Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/319C389617AA11F08D6D65F26DB8BCC6.roa
File: 319C389617AA11F08D6D65F26DB8BCC6.roa (raw, json)
Hash identifier: p5jsxfGt439e+ro8HnSpRP2yzlF4XeNRzlFCkNIDTOo=
Subject key identifier: 8F:73:71:4A:6B:B4:D1:86:C8:C7:22:CC:F5:4C:95:AC:F5:BA:86:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014BE4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/319C389617AA11F08D6D65F26DB8BCC6.roa
Signing time: Sat 12 Apr 2025 14:26:59 +0000
ROA not before: Sat 12 Apr 2025 14:26:55 +0000
ROA not after: Mon 09 Jun 2025 14:26:55 +0000
asID: 134823
IP address blocks: 156.234.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84964 (0x14be4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 12 14:26:55 2025 GMT
Not After : Jun 9 14:26:55 2025 GMT
Subject: CN=67fa7833-e332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:da:e7:0d:69:2a:71:67:96:b9:73:23:bd:6e:
aa:ab:94:81:cc:6a:94:47:28:5c:b7:a9:bb:94:7b:
d1:29:a1:d6:6a:9e:79:bd:fa:5a:90:7a:ce:f7:ff:
eb:cb:a2:2a:7a:ca:15:15:23:6f:8e:4a:21:37:ea:
33:5b:e4:96:d5:c2:c5:7e:97:cb:5a:20:70:2a:de:
e7:95:ca:b4:3c:6e:05:86:7a:7e:af:4d:5a:ce:ce:
11:37:e4:bd:b1:7d:00:48:c2:73:92:85:4d:f1:62:
93:8e:5f:5d:05:d0:47:7c:22:9e:1a:07:9b:10:d8:
90:73:7f:4a:e3:74:86:f3:36:c6:fe:0a:ee:9f:ab:
2b:91:b7:75:23:4f:58:6e:21:9a:12:90:a7:aa:4e:
cd:7c:23:df:90:25:b4:f1:7b:31:db:c6:74:75:79:
12:bd:d8:98:d1:73:36:1a:20:9a:6d:54:22:c8:0d:
88:a6:e4:9a:ed:3f:45:64:4f:1e:3b:c1:f8:95:cf:
4f:91:25:0d:46:9f:b7:e1:15:29:1b:e6:26:32:fc:
3c:5e:ac:ba:bf:5a:ba:6a:0c:42:41:c7:55:63:e0:
f7:b7:f9:c6:c6:4f:82:ab:64:d4:2e:de:42:f3:f2:
15:cf:58:ba:54:4b:2d:25:12:1a:96:30:75:40:18:
fb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:73:71:4A:6B:B4:D1:86:C8:C7:22:CC:F5:4C:95:AC:F5:BA:86:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/319C389617AA11F08D6D65F26DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.228.0/22
Signature Algorithm: sha256WithRSAEncryption
55:bf:c8:f2:77:4e:d5:2b:b6:32:af:13:68:33:10:1b:25:91:
9e:42:61:03:04:93:84:b0:41:3d:58:f1:5d:4b:87:09:9d:f8:
e0:88:67:1c:5d:14:af:43:ec:c1:ba:49:60:81:31:f2:01:88:
8e:7e:03:9e:75:8e:b9:12:a2:52:07:a7:e2:c4:f0:e1:64:01:
af:58:54:6e:73:6f:0f:30:23:84:be:a9:aa:32:09:82:65:e4:
cd:e5:81:f4:96:a0:9b:7a:04:ab:aa:1f:bf:2c:f3:2b:fc:32:
b4:42:ad:fb:02:ba:dd:45:61:fd:1b:08:42:23:06:5d:12:5b:
f6:f0:80:eb:47:37:c2:4f:61:3c:4e:53:f1:2d:1b:fb:f3:02:
e4:a1:3e:bd:37:0d:0f:1c:66:0f:2a:ea:73:54:a6:2e:83:97:
30:27:c1:b0:e3:e2:88:24:0e:05:3f:a5:67:c5:21:73:5d:de:
3a:73:2e:c2:d1:b7:96:38:c5:87:9b:74:26:57:40:99:25:40:
3c:1b:10:9b:34:7f:d7:8b:a1:f6:0d:49:92:9c:50:eb:f9:41:
37:9d:96:48:24:fd:2c:cf:a5:1c:8a:7d:15:0e:62:88:2b:2e:
41:5a:17:f5:f2:22:44:01:ec:32:d7:31:ea:d6:80:a2:22:3a:
1e:e5:62:10
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUvkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDEyMTQyNjU1WhcNMjUwNjA5MTQyNjU1WjAYMRYw
FAYDVQQDEw02N2ZhNzgzMy1lMzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsdrnDWkqcWeWuXMjvW6qq5SBzGqURyhct6m7lHvRKaHWap55vfpakHrO
9//ry6IqesoVFSNvjkohN+ozW+SW1cLFfpfLWiBwKt7nlcq0PG4Fhnp+r01azs4R
N+S9sX0ASMJzkoVN8WKTjl9dBdBHfCKeGgebENiQc39K43SG8zbG/grun6srkbd1
I09YbiGaEpCnqk7NfCPfkCW08Xsx28Z0dXkSvdiY0XM2GiCabVQiyA2IpuSa7T9F
ZE8eO8H4lc9PkSUNRp+34RUpG+YmMvw8Xqy6v1q6agxCQcdVY+D3t/nGxk+Cq2TU
Lt5C8/IVz1i6VEstJRIaljB1QBj7AwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI9z
cUprtNGGyMcizPVMlaz1uob0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMTlDMzg5NjE3QUExMUYwOEQ2RDY1RjI2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOrkMA0GCSqGSIb3DQEBCwUA
A4IBAQBVv8jyd07VK7YyrxNoMxAbJZGeQmEDBJOEsEE9WPFdS4cJnfjgiGccXRSv
Q+zBuklggTHyAYiOfgOedY65EqJSB6fixPDhZAGvWFRuc28PMCOEvqmqMgmCZeTN
5YH0lqCbegSrqh+/LPMr/DK0Qq37ArrdRWH9GwhCIwZdElv28IDrRzfCT2E8TlPx
LRv78wLkoT69Nw0PHGYPKupzVKYug5cwJ8Gw4+KIJA4FP6VnxSFzXd46cy7C0beW
OMWHm3QmV0CZJUA8GxCbNH/Xi6H2DUmSnFDr+UE3nZZIJP0sz6Ucin0VDmKIKy5B
Whf18iJEAewy1zHq1oCiIjoe5WIQ
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:48:23 2025 by rpki-client