c9:69:e1:54:7e:8f:95:d0:a4:b5:90:
49:67:22:ce:e5:e7:1a:55:c9:ad:3f:db:dd:0a:17:
21:b2:ad:dc:c7:a0:39:a3:b2:75:f3:17:8a:f0:f1:
77:ea:f1:b2:ee:cd:fd:33:83:e7:15:04:ee:49:29:
b5:77:6d:03:1c:3e:76:b5:e3:1b:03:f2:87:c0:43:
3d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:28:2C:16:32:43:AA:CD:49:0B:A0:29:DF:19:C5:1B:EB:C7:E7:EC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDCC7C80F44F11EFBE1258B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.197.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:15:02:9a:d1:9b:a6:3c:25:ee:c8:51:37:b1:3e:f3:b8:60:
b1:0f:8d:63:19:d5:fc:d7:58:a2:fc:93:56:b9:e5:6d:ea:bc:
66:ad:3c:25:e8:81:57:47:18:e6:df:6c:7e:61:e1:ba:d1:82:
ca:b8:43:93:34:a2:2d:22:6b:3f:2d:bc:68:45:5b:7b:85:4c:
c9:a0:c9:38:eb:e5:8d:e9:d3:89:99:08:6e:7b:8f:6e:e1:70:
65:e0:69:d0:d0:6c:ec:36:cd:fc:f9:8d:e4:5f:75:b6:dc:48:
16:94:33:dc:f3:2e:0e:0b:a5:4f:b1:48:4b:38:42:b6:c4:26:
13:d8:15:a8:6b:0b:01:82:68:5d:9c:f5:76:5a:d6:a5:53:86:
57:59:dd:55:0c:51:f0:7f:99:6d:e9:7c:3b:95:13:b5:3d:29:
3b:76:f8:92:aa:61:fb:ec:c0:41:4b:59:71:e9:83:62:d5:58:
11:92:c0:47:6e:ab:f9:76:f0:24:df:8d:49:b2:ca:f5:f5:c6:
00:26:98:c3:2c:69:2d:b3:6a:17:e3:2f:35:41:43:f4:74:90:
b7:6d:c6:00:03:01:53:dc:62:61:89:1c:22:a4:5a:d8:f1:b4:
81:d3:0c:1f:b6:12:7e:34:a6:0d:ff:e0:ce:cb:22:7b:6d:b0:
b5:4a:8c:01
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATPfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTQ0MjA5WhcNMjYwMjE5MTQ0MjA5WjAYMRYw
FAYDVQQDEw02N2JmMjg0NS1mN2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvTlOBRBvjb1DnogNFk+inIAKNsk7C39aNBfIqsatgsMtVulBHI3HEomC
LtKlqbz3nyJPjgs5Z0I5D/Aospqg9UzLrJJhDqPc36Ue47TbyOSKyGdjP+PX/Qip
kEcdPqZCPAroPraY96aU/rktmdkuZ/17+oKeT4M8uXGiY5Ytpt4Rg5UrK3zK4ZfT
c4iXeTJZz5jhCFjos3k1WmXPLLQVz/ACLlDy5RQ8Oeta2CQi2hWOZVi9nGbMyWnh
VH6PldCktZBJZyLO5ecaVcmtP9vdChchsq3cx6A5o7J18xeK8PF36vGy7s39M4Pn
FQTuSSm1d20DHD52teMbA/KHwEM9qwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMko
LBYyQ6rNSQugKd8ZxRvrx+fsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERENDN0M4MEY0NEYxMUVGQkUxMjU4QjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPzFMA0GCSqGSIb3DQEBCwUA
A4IBAQCqFQKa0ZumPCXuyFE3sT7zuGCxD41jGdX811ii/JNWueVt6rxmrTwl6IFX
Rxjm32x+YeG60YLKuEOTNKItIms/LbxoRVt7hUzJoMk46+WN6dOJmQhue49u4XBl
4GnQ0GzsNs38+Y3kX3W23EgWlDPc8y4OC6VPsUhLOEK2xCYT2BWoawsBgmhdnPV2
WtalU4ZXWd1VDFHwf5lt6Xw7lRO1PSk7dviSqmH77MBBS1lx6YNi1VgRksBHbqv5
dvAk341Jssr19cYAJpjDLGkts2oX4y81QUP0dJC3bcYAAwFT3GJhiRwipFrY8bSB
0wwfthJ+NKYN/+DOyyJ7bbC1SowB
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:11:50 2025 by rpki-client