Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF0C0054F47811EFA7691B54762E951A.roa
File: FF0C0054F47811EFA7691B54762E951A.roa (raw, json)
Hash identifier: 4ZwIGXR3oKeUW2ugwC7lb2Ht16WXMOGsTT4Nc6ixr/Y=
Subject key identifier: B4:33:AA:25:C1:23:76:92:3B:95:8B:F4:68:67:75:44:3C:2B:F3:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01371D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF0C0054F47811EFA7691B54762E951A.roa
Signing time: Wed 26 Feb 2025 19:36:38 +0000
ROA not before: Wed 26 Feb 2025 19:36:35 +0000
ROA not after: Thu 19 Feb 2026 19:36:35 +0000
asID: 984
IP address blocks: 156.247.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79645 (0x1371d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 19:36:35 2025 GMT
Not After : Feb 19 19:36:35 2026 GMT
Subject: CN=67bf6d46-6b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c6:e0:4d:9d:3b:b7:3e:f5:58:34:1d:d9:1c:
2f:c7:18:1c:a0:19:17:53:ff:bd:8a:0d:6a:01:57:
6e:7b:fa:bd:d8:4f:56:d8:ff:c1:c4:24:75:82:21:
e2:7a:b3:cc:8a:97:8d:ed:5c:e5:ce:0d:1e:04:8b:
4d:dc:82:74:e8:54:42:cd:41:5c:4c:2f:9c:b6:8f:
3b:ee:ed:59:71:04:a0:80:b8:f1:c4:5d:9b:7a:d5:
32:9d:b2:c8:29:51:4e:9a:5a:58:71:07:5f:2c:35:
50:ce:3c:a6:bf:fb:35:5b:fb:0b:21:d7:ff:86:6f:
5a:37:a2:71:56:e7:aa:60:f5:a1:72:27:36:b8:3d:
63:5b:e5:af:c5:03:d5:e0:70:07:df:6f:77:83:88:
73:34:b5:73:a0:b0:f7:35:e5:6c:ca:5d:82:b9:ef:
a7:67:2a:d6:78:fe:1a:0f:5f:8a:e3:6c:f3:e0:2a:
83:e5:65:42:8a:80:87:5a:7f:1d:60:9d:4d:2d:fe:
70:aa:d1:7f:91:15:e7:86:36:f0:29:9e:64:d0:20:
9b:1d:18:5f:d8:c1:f4:ab:7c:67:4b:b6:77:46:db:
97:57:17:8f:bc:df:cd:52:fd:30:86:0b:4a:41:d9:
b2:7b:f1:c2:b0:06:e2:bf:65:7a:f0:1a:41:30:bf:
bc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:33:AA:25:C1:23:76:92:3B:95:8B:F4:68:67:75:44:3C:2B:F3:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF0C0054F47811EFA7691B54762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.35.0/24
Signature Algorithm: sha256WithRSAEncryption
57:80:65:de:52:83:e4:62:30:59:4b:c3:e9:17:5d:16:5f:61:
9c:06:3d:27:6b:6d:61:b5:ba:5d:d3:ed:30:f7:73:dd:a2:95:
4e:89:0c:32:09:5f:08:a5:ed:34:33:13:7f:76:bf:16:94:b1:
af:80:6f:2c:4b:5c:df:54:0d:3c:97:e2:e5:07:47:95:1a:f1:
bb:98:eb:bd:9c:9e:5b:c7:d8:11:fe:26:62:32:22:f6:0f:f1:
02:74:5b:91:29:e5:ce:c3:56:6d:89:f7:47:5f:b1:95:8c:46:
0b:23:61:77:ec:13:7d:dc:c2:0c:99:78:dc:63:25:e6:44:f5:
d7:fd:91:79:07:c6:fb:24:66:6c:51:83:93:c2:a1:c1:ad:df:
8e:cf:74:f1:b6:f5:44:54:1a:25:56:37:01:f6:f6:12:93:8b:
dd:51:31:4c:c6:ad:75:eb:77:f1:14:1f:05:27:7c:7b:55:b1:
e1:2d:4f:d2:6f:d0:dc:bf:61:7f:4e:9a:50:ea:f3:90:a2:38:
92:44:f0:d2:2f:3f:d4:a1:2e:43:f5:c7:b0:eb:5a:e4:3c:95:
2b:9c:0e:91:2b:3c:cb:f6:cd:7d:4d:ff:0e:a3:39:97:50:7c:
de:b3:73:56:7b:a4:cb:fc:ea:30:8a:52:b8:a8:61:ca:f4:24:
c4:11:df:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATcdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTkzNjM1WhcNMjYwMjE5MTkzNjM1WjAYMRYw
FAYDVQQDEw02N2JmNmQ0Ni02YjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2sbgTZ07tz71WDQd2RwvxxgcoBkXU/+9ig1qAVdue/q92E9W2P/BxCR1
giHierPMipeN7Vzlzg0eBItN3IJ06FRCzUFcTC+cto877u1ZcQSggLjxxF2betUy
nbLIKVFOmlpYcQdfLDVQzjymv/s1W/sLIdf/hm9aN6JxVueqYPWhcic2uD1jW+Wv
xQPV4HAH3293g4hzNLVzoLD3NeVsyl2Cue+nZyrWeP4aD1+K42zz4CqD5WVCioCH
Wn8dYJ1NLf5wqtF/kRXnhjbwKZ5k0CCbHRhf2MH0q3xnS7Z3RtuXVxePvN/NUv0w
hgtKQdmye/HCsAbiv2V68BpBML+8cQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLQz
qiXBI3aSO5WL9GhndUQ8K/M4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRjBDMDA1NEY0NzgxMUVGQTc2OTFCNTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcjMA0GCSqGSIb3DQEBCwUA
A4IBAQBXgGXeUoPkYjBZS8PpF10WX2GcBj0na21htbpd0+0w93PdopVOiQwyCV8I
pe00MxN/dr8WlLGvgG8sS1zfVA08l+LlB0eVGvG7mOu9nJ5bx9gR/iZiMiL2D/EC
dFuRKeXOw1ZtifdHX7GVjEYLI2F37BN93MIMmXjcYyXmRPXX/ZF5B8b7JGZsUYOT
wqHBrd+Oz3TxtvVEVBolVjcB9vYSk4vdUTFMxq1163fxFB8FJ3x7VbHhLU/Sb9Dc
v2F/TppQ6vOQojiSRPDSLz/UoS5D9cew61rkPJUrnA6RKzzL9s19Tf8OozmXUHze
s3NWe6TL/OowilK4qGHK9CTEEd+L
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:54 2025 by rpki-client