Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB534E9AF44611EFA5593477762E951A.roa
File: FB534E9AF44611EFA5593477762E951A.roa (raw, json)
Hash identifier: ucDrM4z+Z9Hz06AbeF7SST3GiZojNZlAgNeNF2v1Euw=
Subject key identifier: 8D:E3:1D:07:32:48:4B:D3:28:3A:05:53:C0:EA:9F:E9:DC:D5:E8:2D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013342
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB534E9AF44611EFA5593477762E951A.roa
Signing time: Wed 26 Feb 2025 13:38:37 +0000
ROA not before: Wed 26 Feb 2025 13:38:34 +0000
ROA not after: Thu 19 Feb 2026 13:38:34 +0000
asID: 984
IP address blocks: 156.252.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78658 (0x13342)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 13:38:34 2025 GMT
Not After : Feb 19 13:38:34 2026 GMT
Subject: CN=67bf195d-9072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:02:54:f3:21:3e:13:3d:68:e2:f2:85:9a:ff:
40:76:51:c6:a4:b6:aa:3c:c7:93:84:63:1b:ae:64:
33:9b:d5:25:a8:98:e2:39:28:e0:ef:64:31:be:22:
e8:cd:85:f6:68:80:b1:43:26:43:0a:c5:1c:2b:bc:
b1:03:c7:14:3b:99:da:6f:5f:ee:51:b4:1f:74:6c:
42:48:5b:c6:e3:ad:f8:db:3d:ec:c7:31:75:ab:90:
53:4a:4a:3e:8f:1e:18:0c:cd:a1:3b:d3:47:c4:6f:
3e:04:e9:22:03:c7:de:9f:51:59:83:d7:84:11:ec:
12:9f:40:a2:e4:9d:15:c8:e1:b8:24:11:2e:5c:cc:
7f:1f:9e:0b:04:96:4f:d5:c3:bc:8c:34:2f:2a:ec:
3b:2c:00:29:b6:dd:dc:91:78:47:76:d8:4a:07:d3:
d1:48:aa:7f:45:c0:6e:6a:50:db:45:2f:54:cc:ef:
ab:f6:31:bd:bd:55:47:cd:37:21:d2:c9:2b:ec:41:
6a:ef:44:bc:66:eb:3c:a1:26:36:7b:cc:0b:cc:60:
c4:67:f4:ed:eb:cb:d8:40:bc:47:3f:a8:31:64:d3:
42:51:2c:8d:6a:b7:03:aa:34:f7:32:43:a1:eb:06:
e3:cd:d1:55:54:a7:dc:31:8a:41:f5:7d:b5:29:83:
5c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E3:1D:07:32:48:4B:D3:28:3A:05:53:C0:EA:9F:E9:DC:D5:E8:2D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB534E9AF44611EFA5593477762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.173.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:8b:9d:81:63:bc:25:63:f7:86:99:68:a9:31:48:9f:b1:b8:
04:8a:8d:aa:d4:33:03:97:e6:25:b2:16:bd:24:d0:c4:46:38:
0e:64:ae:fb:73:88:84:fe:01:48:04:60:55:6d:80:36:bf:2b:
b2:ff:59:c5:84:29:63:83:23:3b:26:d5:7b:0a:1f:90:e5:56:
12:ef:97:7d:9d:7c:82:7c:b4:84:e0:21:76:52:ce:52:44:15:
5c:a6:5e:e1:d3:72:e1:97:00:1f:97:cf:31:94:29:b0:6f:a3:
c5:d8:42:1b:a3:61:fa:2d:0b:6d:ec:67:ba:56:92:89:5a:5d:
07:c5:3e:03:b4:75:36:22:fe:44:af:72:7b:01:47:42:11:8c:
b5:bc:0d:20:99:4e:57:fe:62:b1:7e:18:79:9c:8a:b3:29:36:
43:a5:15:46:43:fa:83:73:c3:01:5b:fa:8e:a7:c6:8c:ae:2c:
ea:2e:f8:fc:04:5e:f3:c1:22:38:c7:89:4b:2d:18:e2:04:0f:
86:64:44:cb:93:f3:cf:43:f5:e5:cd:fb:12:6b:6e:d4:1f:4d:
a8:0c:83:89:e7:ec:03:97:f9:41:58:d7:91:d6:3c:ed:db:18:
88:9d:db:86:b8:08:95:e1:27:3e:ed:28:e2:a0:8e:1e:37:98:
d4:bf:c2:69
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATNCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTMzODM0WhcNMjYwMjE5MTMzODM0WjAYMRYw
FAYDVQQDEw02N2JmMTk1ZC05MDcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4gJU8yE+Ez1o4vKFmv9AdlHGpLaqPMeThGMbrmQzm9UlqJjiOSjg72Qx
viLozYX2aICxQyZDCsUcK7yxA8cUO5nab1/uUbQfdGxCSFvG46342z3sxzF1q5BT
Sko+jx4YDM2hO9NHxG8+BOkiA8fen1FZg9eEEewSn0Ci5J0VyOG4JBEuXMx/H54L
BJZP1cO8jDQvKuw7LAAptt3ckXhHdthKB9PRSKp/RcBualDbRS9UzO+r9jG9vVVH
zTch0skr7EFq70S8Zus8oSY2e8wLzGDEZ/Tt68vYQLxHP6gxZNNCUSyNarcDqjT3
MkOh6wbjzdFVVKfcMYpB9X21KYNcyQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI3j
HQcySEvTKDoFU8Dqn+nc1egtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjUzNEU5QUY0NDYxMUVGQTU1OTM0Nzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPytMA0GCSqGSIb3DQEBCwUA
A4IBAQBvi52BY7wlY/eGmWipMUifsbgEio2q1DMDl+Ylsha9JNDERjgOZK77c4iE
/gFIBGBVbYA2vyuy/1nFhCljgyM7JtV7Ch+Q5VYS75d9nXyCfLSE4CF2Us5SRBVc
pl7h03LhlwAfl88xlCmwb6PF2EIbo2H6LQtt7Ge6VpKJWl0HxT4DtHU2Iv5Er3J7
AUdCEYy1vA0gmU5X/mKxfhh5nIqzKTZDpRVGQ/qDc8MBW/qOp8aMrizqLvj8BF7z
wSI4x4lLLRjiBA+GZETLk/PPQ/XlzfsSa27UH02oDIOJ5+wDl/lBWNeR1jzt2xiI
nduGuAiV4Sc+7SjioI4eN5jUv8Jp
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:22:34 2025 by rpki-client