Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B12A83A15F111F0A7A388F56DB8BCC6.roa
File: 7B12A83A15F111F0A7A388F56DB8BCC6.roa (raw, json)
Hash identifier: Gwny/RtcpjI+fu6ccR0Xm6qOQdWctXJyeHWSnFyvQsI=
Subject key identifier: 5B:4B:20:C8:61:6A:67:6D:66:AA:ED:13:00:56:20:96:50:E1:59:2D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014B78
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B12A83A15F111F0A7A388F56DB8BCC6.roa
Signing time: Thu 10 Apr 2025 09:52:14 +0000
ROA not before: Thu 10 Apr 2025 09:52:11 +0000
ROA not after: Sat 10 May 2025 09:52:11 +0000
asID: 395886
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84856 (0x14b78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 10 09:52:11 2025 GMT
Not After : May 10 09:52:11 2025 GMT
Subject: CN=67f794ce-bf04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:38:3a:ba:77:41:b9:4d:85:1c:db:bd:52:34:
b6:bb:d9:0b:cc:36:fd:3f:1d:72:21:b8:d6:be:9d:
86:7a:6f:18:59:54:aa:23:3f:7a:a5:a3:b7:cc:65:
bb:db:2f:28:b1:51:99:d0:91:96:dc:b8:60:90:00:
b2:d8:5a:7b:de:b4:54:71:ea:b8:15:4c:fe:81:97:
f3:38:bd:dc:87:14:66:34:f3:ad:5d:41:dc:15:fb:
94:73:b5:9d:f4:7c:d7:7b:a7:70:ac:0f:7f:46:03:
10:90:01:f5:36:98:9f:5f:e1:88:ec:b4:3b:55:39:
b7:c6:aa:7e:64:f8:b8:60:09:38:4f:ca:9c:7a:b5:
ef:63:6a:86:3d:9b:86:31:e0:6d:15:8a:8a:d7:ff:
7d:d6:8b:8f:c1:f4:ee:93:f3:f2:28:5a:ff:e0:9c:
53:91:2b:cf:6a:1c:73:85:c4:a3:a2:6c:97:df:b6:
69:86:5d:9c:6b:6f:c1:59:1b:e2:2d:9d:35:11:c3:
36:d1:24:ce:f5:05:3f:b2:1a:24:89:bf:92:00:76:
71:ec:e1:87:07:04:96:19:dd:58:d7:52:10:6d:06:
8f:80:4c:c6:2f:fc:52:44:9f:6f:48:7c:85:62:1a:
e7:4b:15:7f:23:ae:88:51:68:75:12:14:5e:a5:b1:
1a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:4B:20:C8:61:6A:67:6D:66:AA:ED:13:00:56:20:96:50:E1:59:2D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B12A83A15F111F0A7A388F56DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
55:1b:dd:a9:35:9a:72:de:34:5a:a4:80:b5:ff:f9:05:b9:c8:
cc:96:9d:a0:58:61:40:b1:10:fb:9e:cf:2a:e7:e4:1e:46:6b:
1c:60:22:f4:40:a4:a2:96:48:f2:44:a6:40:a7:a2:f8:f1:15:
fb:22:c7:18:6d:d5:aa:c0:1a:d5:ae:26:e9:00:f1:c3:c3:b4:
43:a4:7c:0d:2d:36:fa:59:5d:22:51:4d:1e:78:f2:cf:68:9d:
00:dc:ab:ba:dd:9a:22:95:eb:f2:86:db:91:94:57:61:ed:71:
75:21:b4:a8:3e:7f:e2:eb:79:d4:94:70:28:7f:00:fb:f1:bb:
44:5b:16:80:4e:09:23:b1:70:59:82:87:5e:80:ce:69:bc:f6:
47:a5:cc:02:69:b2:e4:a0:63:a9:2e:5d:10:48:7b:5d:54:31:
73:a0:d0:e3:c6:2c:ba:ba:4a:f8:30:68:7d:64:8e:7e:40:6d:
1e:e5:50:c0:05:a7:93:12:d5:5e:92:8b:5b:9c:7d:ab:66:a4:
05:e3:bd:7d:f4:d2:6f:2c:a3:12:f3:a9:f5:09:c4:1f:eb:f0:
73:ab:e9:76:69:b5:b2:7e:4e:da:24:bf:30:64:3e:ba:ac:3f:
bf:9b:c1:3e:79:20:30:b9:a4:f1:97:31:60:f1:87:0a:bc:c3:
2e:57:b6:aa
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUt4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDEwMDk1MjExWhcNMjUwNTEwMDk1MjExWjAYMRYw
FAYDVQQDEw02N2Y3OTRjZS1iZjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3jg6undBuU2FHNu9UjS2u9kLzDb9Px1yIbjWvp2Gem8YWVSqIz96paO3
zGW72y8osVGZ0JGW3LhgkACy2Fp73rRUceq4FUz+gZfzOL3chxRmNPOtXUHcFfuU
c7Wd9HzXe6dwrA9/RgMQkAH1NpifX+GI7LQ7VTm3xqp+ZPi4YAk4T8qcerXvY2qG
PZuGMeBtFYqK1/991ouPwfTuk/PyKFr/4JxTkSvPahxzhcSjomyX37Zphl2ca2/B
WRviLZ01EcM20STO9QU/shokib+SAHZx7OGHBwSWGd1Y11IQbQaPgEzGL/xSRJ9v
SHyFYhrnSxV/I66IUWh1EhRepbEa4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFtL
IMhhamdtZqrtEwBWIJZQ4VktMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QjEyQTgzQTE1RjExMUYwQTdBMzg4RjU2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQBVG92pNZpy3jRapIC1//kFucjMlp2gWGFAsRD7ns8q5+QeRmscYCL0QKSi
lkjyRKZAp6L48RX7IscYbdWqwBrVribpAPHDw7RDpHwNLTb6WV0iUU0eePLPaJ0A
3Ku63ZoilevyhtuRlFdh7XF1IbSoPn/i63nUlHAofwD78btEWxaATgkjsXBZgode
gM5pvPZHpcwCabLkoGOpLl0QSHtdVDFzoNDjxiy6ukr4MGh9ZI5+QG0e5VDABaeT
EtVekotbnH2rZqQF47199NJvLKMS86n1CcQf6/Bzq+l2abWyfk7aJL8wZD66rD+/
m8E+eSAwuaTxlzFg8YcKvMMuV7aq
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:26:13 2025 by rpki-client