Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F47803F2DFEE11EF934E3ABE762E951A.roa
File: F47803F2DFEE11EF934E3ABE762E951A.roa (raw, json)
Hash identifier: wwh4/ccD+Lb6TY9bv0yLsGyXLl7TyiqZ92OkvzvCKWg=
Subject key identifier: F0:C9:81:FD:57:C4:E9:B6:D6:C1:8F:55:68:7A:5E:09:FF:D5:EC:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011651
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F47803F2DFEE11EF934E3ABE762E951A.roa
Signing time: Fri 31 Jan 2025 16:18:07 +0000
ROA not before: Fri 31 Jan 2025 16:18:02 +0000
ROA not after: Sat 03 Jan 2026 16:18:02 +0000
asID: 40065
IP address blocks: 156.235.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71249 (0x11651)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 31 16:18:02 2025 GMT
Not After : Jan 3 16:18:02 2026 GMT
Subject: CN=679cf7bf-a733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e2:28:6a:bf:de:61:41:82:8a:c6:a7:61:0c:
d5:13:82:8b:80:14:30:04:26:62:20:64:3d:23:d3:
8a:c8:94:43:2d:30:6f:e8:72:05:9c:ec:f8:e9:63:
9e:33:56:7c:6e:90:50:60:32:cf:52:59:fe:d1:b4:
d4:7e:87:01:7f:01:e7:ac:6e:6c:82:b9:4c:e7:8f:
c5:16:ca:52:09:c1:5b:bc:41:8c:61:d1:6e:87:70:
73:17:2c:06:49:ce:af:fe:82:b1:89:d4:14:ee:ed:
59:1d:23:3b:35:f8:59:84:76:95:53:4f:db:52:3f:
68:73:9c:83:f3:d7:8b:bc:f5:e6:e4:13:df:52:e7:
09:6e:2e:11:72:4c:64:d4:7e:00:24:35:a9:40:bb:
f6:50:83:50:f1:01:98:4b:65:03:b7:b5:5f:5c:f0:
3e:2b:53:dd:46:94:f7:3f:6e:8e:65:ce:bb:c2:78:
17:b0:fa:c9:ed:68:64:7d:43:d3:d7:80:08:c2:8f:
02:26:51:d6:d9:87:5c:ce:10:90:38:91:da:68:36:
da:13:eb:91:9d:41:08:3c:af:33:a5:c6:00:81:31:
ce:9c:b0:93:58:aa:c3:83:8b:5d:54:ec:87:bd:d6:
16:eb:f2:86:73:57:33:c5:9a:35:17:cf:6c:17:d2:
86:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C9:81:FD:57:C4:E9:B6:D6:C1:8F:55:68:7A:5E:09:FF:D5:EC:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F47803F2DFEE11EF934E3ABE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.4.0/22
Signature Algorithm: sha256WithRSAEncryption
12:df:57:2b:38:ea:77:cf:5c:9b:ba:39:f4:cd:e4:ce:81:95:
e3:2c:33:16:a5:f7:5a:7b:b2:e7:58:2a:61:af:1b:93:76:2d:
ff:80:b3:01:29:3a:60:f5:68:b2:e2:30:eb:19:71:d2:4c:ea:
aa:a1:c8:1f:0d:18:ec:9f:c5:82:dc:cc:54:5f:84:84:19:b7:
f6:e9:b6:d7:69:13:4a:b6:ad:77:dd:49:42:46:e6:22:c6:ea:
85:64:39:0a:54:b1:3e:1f:21:05:b3:b4:07:ca:d8:4a:fd:85:
fb:3c:13:e0:5f:59:2d:5c:0c:54:0f:be:fc:da:59:ff:bc:18:
e9:f0:d7:a3:1c:eb:41:72:aa:39:ca:5d:a4:e3:9a:dd:96:de:
c3:a8:e7:2a:51:e8:a0:2c:cc:97:62:50:27:02:9c:df:ad:5e:
0c:05:7e:df:5f:71:ca:2f:74:e0:6b:77:2d:fa:e1:13:ca:8f:
27:76:16:09:66:2c:00:86:86:65:db:42:65:80:ed:91:34:be:
ae:ee:b8:b4:e2:ef:a4:0a:98:75:9a:d0:ea:71:d4:8a:a5:aa:
93:20:2c:c1:a4:30:97:73:ca:b6:03:08:d6:16:fb:93:cc:18:
49:b2:d4:5a:f1:c9:13:ae:dc:24:c8:fb:31:88:46:59:20:16:
e1:ea:c6:a0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARZRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTMxMTYxODAyWhcNMjYwMTAzMTYxODAyWjAYMRYw
FAYDVQQDEw02NzljZjdiZi1hNzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtOIoar/eYUGCisanYQzVE4KLgBQwBCZiIGQ9I9OKyJRDLTBv6HIFnOz4
6WOeM1Z8bpBQYDLPUln+0bTUfocBfwHnrG5sgrlM54/FFspSCcFbvEGMYdFuh3Bz
FywGSc6v/oKxidQU7u1ZHSM7NfhZhHaVU0/bUj9oc5yD89eLvPXm5BPfUucJbi4R
ckxk1H4AJDWpQLv2UINQ8QGYS2UDt7VfXPA+K1PdRpT3P26OZc67wngXsPrJ7Whk
fUPT14AIwo8CJlHW2YdczhCQOJHaaDbaE+uRnUEIPK8zpcYAgTHOnLCTWKrDg4td
VOyHvdYW6/KGc1czxZo1F89sF9KG5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPDJ
gf1XxOm21sGPVWh6Xgn/1ex6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNDc4MDNGMkRGRUUxMUVGOTM0RTNBQkU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOsEMA0GCSqGSIb3DQEBCwUA
A4IBAQAS31crOOp3z1ybujn0zeTOgZXjLDMWpfdae7LnWCphrxuTdi3/gLMBKTpg
9Wiy4jDrGXHSTOqqocgfDRjsn8WC3MxUX4SEGbf26bbXaRNKtq133UlCRuYixuqF
ZDkKVLE+HyEFs7QHythK/YX7PBPgX1ktXAxUD7782ln/vBjp8NejHOtBcqo5yl2k
45rdlt7DqOcqUeigLMyXYlAnApzfrV4MBX7fX3HKL3Tga3ct+uETyo8ndhYJZiwA
hoZl20JlgO2RNL6u7ri04u+kCph1mtDqcdSKpaqTICzBpDCXc8q2AwjWFvuTzBhJ
stRa8ckTrtwkyPsxiEZZIBbh6sag
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:06 2025 by rpki-client