Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF2CD32E13F411F0B384C265762E951A.roa
File: AF2CD32E13F411F0B384C265762E951A.roa (raw, json)
Hash identifier: Lf0XDALkgxZ16bJ/ncVLnt+8TnmD+Yp3DqLq7rl6OI0=
Subject key identifier: 5D:CB:2D:B6:95:8A:A3:D5:F9:64:8E:C9:30:20:D9:74:DA:88:13:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014ABE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF2CD32E13F411F0B384C265762E951A.roa
Signing time: Mon 07 Apr 2025 21:10:08 +0000
ROA not before: Mon 07 Apr 2025 21:10:04 +0000
ROA not after: Sun 27 Apr 2025 21:10:04 +0000
asID: 57043
IP address blocks: 156.229.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 21:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84670 (0x14abe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 7 21:10:04 2025 GMT
Not After : Apr 27 21:10:04 2025 GMT
Subject: CN=67f43f30-1236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:33:7f:20:0a:4f:64:c5:04:b3:c6:19:e0:2b:
ca:d8:7f:fa:bd:0f:ce:24:85:88:04:96:fc:7c:6d:
23:9f:fb:05:9b:35:8f:6e:d7:e6:72:62:63:62:d1:
93:da:0d:cd:7e:0b:b1:14:e9:d0:6f:13:b3:a6:d0:
d4:ee:33:49:12:16:eb:00:db:fa:91:3f:84:71:0c:
1a:c6:ba:5d:5d:ea:5f:1b:15:67:22:bf:ca:6d:84:
26:44:57:b3:33:b2:f8:81:66:07:52:d9:2a:ce:6c:
ae:10:52:7d:87:c8:cf:77:02:94:94:19:31:36:84:
79:66:72:7f:a1:76:62:e1:65:7d:ca:91:85:73:f3:
52:36:3a:1c:08:70:2c:d0:e9:5f:28:50:8d:75:a6:
d6:42:f8:7e:db:22:94:93:9d:e8:4a:ba:9a:55:5b:
7e:c2:63:f4:c2:3b:fe:3d:9f:b6:0d:41:56:ef:4f:
6c:d5:10:fe:dc:29:fa:84:1f:98:2d:5d:a2:4c:af:
81:d3:0e:45:a2:e1:98:f6:36:74:e7:86:c2:fb:23:
bb:9d:f1:24:1d:25:7b:fe:b2:c4:d0:91:5b:5c:af:
a8:0c:f0:d7:27:7e:18:b2:42:08:bb:27:0e:31:d3:
a9:0e:44:7e:07:22:48:23:fe:45:ab:4d:a0:74:ab:
ac:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CB:2D:B6:95:8A:A3:D5:F9:64:8E:C9:30:20:D9:74:DA:88:13:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AF2CD32E13F411F0B384C265762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.121.0/24
Signature Algorithm: sha256WithRSAEncryption
65:a8:3e:39:09:13:b1:90:b5:5e:3a:e7:14:2e:c0:18:91:b4:
10:6b:4b:38:c7:33:14:ff:4c:a2:5d:80:d0:1b:53:38:a1:38:
b8:ef:f7:c2:7e:9b:38:e4:51:76:9b:dd:c5:17:f2:93:c8:ba:
3e:ca:2c:c2:3a:d9:69:a2:cd:cc:97:56:88:b2:04:c7:30:58:
65:bc:9f:e9:3f:f3:6e:6a:05:c1:6f:cc:e5:a9:26:33:ae:f2:
a2:ef:cb:76:37:38:20:1d:2a:b7:ce:c8:08:82:cc:39:4f:d1:
7b:ce:10:db:d5:c7:be:ef:27:47:02:99:6e:de:b3:1c:64:ab:
bb:d4:27:ac:89:22:2c:ec:ea:e1:0f:b5:13:a3:c0:e1:ce:37:
6d:5d:d0:5f:b2:40:82:7b:d2:6b:da:23:f7:e1:92:b2:27:6e:
6e:ba:b1:ce:10:fa:9c:7b:f5:f7:57:a6:29:3c:07:ce:69:d9:
a2:88:34:3a:89:9b:20:2d:ee:96:2f:d5:bd:1b:6a:49:a7:5d:
80:5d:51:80:80:ff:9d:33:16:95:d2:f1:35:00:35:a4:0d:8d:
42:d9:99:f4:2b:de:1e:fd:d7:b8:f1:87:ab:73:1a:76:17:9b:
15:98:69:2e:b0:40:f6:58:4b:56:d8:2c:40:e8:76:47:41:21:
55:fb:66:15
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUq+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA3MjExMDA0WhcNMjUwNDI3MjExMDA0WjAYMRYw
FAYDVQQDEw02N2Y0M2YzMC0xMjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxjN/IApPZMUEs8YZ4CvK2H/6vQ/OJIWIBJb8fG0jn/sFmzWPbtfmcmJj
YtGT2g3NfguxFOnQbxOzptDU7jNJEhbrANv6kT+EcQwaxrpdXepfGxVnIr/KbYQm
RFezM7L4gWYHUtkqzmyuEFJ9h8jPdwKUlBkxNoR5ZnJ/oXZi4WV9ypGFc/NSNjoc
CHAs0OlfKFCNdabWQvh+2yKUk53oSrqaVVt+wmP0wjv+PZ+2DUFW709s1RD+3Cn6
hB+YLV2iTK+B0w5FouGY9jZ054bC+yO7nfEkHSV7/rLE0JFbXK+oDPDXJ34YskII
uycOMdOpDkR+ByJII/5Fq02gdKus/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF3L
LbaViqPV+WSOyTAg2XTaiBOQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRjJDRDMyRTEzRjQxMUYwQjM4NEMyNjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOV5MA0GCSqGSIb3DQEBCwUA
A4IBAQBlqD45CROxkLVeOucULsAYkbQQa0s4xzMU/0yiXYDQG1M4oTi47/fCfps4
5FF2m93FF/KTyLo+yizCOtlpos3Ml1aIsgTHMFhlvJ/pP/NuagXBb8zlqSYzrvKi
78t2NzggHSq3zsgIgsw5T9F7zhDb1ce+7ydHAplu3rMcZKu71CesiSIs7OrhD7UT
o8DhzjdtXdBfskCCe9Jr2iP34ZKyJ25uurHOEPqce/X3V6YpPAfOadmiiDQ6iZsg
Le6WL9W9G2pJp12AXVGAgP+dMxaV0vE1ADWkDY1C2Zn0K94e/de48Yercxp2F5sV
mGkusED2WEtW2CxA6HZHQSFV+2YV
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:52:12 2025 by rpki-client