Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F22143D4F44811EF91F2A786762E951A.roa
File: F22143D4F44811EF91F2A786762E951A.roa (raw, json)
Hash identifier: pPbNfyadIkq2hIjFNeCwsevfJutmd1b2jPCBShkL5p8=
Subject key identifier: 6C:B8:69:C9:CB:F0:1A:59:01:7E:AA:AB:2F:23:5F:56:AD:91:C8:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01336C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F22143D4F44811EF91F2A786762E951A.roa
Signing time: Wed 26 Feb 2025 13:52:41 +0000
ROA not before: Wed 26 Feb 2025 13:52:37 +0000
ROA not after: Thu 19 Feb 2026 13:52:37 +0000
asID: 984
IP address blocks: 156.231.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78700 (0x1336c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 13:52:37 2025 GMT
Not After : Feb 19 13:52:37 2026 GMT
Subject: CN=67bf1ca9-b8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9e:e1:4a:d2:3b:72:71:9d:64:d5:d2:11:be:
45:37:8d:b6:2d:e0:0d:be:99:19:0a:ca:dc:6b:ba:
bb:d3:f7:cc:49:68:9a:ac:a5:61:60:0e:5d:58:62:
83:a7:74:f8:61:fe:ed:fb:84:85:ba:7a:e4:d5:52:
5b:ad:d5:0f:af:c4:04:06:a0:04:ca:f4:22:83:f1:
37:43:0d:48:f3:a8:00:e4:a2:a9:03:cc:39:fd:a3:
0b:43:19:d1:1f:57:a9:6e:11:fb:dc:84:c5:ce:17:
60:96:44:5f:05:d9:10:81:1f:94:22:a1:e8:99:fb:
a4:58:45:55:5e:65:88:82:6b:a7:b9:b1:5d:1c:29:
4f:48:42:b5:6e:ed:ad:84:87:48:56:df:a9:1d:b7:
70:2e:11:0b:1b:fd:84:49:71:e6:6b:d2:3c:06:7e:
c1:b6:ba:27:63:b4:35:84:ad:64:a9:97:92:07:e8:
e6:14:55:e3:d9:c5:fb:da:d5:ed:0c:f0:42:41:85:
bb:ed:7d:41:b3:34:98:14:dd:e9:ff:f8:b1:f0:fb:
89:f5:2b:90:a3:26:2f:d1:21:82:2e:dd:26:50:3d:
f8:7d:41:d2:fc:e2:22:f6:6b:5f:1b:49:2d:96:d3:
25:84:ee:bb:f1:99:76:35:32:ca:fa:5e:d8:e4:a4:
0a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B8:69:C9:CB:F0:1A:59:01:7E:AA:AB:2F:23:5F:56:AD:91:C8:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F22143D4F44811EF91F2A786762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.143.0/24
Signature Algorithm: sha256WithRSAEncryption
81:14:b4:eb:4a:11:ee:f7:84:0a:96:2a:e6:8c:c2:c7:0b:1b:
ac:df:7d:c8:c6:ab:59:b4:e8:da:9e:e3:50:32:c3:32:0f:09:
58:e8:d5:b5:78:ae:4c:34:d1:39:f0:be:d0:7c:ae:3a:cd:de:
43:83:21:a4:42:1b:e4:5b:1f:b1:e9:d7:e4:7e:a9:92:53:75:
1c:06:f5:ff:e9:96:4d:7c:91:47:a4:b3:17:89:7f:a5:f5:0e:
46:0e:aa:e6:78:57:dd:dd:66:d0:67:b1:6e:a9:d2:8f:b2:5f:
dd:ec:14:5a:b1:b9:25:78:bd:b5:12:e5:95:a8:4f:c0:db:2b:
33:f3:a3:63:fe:0c:08:6d:a8:ea:78:fc:5e:20:08:6d:38:66:
b1:1a:64:6b:41:16:15:ad:c3:a8:06:5a:5f:63:6f:d6:6e:05:
b7:9b:45:2c:15:b7:85:82:c3:89:72:04:44:d6:6a:04:3a:cd:
40:ca:32:49:cf:a9:a3:51:3a:ed:ae:39:10:a3:26:42:ef:96:
79:32:12:d6:77:7f:51:c1:19:23:cd:da:df:e5:ca:83:72:01:
d1:92:41:da:c9:64:45:df:e3:4f:99:80:59:d0:07:4f:4a:2a:
93:27:c1:a1:3e:64:17:57:e8:fc:cc:1d:08:e2:85:d1:0f:a6:
7d:65:cb:18
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATNsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTM1MjM3WhcNMjYwMjE5MTM1MjM3WjAYMRYw
FAYDVQQDEw02N2JmMWNhOS1iOGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwp7hStI7cnGdZNXSEb5FN422LeANvpkZCsrca7q70/fMSWiarKVhYA5d
WGKDp3T4Yf7t+4SFunrk1VJbrdUPr8QEBqAEyvQig/E3Qw1I86gA5KKpA8w5/aML
QxnRH1epbhH73ITFzhdglkRfBdkQgR+UIqHomfukWEVVXmWIgmunubFdHClPSEK1
bu2thIdIVt+pHbdwLhELG/2ESXHma9I8Bn7BtronY7Q1hK1kqZeSB+jmFFXj2cX7
2tXtDPBCQYW77X1BszSYFN3p//ix8PuJ9SuQoyYv0SGCLt0mUD34fUHS/OIi9mtf
G0ktltMlhO678Zl2NTLK+l7Y5KQK8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGy4
acnL8BpZAX6qqy8jX1atkciBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMjIxNDNENEY0NDgxMUVGOTFGMkE3ODY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOePMA0GCSqGSIb3DQEBCwUA
A4IBAQCBFLTrShHu94QKlirmjMLHCxus333IxqtZtOjanuNQMsMyDwlY6NW1eK5M
NNE58L7QfK46zd5DgyGkQhvkWx+x6dfkfqmSU3UcBvX/6ZZNfJFHpLMXiX+l9Q5G
DqrmeFfd3WbQZ7FuqdKPsl/d7BRasbkleL21EuWVqE/A2ysz86Nj/gwIbajqePxe
IAhtOGaxGmRrQRYVrcOoBlpfY2/WbgW3m0UsFbeFgsOJcgRE1moEOs1AyjJJz6mj
UTrtrjkQoyZC75Z5MhLWd39RwRkjzdrf5cqDcgHRkkHayWRF3+NPmYBZ0AdPSiqT
J8GhPmQXV+j8zB0I4oXRD6Z9ZcsY
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:59 2025 by rpki-client