Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE11C3CEF41F11EFB29C3D64762E951A.roa
File: DE11C3CEF41F11EFB29C3D64762E951A.roa (raw, json)
Hash identifier: IUXuzATpWt3J6MlylxxO4UmojtYrbAbw/dWZal8I2bY=
Subject key identifier: B6:83:03:92:54:65:52:79:C8:C0:4D:67:99:F0:B9:82:F1:31:D5:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01303C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE11C3CEF41F11EFB29C3D64762E951A.roa
Signing time: Wed 26 Feb 2025 08:58:38 +0000
ROA not before: Wed 26 Feb 2025 08:58:34 +0000
ROA not after: Thu 19 Feb 2026 08:58:34 +0000
asID: 984
IP address blocks: 156.252.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77884 (0x1303c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 08:58:34 2025 GMT
Not After : Feb 19 08:58:34 2026 GMT
Subject: CN=67bed7be-47f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2b:f3:fb:10:34:4b:f8:00:b2:d5:39:c9:f5:
31:da:b7:d2:ef:b1:07:dc:69:31:a9:50:cb:37:3b:
72:f4:21:8c:bf:71:ff:a3:41:56:54:a0:b4:81:a1:
b1:a1:e2:00:34:d7:50:b6:0d:2e:02:fe:14:67:87:
43:1b:56:2c:5e:8b:1f:76:0d:bf:b0:5e:9a:4d:56:
04:ee:20:b1:ab:e5:39:83:04:05:ef:c0:ee:25:c0:
e0:22:ef:ff:50:7b:05:59:36:ee:c1:c9:ff:bf:35:
2c:d2:e9:c2:26:18:53:b5:57:d0:5d:cc:b7:a4:75:
72:ba:e4:cf:89:ea:fc:51:61:26:fe:23:bd:f1:a0:
c6:3b:65:63:45:cc:2e:f8:9d:c3:9d:67:a7:be:84:
50:9e:cb:5c:66:ce:77:f2:62:55:70:a2:dd:1e:26:
df:9c:d1:41:22:3b:ff:da:bd:4c:72:29:b8:05:ed:
4f:48:e5:dd:29:db:f5:9e:36:b6:71:ed:bd:af:18:
c4:79:03:7c:c5:33:30:d8:9f:7c:38:fb:bc:50:b4:
97:29:eb:a7:95:81:28:db:6c:37:6a:b7:51:e8:c2:
16:2e:e4:49:4c:aa:89:b1:ce:f8:1c:98:2c:7d:b3:
03:f3:08:c5:60:dc:00:e2:b4:85:a5:2b:a3:69:0a:
c0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:83:03:92:54:65:52:79:C8:C0:4D:67:99:F0:B9:82:F1:31:D5:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE11C3CEF41F11EFB29C3D64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.38.0/24
Signature Algorithm: sha256WithRSAEncryption
61:80:2f:a0:ba:92:06:56:de:dc:81:7e:2f:b4:a0:0e:70:0f:
9f:d5:92:ec:4e:1c:9b:dd:1f:06:46:24:3d:85:ee:b9:f7:59:
5f:65:07:6c:bc:9d:48:02:96:a6:09:cf:e1:23:7d:87:cb:8c:
31:47:d4:e7:9e:85:fa:90:f5:bc:81:6d:a1:d6:c1:40:37:d9:
d5:03:0c:b7:a6:1f:28:01:7c:6f:7c:82:4c:5e:86:34:df:7c:
1c:70:f0:4f:f9:75:c6:4b:d5:f6:6e:21:a4:3d:1e:95:a3:ec:
cc:ed:8a:2b:41:2c:27:15:cb:84:c0:cb:ef:98:7d:5e:d0:78:
6c:b9:08:88:d2:eb:88:fd:66:d6:9a:6a:1c:5d:2d:79:69:00:
f7:32:92:b6:92:10:b7:3b:9b:39:b8:2c:56:ce:b5:77:63:56:
22:51:f1:f3:ec:c3:73:bb:4c:f4:a6:64:73:24:db:5b:7d:01:
e4:76:e7:08:ba:f9:cb:df:b0:01:59:88:10:f0:e8:f9:46:71:
54:04:53:13:a1:cd:b2:b2:78:de:d0:36:ed:20:2a:b0:78:15:
02:87:b2:15:ee:ac:ea:ed:8c:dc:60:4d:0c:ef:59:e0:7f:d3:
da:2a:17:a5:b3:7d:0d:d7:40:60:b7:0e:be:24:50:2f:95:92:
10:cb:76:17
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATA8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDg1ODM0WhcNMjYwMjE5MDg1ODM0WjAYMRYw
FAYDVQQDEw02N2JlZDdiZS00N2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0yvz+xA0S/gAstU5yfUx2rfS77EH3GkxqVDLNzty9CGMv3H/o0FWVKC0
gaGxoeIANNdQtg0uAv4UZ4dDG1YsXosfdg2/sF6aTVYE7iCxq+U5gwQF78DuJcDg
Iu//UHsFWTbuwcn/vzUs0unCJhhTtVfQXcy3pHVyuuTPier8UWEm/iO98aDGO2Vj
Rcwu+J3DnWenvoRQnstcZs538mJVcKLdHibfnNFBIjv/2r1Mcim4Be1PSOXdKdv1
nja2ce29rxjEeQN8xTMw2J98OPu8ULSXKeunlYEo22w3ardR6MIWLuRJTKqJsc74
HJgsfbMD8wjFYNwA4rSFpSujaQrAPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLaD
A5JUZVJ5yMBNZ5nwuYLxMdWtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERTExQzNDRUY0MUYxMUVGQjI5QzNENjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwmMA0GCSqGSIb3DQEBCwUA
A4IBAQBhgC+gupIGVt7cgX4vtKAOcA+f1ZLsThyb3R8GRiQ9he6591lfZQdsvJ1I
ApamCc/hI32Hy4wxR9TnnoX6kPW8gW2h1sFAN9nVAwy3ph8oAXxvfIJMXoY033wc
cPBP+XXGS9X2biGkPR6Vo+zM7YorQSwnFcuEwMvvmH1e0HhsuQiI0uuI/WbWmmoc
XS15aQD3MpK2khC3O5s5uCxWzrV3Y1YiUfHz7MNzu0z0pmRzJNtbfQHkducIuvnL
37ABWYgQ8Oj5RnFUBFMToc2ysnje0DbtICqweBUCh7IV7qzq7YzcYE0M71ngf9Pa
Khels30N10Bgtw6+JFAvlZIQy3YX
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:35 2025 by rpki-client