Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FAF0D2680A2D11F099BAC66B762E951A.roa
File: FAF0D2680A2D11F099BAC66B762E951A.roa (raw, json)
Hash identifier: ZFgE5+5o2wLfNp8BMEdQsI24DiK9AuojFHJxA/D5gq0=
Subject key identifier: FA:96:64:9D:84:9B:2D:D1:EA:F6:03:64:BF:07:E6:4E:B1:6C:7A:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014860
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FAF0D2680A2D11F099BAC66B762E951A.roa
Signing time: Wed 26 Mar 2025 10:35:05 +0000
ROA not before: Wed 26 Mar 2025 10:35:00 +0000
ROA not after: Thu 01 May 2025 10:35:00 +0000
asID: 20473
IP address blocks: 156.246.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84064 (0x14860)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 26 10:35:00 2025 GMT
Not After : May 1 10:35:00 2025 GMT
Subject: CN=67e3d859-e742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:51:c4:23:c6:3f:a3:60:e2:f5:c9:ec:50:14:
a6:3f:54:79:56:bb:15:19:d0:fb:bc:b7:bd:73:fd:
b7:3e:42:55:61:a0:ca:23:81:72:29:23:dc:78:4c:
3e:3c:e7:28:55:0d:bf:6c:69:fd:6f:98:fd:22:58:
84:73:5e:3e:a7:77:c0:49:82:d5:85:e2:b6:89:a2:
fc:4f:b4:cf:77:38:7d:b4:66:75:f9:89:a2:4c:fa:
e6:b0:bf:61:61:16:95:2b:bc:e5:d2:5d:52:f1:08:
46:e4:90:8e:4a:ee:8d:e7:b8:de:14:1c:36:7b:33:
8a:bc:79:f9:46:3a:cf:e5:f6:6f:09:34:85:b6:90:
fb:93:1d:cc:85:cb:bf:f4:1d:d2:e8:b8:30:5d:6f:
8b:dd:82:f8:50:7f:c5:13:94:b2:99:1b:88:6e:e5:
f1:d7:11:08:9f:38:99:fa:75:1d:6a:60:d3:59:9e:
96:4d:0c:90:48:16:15:55:00:02:d7:bf:54:bf:f9:
6b:74:6c:4b:c6:34:ff:33:04:fa:18:3c:28:95:e6:
58:82:88:43:48:5e:85:90:ac:f1:aa:7a:49:af:2a:
52:04:3d:1b:c4:d2:55:23:f6:58:ff:9a:17:b9:6c:
cc:57:2c:fb:de:94:fa:0d:48:ab:e8:99:29:53:72:
73:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:96:64:9D:84:9B:2D:D1:EA:F6:03:64:BF:07:E6:4E:B1:6C:7A:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FAF0D2680A2D11F099BAC66B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.29.0/24
Signature Algorithm: sha256WithRSAEncryption
19:31:55:69:5b:61:10:e3:66:28:e5:b8:c5:bd:81:a7:57:5a:
02:e3:db:6e:45:6a:fb:81:1e:71:b3:7f:20:47:08:3f:04:b6:
d2:9c:7c:4e:78:3f:4f:82:11:36:d6:2a:4f:e5:d4:bc:a8:76:
26:b7:26:c8:36:cc:44:f2:58:cc:a0:c2:cd:c3:f9:b2:ec:e3:
aa:49:44:b1:bb:71:16:8d:b0:81:3d:e9:10:29:21:06:d8:be:
2c:3f:b1:2e:3e:f8:7f:5a:fb:7a:d5:76:5f:64:6a:4d:0e:29:
3b:85:20:81:a6:e6:3d:42:c9:d0:5b:a7:9e:39:a8:e3:ba:0f:
05:0b:d3:32:32:75:97:ed:ee:75:6b:aa:ea:79:5a:a7:db:c2:
20:14:fd:d7:2b:9f:73:b7:c5:47:06:a8:d8:09:57:94:73:03:
02:24:aa:1a:16:56:a9:9f:76:fd:ad:77:da:8d:75:b0:35:8b:
e2:74:4c:72:34:d6:a2:78:29:48:33:f9:53:3d:ce:4c:a5:8b:
60:bc:4d:b0:59:5b:6d:20:b9:ae:cf:89:dc:8d:ae:4c:92:20:
11:c9:37:c9:65:72:a9:35:ff:ee:e0:b7:4d:7d:42:a5:67:53:
20:e2:7f:13:b2:09:99:4b:c5:be:7b:74:21:5e:5c:fd:d8:d8:
44:0b:5c:5d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUhgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI2MTAzNTAwWhcNMjUwNTAxMTAzNTAwWjAYMRYw
FAYDVQQDEw02N2UzZDg1OS1lNzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvVHEI8Y/o2Di9cnsUBSmP1R5VrsVGdD7vLe9c/23PkJVYaDKI4FyKSPc
eEw+POcoVQ2/bGn9b5j9IliEc14+p3fASYLVheK2iaL8T7TPdzh9tGZ1+YmiTPrm
sL9hYRaVK7zl0l1S8QhG5JCOSu6N57jeFBw2ezOKvHn5RjrP5fZvCTSFtpD7kx3M
hcu/9B3S6LgwXW+L3YL4UH/FE5SymRuIbuXx1xEInziZ+nUdamDTWZ6WTQyQSBYV
VQAC179Uv/lrdGxLxjT/MwT6GDwoleZYgohDSF6FkKzxqnpJrypSBD0bxNJVI/ZY
/5oXuWzMVyz73pT6DUir6JkpU3JzkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPqW
ZJ2Emy3R6vYDZL8H5k6xbHoiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQUYwRDI2ODBBMkQxMUYwOTlCQUM2NkI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPYdMA0GCSqGSIb3DQEBCwUA
A4IBAQAZMVVpW2EQ42Yo5bjFvYGnV1oC49tuRWr7gR5xs38gRwg/BLbSnHxOeD9P
ghE21ipP5dS8qHYmtybINsxE8ljMoMLNw/my7OOqSUSxu3EWjbCBPekQKSEG2L4s
P7EuPvh/Wvt61XZfZGpNDik7hSCBpuY9QsnQW6eeOajjug8FC9MyMnWX7e51a6rq
eVqn28IgFP3XK59zt8VHBqjYCVeUcwMCJKoaFlapn3b9rXfajXWwNYvidExyNNai
eClIM/lTPc5MpYtgvE2wWVttILmuz4ncja5MkiARyTfJZXKpNf/u4LdNfUKlZ1Mg
4n8TsgmZS8W+e3QhXlz92NhEC1xd
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:12:05 2025 by rpki-client