Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FBD589FEF4B011EF93EC475B762E951A.roa
File: FBD589FEF4B011EF93EC475B762E951A.roa (raw, json)
Hash identifier: 1r37an3y90KHa2481YBW6hAaboQLYtS0ui6filVRZ60=
Subject key identifier: 52:F6:0E:4F:1D:D8:C1:14:A1:CA:B8:EB:7F:5B:56:48:65:D5:56:03
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0138B0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FBD589FEF4B011EF93EC475B762E951A.roa
Signing time: Thu 27 Feb 2025 02:17:25 +0000
ROA not before: Thu 27 Feb 2025 02:17:21 +0000
ROA not after: Thu 19 Feb 2026 02:17:21 +0000
asID: 984
IP address blocks: 156.247.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80048 (0x138b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 27 02:17:21 2025 GMT
Not After : Feb 19 02:17:21 2026 GMT
Subject: CN=67bfcb35-5bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f3:29:f3:79:0a:6d:38:df:10:3a:6a:7e:94:
b5:ef:da:ef:12:91:06:89:80:3e:54:28:aa:6b:0b:
40:e5:1a:e8:07:3d:17:06:06:40:43:3c:29:82:cf:
25:89:dc:2d:65:ec:35:64:50:27:8f:28:91:ea:f0:
4c:aa:90:2e:47:52:6e:36:73:59:fa:f5:cb:b9:7a:
23:73:11:9e:4b:c2:41:61:cb:f0:fe:7c:a1:95:d7:
fd:73:4d:0a:92:00:bf:6a:f5:fe:28:ec:29:c3:01:
ea:bc:12:a9:a4:bc:8d:84:5b:c8:f1:11:4e:89:7d:
5a:49:0e:c8:46:ee:39:68:21:0f:1e:0d:3e:9e:53:
32:c6:91:7d:0d:cd:81:16:55:84:8a:c6:6a:a1:6d:
c5:9b:a8:f5:f7:6c:61:f4:cd:f4:08:8a:d6:b5:e4:
b2:2d:98:81:c4:3e:8c:b5:05:7f:55:f9:09:60:fd:
f0:ae:a4:35:b9:92:4a:28:de:7a:32:c3:72:b1:ec:
c0:3b:03:43:7e:bc:65:ad:06:91:32:b7:aa:33:50:
92:2a:c5:b4:10:bc:6a:c2:38:ba:f8:7a:0c:24:3b:
0b:57:0a:15:f5:87:02:29:cc:36:ad:09:40:8e:05:
52:79:53:4f:5c:fc:e5:d7:20:81:1e:f2:de:6b:06:
21:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F6:0E:4F:1D:D8:C1:14:A1:CA:B8:EB:7F:5B:56:48:65:D5:56:03
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FBD589FEF4B011EF93EC475B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.56.0/24
Signature Algorithm: sha256WithRSAEncryption
76:1f:18:ed:92:f8:03:26:3f:39:70:e3:08:56:1d:83:60:7a:
ef:48:fe:ef:80:42:87:5d:da:af:1c:5a:57:d6:6e:00:86:06:
96:bd:57:89:82:2c:93:35:00:de:5e:10:d2:fc:64:96:90:52:
b3:bf:7e:09:91:78:57:b0:cd:1c:5e:be:c2:71:0a:86:0f:f1:
38:3c:1b:c6:21:35:ec:a2:d0:97:bc:50:24:e6:d4:a7:63:d0:
0a:2c:c0:a6:eb:b6:e6:2f:2a:fb:62:cf:95:c7:a3:db:f2:eb:
12:16:d0:f9:83:77:63:a8:52:af:d4:ac:73:af:c4:b8:fb:b3:
6e:66:58:9d:1e:18:f8:52:7c:12:1f:d3:6e:83:3e:1c:6a:42:
ec:53:cc:b8:3e:c3:8e:0d:9a:b8:53:a6:aa:f8:f8:af:21:49:
73:28:ae:35:d4:ac:df:ad:6a:30:d6:1e:dc:e3:6a:6c:f9:2e:
33:0c:4a:ff:e4:b4:96:ab:b3:d5:46:b2:bc:bf:49:c3:49:2f:
71:2f:9d:99:bb:a3:ea:40:73:de:f4:bb:8a:ff:8a:fe:43:4c:
6e:3e:60:28:e8:6e:c1:38:9c:c3:9f:a7:37:26:e2:f2:f7:05:
b9:c9:68:6c:1e:02:ad:92:a9:d0:62:92:67:c0:08:ae:ab:e5:
f2:a8:7f:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATiwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI3MDIxNzIxWhcNMjYwMjE5MDIxNzIxWjAYMRYw
FAYDVQQDEw02N2JmY2IzNS01YmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3vMp83kKbTjfEDpqfpS179rvEpEGiYA+VCiqawtA5RroBz0XBgZAQzwp
gs8lidwtZew1ZFAnjyiR6vBMqpAuR1JuNnNZ+vXLuXojcxGeS8JBYcvw/nyhldf9
c00KkgC/avX+KOwpwwHqvBKppLyNhFvI8RFOiX1aSQ7IRu45aCEPHg0+nlMyxpF9
Dc2BFlWEisZqoW3Fm6j192xh9M30CIrWteSyLZiBxD6MtQV/VfkJYP3wrqQ1uZJK
KN56MsNysezAOwNDfrxlrQaRMreqM1CSKsW0ELxqwji6+HoMJDsLVwoV9YcCKcw2
rQlAjgVSeVNPXPzl1yCBHvLeawYh0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFL2
Dk8d2MEUocq4639bVkhl1VYDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQkQ1ODlGRUY0QjAxMUVGOTNFQzQ3NUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPc4MA0GCSqGSIb3DQEBCwUA
A4IBAQB2HxjtkvgDJj85cOMIVh2DYHrvSP7vgEKHXdqvHFpX1m4AhgaWvVeJgiyT
NQDeXhDS/GSWkFKzv34JkXhXsM0cXr7CcQqGD/E4PBvGITXsotCXvFAk5tSnY9AK
LMCm67bmLyr7Ys+Vx6Pb8usSFtD5g3djqFKv1Kxzr8S4+7NuZlidHhj4UnwSH9Nu
gz4cakLsU8y4PsOODZq4U6aq+PivIUlzKK411KzfrWow1h7c42ps+S4zDEr/5LSW
q7PVRrK8v0nDSS9xL52Zu6PqQHPe9LuK/4r+Q0xuPmAo6G7BOJzDn6c3JuLy9wW5
yWhsHgKtkqnQYpJnwAiuq+XyqH/z
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:04 2025 by rpki-client