Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EC2CF26E018811F0BECDF150762E951A.roa
File: EC2CF26E018811F0BECDF150762E951A.roa (raw, json)
Hash identifier: VhErbkAwWarSyaPIGMFWNBjaWRcCcZHDZo4owk3x9vw=
Subject key identifier: 07:14:28:91:58:69:70:E8:6A:C4:FC:94:06:32:57:F9:8F:48:D9:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014648
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EC2CF26E018811F0BECDF150762E951A.roa
Signing time: Sat 15 Mar 2025 10:33:24 +0000
ROA not before: Sat 15 Mar 2025 10:33:19 +0000
ROA not after: Mon 21 Apr 2025 10:33:19 +0000
asID: 153656
IP address blocks: 156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83528 (0x14648)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 15 10:33:19 2025 GMT
Not After : Apr 21 10:33:19 2025 GMT
Subject: CN=67d55774-7178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:18:5e:c2:3e:68:61:39:2f:f9:5b:f0:f9:8a:
2e:7a:79:70:11:17:b9:4d:bf:4d:57:26:c7:75:5d:
d3:ce:6a:7f:bf:d4:08:d7:b9:bc:af:07:8e:88:ca:
fa:6a:4e:ba:93:8f:51:89:65:5c:24:35:17:78:25:
24:c8:60:b9:a2:71:b6:27:a7:6d:e8:0b:e6:80:5c:
fc:c7:8c:b6:ac:88:51:3f:d8:3e:a6:9a:09:0d:34:
e9:90:f8:09:7b:d7:6d:28:a5:02:4d:bc:b6:fc:1a:
00:99:09:5f:1d:38:f8:62:36:a8:58:a5:9e:bc:15:
7f:4b:7f:48:19:58:8c:f9:79:b2:9e:90:11:9b:5e:
72:92:1a:57:59:93:43:62:00:2d:93:f1:26:c0:fe:
a4:4f:c2:89:7c:e8:89:95:9c:d0:7e:9d:04:77:6e:
df:9a:e3:dd:09:96:3e:86:97:3f:8b:63:36:89:6b:
95:2f:41:87:63:2a:78:ee:8f:5b:e9:88:05:cf:8c:
5a:3a:15:a2:92:d2:67:8c:1f:66:1b:9e:eb:db:89:
5d:61:07:52:fc:06:cd:7d:27:72:37:68:2d:dc:9d:
34:90:13:c3:27:07:f7:6d:e3:b7:25:58:37:30:de:
ab:53:da:82:7b:a7:c3:c7:75:de:6e:34:e5:e9:0a:
22:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:14:28:91:58:69:70:E8:6A:C4:FC:94:06:32:57:F9:8F:48:D9:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EC2CF26E018811F0BECDF150762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
97:5e:91:d7:4d:12:44:04:cc:2d:56:31:eb:7a:b7:43:da:f3:
42:2f:17:75:d8:ee:19:b0:7d:ca:da:de:24:d0:06:30:a6:ef:
a4:af:d5:c5:b5:b0:8e:ef:8f:d8:7c:10:54:cb:6d:cf:86:86:
f3:8a:77:d7:e7:62:3d:2c:47:bf:3a:ed:58:90:61:ff:5d:dd:
b2:ee:ba:98:62:b0:72:9e:ee:5e:35:78:4e:d7:76:b6:be:77:
dc:ff:a4:2f:c2:f0:cc:06:3f:85:13:4f:f1:f1:7b:f7:2d:d3:
d1:82:b6:be:e7:af:cb:72:a9:dd:ce:7e:75:6d:8a:91:43:01:
e6:f1:20:40:da:85:ab:01:63:10:ff:e6:54:fe:a6:35:01:ce:
da:d5:3e:71:9b:04:21:74:ad:a6:10:f3:20:d1:e7:e6:4c:aa:
e8:a6:c6:95:f2:47:82:7e:ef:24:0d:79:56:cc:c4:16:d4:a8:
9e:71:a9:5d:7e:3e:c0:66:5e:73:82:7e:77:07:1d:37:16:f3:
99:86:84:1d:ea:c4:f8:40:24:3a:14:21:64:b0:f6:42:9e:bd:
2f:dc:13:fa:df:29:4d:f9:ac:d6:76:24:6c:44:14:0d:cf:11:
55:e9:da:1a:4a:bf:1e:f6:c3:c1:a5:12:af:9a:cb:a1:20:82:
42:a4:c0:a4
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUZIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE1MTAzMzE5WhcNMjUwNDIxMTAzMzE5WjAYMRYw
FAYDVQQDEw02N2Q1NTc3NC03MTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyRhewj5oYTkv+Vvw+YouenlwERe5Tb9NVybHdV3Tzmp/v9QI17m8rweO
iMr6ak66k49RiWVcJDUXeCUkyGC5onG2J6dt6AvmgFz8x4y2rIhRP9g+ppoJDTTp
kPgJe9dtKKUCTby2/BoAmQlfHTj4YjaoWKWevBV/S39IGViM+XmynpARm15ykhpX
WZNDYgAtk/EmwP6kT8KJfOiJlZzQfp0Ed27fmuPdCZY+hpc/i2M2iWuVL0GHYyp4
7o9b6YgFz4xaOhWiktJnjB9mG57r24ldYQdS/AbNfSdyN2gt3J00kBPDJwf3beO3
JVg3MN6rU9qCe6fDx3XebjTl6QoiMwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAcU
KJFYaXDoasT8lAYyV/mPSNnfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQzJDRjI2RTAxODgxMUYwQkVDREYxNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWc/iADBAWc/kAwDQYJKoZI
hvcNAQELBQADggEBAJdekddNEkQEzC1WMet6t0Pa80IvF3XY7hmwfcra3iTQBjCm
76Sv1cW1sI7vj9h8EFTLbc+GhvOKd9fnYj0sR7867ViQYf9d3bLuuphisHKe7l41
eE7Xdra+d9z/pC/C8MwGP4UTT/Hxe/ct09GCtr7nr8tyqd3OfnVtipFDAebxIEDa
hasBYxD/5lT+pjUBztrVPnGbBCF0raYQ8yDR5+ZMquimxpXyR4J+7yQNeVbMxBbU
qJ5xqV1+PsBmXnOCfncHHTcW85mGhB3qxPhAJDoUIWSw9kKevS/cE/rfKU35rNZ2
JGxEFA3PEVXp2hpKvx72w8GlEq+ay6EggkKkwKQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:03 2025 by rpki-client