Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/514B9D50114F11F0B0D27A5B762E951A.roa
File: 514B9D50114F11F0B0D27A5B762E951A.roa (raw, json)
Hash identifier: XFYPsOB9w31+aLsnyAAydzWKQDnqNKpMF3w8C1dNLhU=
Subject key identifier: 35:E8:90:6D:AD:88:2F:D8:F8:77:00:53:21:05:DB:BB:A0:36:76:57
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A37
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/514B9D50114F11F0B0D27A5B762E951A.roa
Signing time: Fri 04 Apr 2025 12:21:21 +0000
ROA not before: Fri 04 Apr 2025 12:21:17 +0000
ROA not after: Tue 24 Jun 2025 12:21:17 +0000
asID: 135097
IP address blocks: 156.250.4.0/22 maxlen: 24
156.250.8.0/21 maxlen: 24
156.250.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84535 (0x14a37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 4 12:21:17 2025 GMT
Not After : Jun 24 12:21:17 2025 GMT
Subject: CN=67efcec1-8d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a1:87:33:ff:cb:2d:91:b7:1c:a3:33:fb:22:
fc:cf:7e:ef:bf:9d:d0:03:5e:91:c9:6c:93:9e:3a:
f2:df:96:fd:94:4f:8d:c8:84:4c:b4:62:be:ec:82:
bc:ae:3a:df:ec:aa:7c:e4:b2:ea:fd:7d:aa:68:68:
70:a7:6b:be:05:47:d6:69:0a:34:07:c1:ed:9d:62:
91:c9:a5:e6:cd:ce:78:42:f0:2c:ad:d3:26:c9:17:
cc:be:88:08:c4:b0:1c:36:da:ea:2d:27:8a:f6:7f:
cd:0f:a6:52:c9:d6:c5:a4:12:07:9e:ef:ef:50:24:
9e:49:73:f6:1e:c4:f9:03:9c:2d:f9:6f:d2:c7:dd:
aa:8e:65:2c:5e:ae:91:ee:9b:61:21:74:b0:8e:cd:
43:b7:dc:ad:aa:09:82:e6:e5:3f:f4:31:b1:27:45:
a9:aa:8e:c1:cf:82:a3:85:5d:c3:cc:32:f7:32:e0:
00:e8:c2:ae:50:99:45:d5:8a:da:1f:3c:ac:e8:e1:
44:39:08:56:1c:29:c1:3f:bc:d9:37:85:6d:29:08:
7a:bd:5b:23:73:58:40:7f:10:86:94:39:63:43:b8:
5b:ae:2f:ad:6e:ad:03:9c:9b:5e:e6:48:5c:4b:0d:
c1:37:98:e3:09:2a:8e:48:22:fb:07:01:b9:91:00:
cc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:E8:90:6D:AD:88:2F:D8:F8:77:00:53:21:05:DB:BB:A0:36:76:57
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/514B9D50114F11F0B0D27A5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.4.0-156.250.31.255
Signature Algorithm: sha256WithRSAEncryption
06:02:59:3c:cd:ec:e7:84:f0:04:cb:e4:93:aa:4a:e3:00:1f:
21:32:db:d0:92:24:a3:7e:b6:d3:9e:6e:1f:d4:aa:25:f8:f2:
01:72:e0:ea:ac:18:71:0e:28:f8:32:0f:62:c7:e9:b7:03:7d:
7e:68:46:10:22:97:5c:d6:bd:a4:da:d6:55:df:7a:5a:b8:51:
3f:c7:50:79:64:97:c8:e0:8c:25:33:75:25:1b:db:84:84:b1:
3a:b9:57:0d:be:9d:3d:ac:63:0d:27:39:0e:6f:85:2e:52:4e:
59:5d:d5:ec:f1:42:ca:02:85:ea:03:c2:d2:76:2e:26:d8:72:
89:e9:2a:d0:7e:3a:52:33:dd:56:2d:f7:8e:c9:f6:c3:e7:a6:
62:e6:6a:e8:0c:69:06:68:5b:86:09:08:5d:e7:be:82:fa:80:
a5:d5:0a:46:64:e4:cb:f9:36:a3:ea:5b:34:0b:d7:84:59:55:
37:5a:7a:4d:0a:63:84:14:4a:30:d2:4f:f4:6d:80:6b:cc:bd:
6e:0b:2d:1c:a8:8a:c1:2b:9b:63:89:53:54:22:2e:13:50:48:
0a:b5:3f:dc:5c:ae:d4:c9:a6:23:bc:9a:6c:62:0f:7c:4d:ef:
68:56:83:6f:2b:f2:d8:21:46:80:bb:c0:12:4a:20:ce:ec:53:
b5:37:d9:65
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUo3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA0MTIyMTE3WhcNMjUwNjI0MTIyMTE3WjAYMRYw
FAYDVQQDEw02N2VmY2VjMS04ZDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtqGHM//LLZG3HKMz+yL8z37vv53QA16RyWyTnjry35b9lE+NyIRMtGK+
7IK8rjrf7Kp85LLq/X2qaGhwp2u+BUfWaQo0B8HtnWKRyaXmzc54QvAsrdMmyRfM
vogIxLAcNtrqLSeK9n/ND6ZSydbFpBIHnu/vUCSeSXP2HsT5A5wt+W/Sx92qjmUs
Xq6R7pthIXSwjs1Dt9ytqgmC5uU/9DGxJ0Wpqo7Bz4KjhV3DzDL3MuAA6MKuUJlF
1YraHzys6OFEOQhWHCnBP7zZN4VtKQh6vVsjc1hAfxCGlDljQ7hbri+tbq0DnJte
5khcSw3BN5jjCSqOSCL7BwG5kQDMHwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDXo
kG2tiC/Y+HcAUyEF27ugNnZXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MTRCOUQ1MDExNEYxMUYwQjBEMjdBNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKc+gQDBAWc+gAwDQYJKoZI
hvcNAQELBQADggEBAAYCWTzN7OeE8ATL5JOqSuMAHyEy29CSJKN+ttOebh/UqiX4
8gFy4OqsGHEOKPgyD2LH6bcDfX5oRhAil1zWvaTa1lXfelq4UT/HUHlkl8jgjCUz
dSUb24SEsTq5Vw2+nT2sYw0nOQ5vhS5STlld1ezxQsoCheoDwtJ2LibYconpKtB+
OlIz3VYt947J9sPnpmLmaugMaQZoW4YJCF3nvoL6gKXVCkZk5Mv5NqPqWzQL14RZ
VTdaek0KY4QUSjDST/RtgGvMvW4LLRyoisErm2OJU1QiLhNQSAq1P9xcrtTJpiO8
mmxiD3xN72hWg28r8tghRoC7wBJKIM7sU7U32WU=
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:43:46 2025 by rpki-client