Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67A6DD820CD411F08A418CA7762E951A.roa
File: 67A6DD820CD411F08A418CA7762E951A.roa (raw, json)
Hash identifier: oBy/suGCmqfP0q1NKzo5VfNkZktxkYjtAuOFeQuZOBQ=
Subject key identifier: 2D:EE:47:9E:02:50:39:B1:15:49:73:E1:12:A8:CD:FB:0F:77:D5:17
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014906
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67A6DD820CD411F08A418CA7762E951A.roa
Signing time: Sat 29 Mar 2025 19:31:26 +0000
ROA not before: Sat 29 Mar 2025 19:31:22 +0000
ROA not after: Tue 19 Aug 2025 19:31:22 +0000
asID: 58931
IP address blocks: 156.254.20.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84230 (0x14906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 29 19:31:22 2025 GMT
Not After : Aug 19 19:31:22 2025 GMT
Subject: CN=67e84a8e-2917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:8f:4c:79:2c:62:40:71:a5:6b:fb:1a:d0:c4:
9a:13:c8:6b:84:64:e9:87:6f:5d:67:c1:1f:4d:0f:
b2:b7:12:7d:54:1f:08:3e:fa:45:c8:de:66:95:a2:
17:8b:be:80:fa:ea:c1:18:4b:db:9e:ad:d3:90:10:
f1:33:15:95:9d:06:51:dd:2c:97:5f:59:0b:9e:4e:
e2:41:94:af:c8:ad:07:f0:af:5f:ed:26:9a:15:8a:
56:4d:26:80:e6:d0:e2:e3:a1:64:7c:89:5b:c6:4c:
7d:c5:23:94:35:e8:06:2d:a9:92:98:a8:b1:4b:42:
cc:a3:10:55:a7:da:08:f4:31:37:a4:40:83:a6:70:
e1:2b:20:45:bc:3a:2d:72:62:0d:23:2e:70:ac:84:
3e:f7:93:ca:cb:c9:e6:8a:f5:64:84:93:48:8f:d9:
ac:55:ac:cb:96:cb:41:29:ce:9d:4b:19:92:0a:92:
eb:61:43:36:93:f9:41:75:47:b1:43:6d:66:74:d2:
31:e9:4e:d1:9f:7d:f2:99:2f:87:87:59:4c:ef:45:
1c:ce:3d:ce:6a:0e:13:f1:79:34:14:e9:49:2c:00:
89:d2:fa:df:8f:6b:1a:48:af:52:f7:2e:d7:b6:c6:
a1:a7:fd:b1:ae:dd:e1:cf:b3:75:8b:e5:4c:67:e4:
08:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:EE:47:9E:02:50:39:B1:15:49:73:E1:12:A8:CD:FB:0F:77:D5:17
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67A6DD820CD411F08A418CA7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.20.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:b3:90:99:4e:83:a8:6d:8c:3a:dc:b8:66:38:c4:c8:05:45:
48:ff:24:c0:df:7b:9e:4c:c9:6f:14:f8:20:fc:64:fe:50:63:
c0:15:d4:90:31:fe:90:fd:95:95:b0:b6:e6:e9:4b:45:85:c4:
64:11:44:15:94:44:ec:37:0c:f0:4b:b0:07:22:c5:3d:63:8a:
22:92:f8:d2:a9:90:80:ed:22:a4:72:be:e7:2c:da:c0:d8:54:
c1:b5:53:b3:0d:9b:7a:8f:28:e3:4c:0d:16:85:2e:5a:e7:f2:
70:2f:f7:e7:31:b9:4d:e2:07:93:e2:c4:47:ed:ea:34:0d:d9:
20:af:5f:f9:fd:50:6a:e7:b3:d1:0f:11:c0:b5:85:cd:c9:42:
f8:59:04:31:13:06:d1:ce:4e:1e:cd:c3:76:ac:9a:5b:26:b8:
64:ed:3e:82:81:79:43:54:8a:31:96:09:09:fc:02:16:30:c9:
66:d5:50:81:81:52:0a:fc:6b:06:2f:3d:62:bb:70:19:5a:95:
2a:86:50:fd:19:4b:98:b5:d8:01:e5:8d:b9:31:e6:59:4d:ad:
b6:7c:33:fb:f4:73:f4:e2:f0:0d:92:a6:3d:f3:71:42:9c:28:
36:de:98:7b:69:86:76:7f:90:c4:81:1c:a9:36:db:72:55:94:
56:38:af:72
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUkGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTkzMTIyWhcNMjUwODE5MTkzMTIyWjAYMRYw
FAYDVQQDEw02N2U4NGE4ZS0yOTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7I9MeSxiQHGla/sa0MSaE8hrhGTph29dZ8EfTQ+ytxJ9VB8IPvpFyN5m
laIXi76A+urBGEvbnq3TkBDxMxWVnQZR3SyXX1kLnk7iQZSvyK0H8K9f7SaaFYpW
TSaA5tDi46FkfIlbxkx9xSOUNegGLamSmKixS0LMoxBVp9oI9DE3pECDpnDhKyBF
vDotcmINIy5wrIQ+95PKy8nmivVkhJNIj9msVazLlstBKc6dSxmSCpLrYUM2k/lB
dUexQ21mdNIx6U7Rn33ymS+Hh1lM70Uczj3Oag4T8Xk0FOlJLACJ0vrfj2saSK9S
9y7Xtsahp/2xrt3hz7N1i+VMZ+QI3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC3u
R54CUDmxFUlz4RKozfsPd9UXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0E2REQ4MjBDRDQxMUYwOEE0MThDQTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP4UMA0GCSqGSIb3DQEBCwUA
A4IBAQCis5CZToOobYw63LhmOMTIBUVI/yTA33ueTMlvFPgg/GT+UGPAFdSQMf6Q
/ZWVsLbm6UtFhcRkEUQVlETsNwzwS7AHIsU9Y4oikvjSqZCA7SKkcr7nLNrA2FTB
tVOzDZt6jyjjTA0WhS5a5/JwL/fnMblN4geT4sRH7eo0Ddkgr1/5/VBq57PRDxHA
tYXNyUL4WQQxEwbRzk4ezcN2rJpbJrhk7T6CgXlDVIoxlgkJ/AIWMMlm1VCBgVIK
/GsGLz1iu3AZWpUqhlD9GUuYtdgB5Y25MeZZTa22fDP79HP04vANkqY983FCnCg2
3ph7aYZ2f5DEgRypNttyVZRWOK9y
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:30:55 2025 by rpki-client