Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/96006AF816B211F0BDE452FF6DB8BCC6.roa
File: 96006AF816B211F0BDE452FF6DB8BCC6.roa (raw, json)
Hash identifier: TBS76ZI8hd6jRVy0CzmNpezcJ3i3uROCt6db6+RwQ1k=
Subject key identifier: 0E:CE:AE:04:C7:3D:75:91:9E:B3:D7:71:68:14:2D:76:F6:26:78:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014BAD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/96006AF816B211F0BDE452FF6DB8BCC6.roa
Signing time: Fri 11 Apr 2025 08:54:32 +0000
ROA not before: Fri 11 Apr 2025 08:54:28 +0000
ROA not after: Fri 16 May 2025 08:54:28 +0000
asID: 54600
IP address blocks: 156.236.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84909 (0x14bad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 11 08:54:28 2025 GMT
Not After : May 16 08:54:28 2025 GMT
Subject: CN=67f8d8c8-6aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b8:aa:83:e8:2a:a4:a6:f9:da:81:c2:aa:06:
a3:be:6f:64:2d:5b:2b:20:c7:4c:de:46:2a:54:3f:
af:66:87:a6:7e:a9:69:e4:0a:87:0c:f7:89:8e:48:
e6:16:bd:3f:86:a9:e3:65:0e:fe:b1:0d:b0:4b:85:
25:6a:61:35:ff:18:2f:ff:a6:84:86:8a:55:55:2e:
20:8b:81:d7:f8:c0:9b:61:52:12:5c:4d:3b:05:13:
ff:77:7f:6e:c8:35:d3:2a:64:c8:d0:58:9a:e4:5c:
23:01:36:1c:5f:f5:ae:9c:61:d2:02:62:43:ce:73:
f8:43:5a:d9:4f:eb:f7:aa:2d:6f:1d:b9:cc:11:b1:
f6:a8:50:9c:48:3e:d6:c5:a2:a8:b9:6b:40:20:ba:
e6:b7:ad:04:45:0e:9c:f0:20:65:70:19:ac:e1:bd:
8b:c5:2e:58:c0:f0:60:61:28:74:92:2f:3d:36:ad:
2f:e1:53:13:ea:d0:df:4f:63:ed:df:2b:8f:83:8a:
80:d0:e9:13:1f:12:66:84:e8:26:19:3f:a3:2c:98:
c9:0c:04:f5:72:e5:dd:fa:68:7f:97:b4:aa:78:b8:
14:25:03:b7:db:52:02:ff:f0:7a:eb:68:f8:fd:bc:
db:34:33:8c:6c:39:a3:ff:45:d0:b9:e5:b5:45:6a:
14:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CE:AE:04:C7:3D:75:91:9E:B3:D7:71:68:14:2D:76:F6:26:78:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/96006AF816B211F0BDE452FF6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.128.0/18
Signature Algorithm: sha256WithRSAEncryption
71:74:38:28:4e:03:e4:a7:41:24:87:3f:d3:0d:14:2a:ef:ac:
6e:29:67:6c:c7:d2:61:53:04:95:7b:1c:7c:e7:16:74:9f:36:
3f:f8:dc:8f:a1:2a:16:dd:dc:ee:56:56:77:c3:c4:88:63:90:
51:50:be:9e:67:6c:8b:b1:32:11:57:db:95:2c:73:27:b0:85:
14:bf:37:dd:93:77:7c:29:0f:c0:b9:e5:80:93:1d:02:26:a5:
6c:9a:65:4a:85:05:51:5c:54:38:07:5c:14:1f:5d:d5:a6:60:
87:7c:3b:1c:0e:0a:ee:c3:30:51:76:57:00:2f:ca:3e:54:c9:
fd:8e:ab:f6:59:3f:a6:b9:91:54:d0:be:f0:0e:d9:07:f7:d0:
93:b1:4d:f7:ed:02:61:a9:b1:62:0d:73:d9:92:ce:f8:fb:a6:
69:80:e0:3e:98:0f:e1:d7:93:a2:9f:20:53:2f:b5:e2:88:07:
01:5f:19:03:57:ec:d8:b3:90:78:f7:e3:62:f8:75:3c:cb:0d:
9d:35:24:28:ec:d6:a8:5b:d8:ae:ae:a6:64:e4:63:65:86:64:
2f:c5:5f:f8:fc:5d:8c:32:de:3b:70:c6:b5:e9:79:9c:7a:46:
03:01:13:01:9c:50:2d:3c:c9:de:a5:ca:2e:3c:6b:18:2d:7a:
85:4b:ea:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUutMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDExMDg1NDI4WhcNMjUwNTE2MDg1NDI4WjAYMRYw
FAYDVQQDEw02N2Y4ZDhjOC02YWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr7iqg+gqpKb52oHCqgajvm9kLVsrIMdM3kYqVD+vZoemfqlp5AqHDPeJ
jkjmFr0/hqnjZQ7+sQ2wS4UlamE1/xgv/6aEhopVVS4gi4HX+MCbYVISXE07BRP/
d39uyDXTKmTI0Fia5FwjATYcX/WunGHSAmJDznP4Q1rZT+v3qi1vHbnMEbH2qFCc
SD7WxaKouWtAILrmt60ERQ6c8CBlcBms4b2LxS5YwPBgYSh0ki89Nq0v4VMT6tDf
T2Pt3yuPg4qA0OkTHxJmhOgmGT+jLJjJDAT1cuXd+mh/l7SqeLgUJQO321IC//B6
62j4/bzbNDOMbDmj/0XQueW1RWoU7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA7O
rgTHPXWRnrPXcWgULXb2JniyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NjAwNkFGODE2QjIxMUYwQkRFNDUyRkY2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnOyAMA0GCSqGSIb3DQEBCwUA
A4IBAQBxdDgoTgPkp0Ekhz/TDRQq76xuKWdsx9JhUwSVexx85xZ0nzY/+NyPoSoW
3dzuVlZ3w8SIY5BRUL6eZ2yLsTIRV9uVLHMnsIUUvzfdk3d8KQ/AueWAkx0CJqVs
mmVKhQVRXFQ4B1wUH13VpmCHfDscDgruwzBRdlcAL8o+VMn9jqv2WT+muZFU0L7w
DtkH99CTsU337QJhqbFiDXPZks74+6ZpgOA+mA/h15OinyBTL7XiiAcBXxkDV+zY
s5B49+Ni+HU8yw2dNSQo7NaoW9iurqZk5GNlhmQvxV/4/F2MMt47cMa16XmcekYD
ARMBnFAtPMnepcouPGsYLXqFS+rc
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:54:27 2025 by rpki-client