Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E20BD04CE53C11EFA24F5890762E951A.roa
File: E20BD04CE53C11EFA24F5890762E951A.roa (raw, json)
Hash identifier: SkEU64eApFOha04AlajU6PznvSRAwijnb2u+tOgC77k=
Subject key identifier: E1:9A:7F:B2:64:BE:CA:2A:9A:FA:CB:05:08:12:D2:BC:A8:FC:87:0A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011CEB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E20BD04CE53C11EFA24F5890762E951A.roa
Signing time: Fri 07 Feb 2025 10:18:32 +0000
ROA not before: Fri 07 Feb 2025 10:18:29 +0000
ROA not after: Mon 13 Dec 2027 10:18:29 +0000
asID: 17561
IP address blocks: 156.230.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72939 (0x11ceb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 7 10:18:29 2025 GMT
Not After : Dec 13 10:18:29 2027 GMT
Subject: CN=67a5ddf8-ad93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:06:4a:66:fa:4b:b7:dd:e5:a2:f0:6c:2c:98:
61:4b:95:f3:e1:bb:01:a8:77:4d:f1:8f:ca:14:7b:
44:77:6f:43:ad:c8:ab:eb:e6:5e:2c:f2:b8:90:30:
28:56:0f:4c:e6:3b:cb:88:19:9a:16:4b:15:f6:e3:
4c:b1:48:38:07:31:60:db:1b:23:e9:2a:53:1c:5a:
c3:59:59:b9:ff:00:7b:22:b0:16:69:a1:fa:17:c7:
d5:02:b1:c1:63:f0:d2:dd:0b:8a:96:0f:d7:ad:85:
6e:3f:4b:a1:16:16:68:2c:20:d2:17:91:ab:83:91:
4f:b7:89:eb:f3:a7:7d:6e:23:59:37:75:c1:03:9d:
cc:10:dc:83:03:30:ca:c0:e7:f5:4d:80:49:0d:5c:
c1:74:c4:4a:64:ec:a0:d7:02:e0:d2:a2:e8:e0:e1:
45:b4:e4:be:fa:a2:3b:bf:46:73:3c:f4:aa:a4:d9:
cb:fd:b1:f0:db:cf:6a:9e:9e:8e:68:c5:90:a2:08:
d6:9c:44:dd:c3:a0:42:ae:2b:de:7d:a2:b5:6c:17:
77:5b:18:51:a3:59:ab:b2:a3:44:5f:1f:0c:de:81:
c8:65:15:33:7d:00:29:55:85:c9:5c:5f:39:58:37:
67:40:ee:b1:39:a4:68:b0:2f:0c:1f:05:dd:ca:d7:
b4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9A:7F:B2:64:BE:CA:2A:9A:FA:CB:05:08:12:D2:BC:A8:FC:87:0A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E20BD04CE53C11EFA24F5890762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.153.0/24
Signature Algorithm: sha256WithRSAEncryption
76:5d:f1:14:11:dc:a1:bd:6f:6b:c4:82:8c:c5:1a:c5:13:43:
17:22:d4:d8:a9:13:9f:22:1f:01:08:f1:2c:04:8d:f4:9b:0b:
a6:69:c8:f2:a3:7e:e1:8c:d2:5e:41:e6:9e:bc:ba:a0:c6:e7:
e9:ba:3e:30:e5:fe:9f:37:f9:24:6d:9e:d7:53:53:60:96:f8:
fa:7a:7a:c2:60:c4:5c:a3:9f:4a:d0:69:02:cf:22:59:46:9c:
04:26:af:b9:90:be:73:59:63:d1:d6:e6:77:08:81:81:c3:74:
b7:88:5e:c7:53:ab:3e:a1:cd:a2:62:0c:0a:b2:1a:29:aa:fe:
3f:70:64:45:75:f4:8a:da:1b:be:eb:77:3d:d2:ab:67:5b:fb:
b8:20:43:2e:28:1a:60:b8:4c:af:e6:1c:93:2e:e3:c8:3a:48:
f8:09:4b:41:6a:b1:9f:4b:ca:66:e0:74:58:ec:15:f4:ac:0f:
84:d5:9f:aa:8c:58:2f:c3:60:3b:28:42:47:37:89:2a:e4:36:
77:38:9b:d2:d5:30:a5:5d:71:79:38:1d:3c:ae:a5:4e:bb:54:
9c:4e:28:7a:73:6c:c9:26:2d:7c:20:69:a3:47:16:71:b8:f7:
f4:63:dc:c2:a0:62:99:d2:b6:6a:d0:de:29:80:c5:de:f2:55:
21:4d:44:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARzrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjA3MTAxODI5WhcNMjcxMjEzMTAxODI5WjAYMRYw
FAYDVQQDEw02N2E1ZGRmOC1hZDkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwwZKZvpLt93lovBsLJhhS5Xz4bsBqHdN8Y/KFHtEd29Drcir6+ZeLPK4
kDAoVg9M5jvLiBmaFksV9uNMsUg4BzFg2xsj6SpTHFrDWVm5/wB7IrAWaaH6F8fV
ArHBY/DS3QuKlg/XrYVuP0uhFhZoLCDSF5Grg5FPt4nr86d9biNZN3XBA53MENyD
AzDKwOf1TYBJDVzBdMRKZOyg1wLg0qLo4OFFtOS++qI7v0ZzPPSqpNnL/bHw289q
np6OaMWQogjWnETdw6BCrivefaK1bBd3WxhRo1mrsqNEXx8M3oHIZRUzfQApVYXJ
XF85WDdnQO6xOaRosC8MHwXdyte0WQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOGa
f7JkvsoqmvrLBQgS0ryo/IcKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMjBCRDA0Q0U1M0MxMUVGQTI0RjU4OTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOaZMA0GCSqGSIb3DQEBCwUA
A4IBAQB2XfEUEdyhvW9rxIKMxRrFE0MXItTYqROfIh8BCPEsBI30mwumacjyo37h
jNJeQeaevLqgxufpuj4w5f6fN/kkbZ7XU1Nglvj6enrCYMRco59K0GkCzyJZRpwE
Jq+5kL5zWWPR1uZ3CIGBw3S3iF7HU6s+oc2iYgwKshopqv4/cGRFdfSK2hu+63c9
0qtnW/u4IEMuKBpguEyv5hyTLuPIOkj4CUtBarGfS8pm4HRY7BX0rA+E1Z+qjFgv
w2A7KEJHN4kq5DZ3OJvS1TClXXF5OB08rqVOu1ScTih6c2zJJi18IGmjRxZxuPf0
Y9zCoGKZ0rZq0N4pgMXe8lUhTUQa
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:51 2025 by rpki-client