Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F1606AA8023311F0B65B0FA0762E951A.roa
File: F1606AA8023311F0B65B0FA0762E951A.roa (raw, json)
Hash identifier: g9I0u0bfBHAFD5S9ZXiJHP9DffKW1/3vJw4Z34hSpaw=
Subject key identifier: 3B:19:D8:C5:FE:B0:DE:0B:11:6A:2C:9C:62:A8:E9:DA:5D:37:AC:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014653
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F1606AA8023311F0B65B0FA0762E951A.roa
Signing time: Sun 16 Mar 2025 06:57:37 +0000
ROA not before: Sun 16 Mar 2025 06:57:32 +0000
ROA not after: Tue 22 Apr 2025 06:57:32 +0000
asID: 50053
IP address blocks: 156.253.220.0/24 maxlen: 24
156.253.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83539 (0x14653)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 16 06:57:32 2025 GMT
Not After : Apr 22 06:57:32 2025 GMT
Subject: CN=67d67660-4910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:79:e1:61:cb:25:1a:43:e5:ec:b0:fb:ea:f7:
7d:13:35:4d:cb:eb:93:d2:db:c7:e2:ea:21:33:db:
bc:e0:d0:d9:fe:5e:e3:f1:c7:dc:b7:e0:40:ee:d1:
6b:54:69:bc:c6:2b:52:24:2d:52:6f:c6:d8:e0:e2:
6c:1d:d9:2f:0a:81:b5:e7:4a:7b:fe:c4:e3:35:74:
60:62:ab:ea:7c:bb:1f:51:40:cf:0f:d6:c4:31:a1:
03:b6:ee:ae:c3:b6:ee:a8:fc:90:b1:21:9d:87:f8:
6b:e8:1f:ec:76:6c:1c:97:c7:d0:fe:0c:e5:31:38:
e5:54:ea:06:87:b0:42:2a:7c:0b:45:55:cb:90:af:
68:d6:12:d1:cd:33:a6:8a:6f:34:74:01:e9:37:fa:
c3:a7:9e:0f:7d:4a:cf:12:e1:48:7e:b4:9a:f7:36:
6c:0f:37:c1:44:4f:0e:da:46:c4:68:23:06:61:49:
d4:fb:8f:8a:dd:6f:29:2f:f4:85:78:41:58:76:99:
ad:48:ed:24:6f:b2:0f:c3:b4:9c:20:b3:cb:cd:96:
9f:a0:46:dd:32:de:f4:77:17:8f:c5:87:45:f3:f6:
32:cd:7a:c3:dc:b0:a9:2b:a0:8e:46:04:cc:aa:5a:
0a:b9:e1:2a:88:29:c0:62:25:36:2b:43:21:4f:e3:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:19:D8:C5:FE:B0:DE:0B:11:6A:2C:9C:62:A8:E9:DA:5D:37:AC:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F1606AA8023311F0B65B0FA0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.220.0/24
156.253.223.0/24
Signature Algorithm: sha256WithRSAEncryption
15:a0:4f:b7:1a:f5:b7:bb:c9:68:63:d4:22:fb:db:88:80:da:
0b:02:37:b5:98:71:06:7a:00:f2:4b:27:b1:2d:35:55:54:8f:
a5:31:25:ec:6f:ff:26:eb:f4:b8:dc:6a:f1:bd:3c:11:b5:a9:
fc:06:d1:6e:e6:a4:70:9c:cb:65:33:2f:ba:38:e5:22:87:a2:
4d:4f:55:16:20:b6:0d:ca:92:ab:f8:42:1c:26:d7:c2:57:6c:
74:28:22:b0:29:5f:eb:09:6f:79:c7:57:4b:a3:25:d6:fe:4b:
32:d1:9d:94:6f:89:06:64:0f:90:b5:2b:39:2a:10:14:5e:95:
c7:a5:93:77:2b:45:94:10:f0:97:64:2f:45:c9:fd:23:0f:6d:
a4:e8:82:34:db:fb:30:fe:9c:1c:ea:93:95:ed:9d:03:9b:fa:
8c:ea:b7:dc:2e:fd:4f:66:4e:f3:eb:2d:37:73:bd:fb:0e:b3:
31:dc:18:45:8c:36:6b:71:6a:29:28:39:52:ab:4f:bc:2e:10:
01:32:fa:00:80:bf:fd:7e:c4:55:1f:18:7f:91:6b:b5:10:3e:
cf:21:c0:7c:f2:99:34:05:09:f0:6f:c2:a8:18:30:55:87:27:
a7:7b:c4:0d:d8:3f:ad:f9:56:43:a4:0f:ad:d4:79:80:3d:75:
a7:e4:35:13
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUZTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE2MDY1NzMyWhcNMjUwNDIyMDY1NzMyWjAYMRYw
FAYDVQQDEw02N2Q2NzY2MC00OTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1XnhYcslGkPl7LD76vd9EzVNy+uT0tvH4uohM9u84NDZ/l7j8cfct+BA
7tFrVGm8xitSJC1Sb8bY4OJsHdkvCoG150p7/sTjNXRgYqvqfLsfUUDPD9bEMaED
tu6uw7buqPyQsSGdh/hr6B/sdmwcl8fQ/gzlMTjlVOoGh7BCKnwLRVXLkK9o1hLR
zTOmim80dAHpN/rDp54PfUrPEuFIfrSa9zZsDzfBRE8O2kbEaCMGYUnU+4+K3W8p
L/SFeEFYdpmtSO0kb7IPw7ScILPLzZafoEbdMt70dxePxYdF8/YyzXrD3LCpK6CO
RgTMqloKueEqiCnAYiU2K0MhT+OZIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDsZ
2MX+sN4LEWosnGKo6dpdN6wYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMTYwNkFBODAyMzMxMUYwQjY1QjBGQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnP3cAwQAnP3fMA0GCSqGSIb3
DQEBCwUAA4IBAQAVoE+3GvW3u8loY9Qi+9uIgNoLAje1mHEGegDySyexLTVVVI+l
MSXsb/8m6/S43GrxvTwRtan8BtFu5qRwnMtlMy+6OOUih6JNT1UWILYNypKr+EIc
JtfCV2x0KCKwKV/rCW95x1dLoyXW/ksy0Z2Ub4kGZA+QtSs5KhAUXpXHpZN3K0WU
EPCXZC9Fyf0jD22k6II02/sw/pwc6pOV7Z0Dm/qM6rfcLv1PZk7z6y03c737DrMx
3BhFjDZrcWopKDlSq0+8LhABMvoAgL/9fsRVHxh/kWu1ED7PIcB88pk0BQnwb8Ko
GDBVhyene8QN2D+t+VZDpA+t1HmAPXWn5DUT
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:24 2025 by rpki-client