Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F753C7AAF42A11EFAA66C2AF762E951A.roa
File: F753C7AAF42A11EFAA66C2AF762E951A.roa (raw, json)
Hash identifier: nN3VDsxnHORyfRxKu67gE9E7Nam+k+Hb2thAMz4E47A=
Subject key identifier: E9:7C:43:AF:5A:A4:FA:6E:6D:80:98:66:76:53:4C:1C:72:D4:5E:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0130E7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F753C7AAF42A11EFAA66C2AF762E951A.roa
Signing time: Wed 26 Feb 2025 10:18:05 +0000
ROA not before: Wed 26 Feb 2025 10:18:01 +0000
ROA not after: Thu 19 Feb 2026 10:18:01 +0000
asID: 328608
IP address blocks: 156.255.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78055 (0x130e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:18:01 2025 GMT
Not After : Feb 19 10:18:01 2026 GMT
Subject: CN=67beea5d-7700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a2:02:c0:2a:f9:8a:e5:a6:3d:3d:b8:ec:04:
bd:24:9c:54:ca:fc:5a:c0:13:33:04:7f:fb:07:b8:
6e:92:54:06:85:5f:80:7e:d0:05:4a:a7:cb:1d:f5:
e0:e7:e8:e7:83:04:67:fd:e7:2a:6f:2c:dc:f7:71:
09:fa:0e:4a:52:0e:ef:a4:cb:a6:9d:bd:4b:51:96:
f4:aa:dc:a2:11:3e:bd:47:4c:e6:f4:93:0f:97:de:
58:32:7e:f8:c2:b6:09:d7:22:a0:8b:53:46:45:8f:
e6:5d:8e:9f:25:7b:75:42:30:53:57:e7:2d:24:0a:
3a:b5:2a:da:ac:a1:37:83:16:ae:26:22:a3:e9:fe:
24:51:83:d9:09:d5:c3:8b:6a:86:9b:24:91:4d:83:
7c:12:ae:59:7d:73:a3:b6:63:12:56:a0:fa:ca:8a:
c2:eb:23:cb:45:3a:92:32:06:00:99:78:40:d9:76:
eb:0c:6a:50:6c:10:9c:08:8d:aa:ca:21:6f:e3:7c:
3c:c7:bf:2b:fa:0a:2f:50:ed:cd:90:b1:c2:f1:58:
19:41:33:09:d6:e0:26:55:09:51:b8:d8:24:37:64:
74:04:06:eb:4b:f5:33:e6:73:68:51:9c:ce:91:45:
32:68:7f:ab:81:7d:46:16:ed:5e:a1:f1:a0:7e:50:
68:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:7C:43:AF:5A:A4:FA:6E:6D:80:98:66:76:53:4C:1C:72:D4:5E:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F753C7AAF42A11EFAA66C2AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.76.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:13:ce:da:18:78:7b:b4:d5:70:2e:13:be:f9:7b:e5:97:6c:
57:22:dc:27:9b:9f:77:6f:41:f5:31:ba:10:3c:ac:6c:1a:e9:
19:eb:06:9c:38:93:cc:7d:3d:2c:bf:ec:a7:cf:ac:5a:c4:6f:
b7:4c:58:22:a5:ae:fb:a6:0d:81:7d:d4:54:a9:41:a0:ed:fe:
d9:0b:d4:97:9b:10:59:71:6d:a1:40:7e:e6:0c:fd:88:81:40:
72:90:51:71:76:2c:99:d3:a8:6e:c9:83:6d:59:d2:64:5b:0f:
c9:5f:d8:60:eb:45:48:4e:b4:a2:2c:8d:4c:6a:3f:02:84:48:
85:87:7f:d4:57:07:55:81:28:a4:a0:69:5c:36:b9:47:4b:d1:
99:8f:c0:1f:24:a7:16:6c:66:62:4e:d6:da:85:eb:a3:f4:0c:
e0:dd:6b:ba:e7:e1:93:df:0b:38:cc:1c:9e:13:70:c5:50:c9:
b5:38:0e:97:8c:8b:43:76:9e:3f:29:bf:4d:28:68:74:da:dc:
40:52:e2:30:46:1a:0f:9a:ed:f6:81:bf:a9:d7:f6:b3:e3:20:
93:26:ca:c5:b2:f0:6b:6c:50:cb:6b:64:32:e3:40:a9:76:25:
b4:21:63:65:85:6c:80:33:97:5e:05:87:0e:ea:46:dd:a6:cb:
2e:b3:19:f1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATDnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTAxODAxWhcNMjYwMjE5MTAxODAxWjAYMRYw
FAYDVQQDEw02N2JlZWE1ZC03NzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy6ICwCr5iuWmPT247AS9JJxUyvxawBMzBH/7B7huklQGhV+AftAFSqfL
HfXg5+jngwRn/ecqbyzc93EJ+g5KUg7vpMumnb1LUZb0qtyiET69R0zm9JMPl95Y
Mn74wrYJ1yKgi1NGRY/mXY6fJXt1QjBTV+ctJAo6tSrarKE3gxauJiKj6f4kUYPZ
CdXDi2qGmySRTYN8Eq5ZfXOjtmMSVqD6yorC6yPLRTqSMgYAmXhA2XbrDGpQbBCc
CI2qyiFv43w8x78r+govUO3NkLHC8VgZQTMJ1uAmVQlRuNgkN2R0BAbrS/Uz5nNo
UZzOkUUyaH+rgX1GFu1eofGgflBoDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOl8
Q69apPpubYCYZnZTTBxy1F4zMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNzUzQzdBQUY0MkExMUVGQUE2NkMyQUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP9MMA0GCSqGSIb3DQEBCwUA
A4IBAQC1E87aGHh7tNVwLhO++Xvll2xXItwnm593b0H1MboQPKxsGukZ6wacOJPM
fT0sv+ynz6xaxG+3TFgipa77pg2BfdRUqUGg7f7ZC9SXmxBZcW2hQH7mDP2IgUBy
kFFxdiyZ06huyYNtWdJkWw/JX9hg60VITrSiLI1Maj8ChEiFh3/UVwdVgSikoGlc
NrlHS9GZj8AfJKcWbGZiTtbaheuj9Azg3Wu65+GT3ws4zByeE3DFUMm1OA6XjItD
dp4/Kb9NKGh02txAUuIwRhoPmu32gb+p1/az4yCTJsrFsvBrbFDLa2Qy40CpdiW0
IWNlhWyAM5deBYcO6kbdpssusxnx
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:10 2025 by rpki-client