Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A915785815E611F09A77D3AD6DB8BCC6.roa
File: A915785815E611F09A77D3AD6DB8BCC6.roa (raw, json)
Hash identifier: RhUU4IpAi8cDn1EPDWBYNdH3OpuuhqUrG5+uTN/Vrww=
Subject key identifier: 91:CE:98:D3:07:91:29:B5:37:B9:96:32:41:DF:0B:BC:1F:D0:EF:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014B51
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A915785815E611F09A77D3AD6DB8BCC6.roa
Signing time: Thu 10 Apr 2025 08:34:47 +0000
ROA not before: Thu 10 Apr 2025 08:34:43 +0000
ROA not after: Wed 25 Jun 2025 08:34:43 +0000
asID: 135097
IP address blocks: 156.254.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84817 (0x14b51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 10 08:34:43 2025 GMT
Not After : Jun 25 08:34:43 2025 GMT
Subject: CN=67f782a7-8738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dc:77:61:90:26:23:2a:c0:f8:6d:57:7e:7f:
b9:9a:47:93:8e:f5:ab:34:b9:f2:59:13:b2:3c:3d:
3e:19:80:2d:12:5d:a0:e5:2f:a5:b3:97:f3:37:3e:
8f:fe:ec:7e:de:4e:5e:7c:a0:12:4e:7a:90:09:df:
42:4f:55:bf:f0:47:d2:63:86:c7:4f:6d:b6:6f:d7:
33:03:5a:a8:55:82:22:87:43:32:64:53:33:4d:97:
71:a6:8b:7e:00:8f:c8:1b:3f:38:e0:f9:03:d0:e7:
8f:b7:2d:82:e3:81:4f:98:67:63:3a:e5:c0:7f:94:
6c:6f:aa:60:56:a4:0a:b0:76:74:16:30:44:69:dc:
a9:0b:b1:b8:ef:f5:25:fd:c3:5f:a3:b4:89:cd:c8:
c6:db:24:e3:48:24:6a:82:51:d1:52:6a:08:67:46:
b4:9b:73:0a:15:76:b1:1e:2f:9d:dc:4f:33:45:8c:
35:29:96:2d:af:28:c6:5f:14:96:73:36:73:8b:94:
70:26:e0:d3:df:39:82:d5:ba:04:d2:18:1d:35:34:
2f:82:7c:9a:98:b3:e7:45:7a:e6:09:31:d4:97:23:
15:f5:92:33:2e:b4:37:ce:16:14:6a:4b:10:0f:87:
ed:21:40:5a:fd:42:4f:9b:de:ab:07:ef:65:21:36:
c2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CE:98:D3:07:91:29:B5:37:B9:96:32:41:DF:0B:BC:1F:D0:EF:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A915785815E611F09A77D3AD6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.128.0/17
Signature Algorithm: sha256WithRSAEncryption
55:8d:ed:61:c1:35:e2:cf:fe:7d:68:76:77:1d:3f:28:97:db:
d0:2e:16:d6:a6:e5:41:7f:dc:e2:5f:ce:d0:b0:15:a3:08:f8:
17:6c:c0:91:e4:9c:be:6f:ef:cf:b1:ed:bc:16:3d:b1:82:70:
37:ad:8c:19:93:f2:d4:de:0a:18:61:11:7e:ad:af:ea:a7:93:
cb:69:02:20:43:99:f1:a6:53:b9:da:9a:e7:5f:60:d6:76:c3:
cc:51:90:72:51:42:e5:72:94:05:55:62:20:0b:28:76:c6:4e:
cc:e0:f7:61:db:7a:d4:6a:2f:ac:d9:09:6c:d4:af:58:6f:1b:
6e:50:b9:87:59:5d:a0:f4:4a:a0:8d:e9:a2:4a:8f:f2:1c:f0:
60:57:69:56:b8:20:d1:d9:15:1e:9f:f9:d5:75:32:e6:49:ec:
1c:b1:3b:d3:da:e0:70:31:90:07:6f:35:4f:f2:f4:1e:52:9d:
87:58:df:9a:b3:83:9d:01:a8:95:95:66:ab:dd:96:a8:a1:b1:
bd:c0:ce:f1:14:de:71:13:87:7b:5b:74:a2:e3:fe:a0:9b:f6:
44:80:6d:32:e0:b4:66:7a:1d:a4:34:f4:96:ee:9a:4f:90:1e:
76:d5:54:94:c2:5f:05:9a:6f:f8:92:25:5d:cb:3c:b9:4f:0f:
6d:39:c1:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUtRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDEwMDgzNDQzWhcNMjUwNjI1MDgzNDQzWjAYMRYw
FAYDVQQDEw02N2Y3ODJhNy04NzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA09x3YZAmIyrA+G1Xfn+5mkeTjvWrNLnyWROyPD0+GYAtEl2g5S+ls5fz
Nz6P/ux+3k5efKASTnqQCd9CT1W/8EfSY4bHT222b9czA1qoVYIih0MyZFMzTZdx
pot+AI/IGz844PkD0OePty2C44FPmGdjOuXAf5Rsb6pgVqQKsHZ0FjBEadypC7G4
7/Ul/cNfo7SJzcjG2yTjSCRqglHRUmoIZ0a0m3MKFXaxHi+d3E8zRYw1KZYtryjG
XxSWczZzi5RwJuDT3zmC1boE0hgdNTQvgnyamLPnRXrmCTHUlyMV9ZIzLrQ3zhYU
aksQD4ftIUBa/UJPm96rB+9lITbCtwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJHO
mNMHkSm1N7mWMkHfC7wf0O9tMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOTE1Nzg1ODE1RTYxMUYwOUE3N0QzQUQ2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHnP6AMA0GCSqGSIb3DQEBCwUA
A4IBAQBVje1hwTXiz/59aHZ3HT8ol9vQLhbWpuVBf9ziX87QsBWjCPgXbMCR5Jy+
b+/Pse28Fj2xgnA3rYwZk/LU3goYYRF+ra/qp5PLaQIgQ5nxplO52prnX2DWdsPM
UZByUULlcpQFVWIgCyh2xk7M4Pdh23rUai+s2Qls1K9YbxtuULmHWV2g9Eqgjemi
So/yHPBgV2lWuCDR2RUen/nVdTLmSewcsTvT2uBwMZAHbzVP8vQeUp2HWN+as4Od
AaiVlWar3ZaoobG9wM7xFN5xE4d7W3Si4/6gm/ZEgG0y4LRmeh2kNPSW7ppPkB52
1VSUwl8Fmm/4kiVdyzy5Tw9tOcEO
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:35:18 2025 by rpki-client