Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF67088221B811F0AD21A991DAE4EC9C.roa
File: BF67088221B811F0AD21A991DAE4EC9C.roa (raw, json)
Hash identifier: dzJuQTdplUr3JPn3G9S0JJWoYiSsML8jLwFJfgO+4Fs=
Subject key identifier: 2F:D1:CC:EB:3F:EB:02:7C:F7:1B:73:61:47:BE:DD:44:83:07:48:26
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014EB3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF67088221B811F0AD21A991DAE4EC9C.roa
Signing time: Fri 25 Apr 2025 09:36:22 +0000
ROA not before: Fri 25 Apr 2025 09:36:17 +0000
ROA not after: Fri 16 May 2025 09:36:17 +0000
asID: 135097
IP address blocks: 156.224.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85683 (0x14eb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 25 09:36:17 2025 GMT
Not After : May 16 09:36:17 2025 GMT
Subject: CN=680b5796-f707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f7:b9:69:d1:78:f9:25:a3:aa:9c:62:52:80:
8c:64:65:df:29:8f:02:9d:6c:cd:d4:50:b9:e7:8a:
f8:91:46:95:e5:1e:18:4e:70:6a:0c:e7:e3:eb:a7:
aa:73:ce:d4:05:50:b8:6e:3a:0f:99:7c:db:28:b3:
53:84:ab:10:c9:5a:b5:be:45:49:a6:82:46:86:3e:
2a:0d:a3:ad:af:0c:18:24:89:83:27:0f:d1:f3:ab:
72:56:1f:b0:41:ee:fb:eb:75:f3:2c:ae:f2:0d:68:
bd:11:2d:76:6b:a6:0a:c8:8d:47:f2:af:a5:16:2b:
d5:b0:7c:1a:b5:af:0a:62:f1:3c:fe:f7:4b:3b:f3:
bf:d6:f8:46:84:7b:37:6e:16:ee:e6:e5:ec:ac:19:
cc:19:6f:8a:84:c5:0f:c8:d7:45:d9:55:9d:f7:06:
74:99:76:18:44:8b:96:ea:7b:6c:8c:50:82:cf:eb:
ea:6f:b7:c1:02:63:2d:6a:38:d3:32:15:39:6d:57:
67:8d:6b:d7:c5:69:d9:3d:af:ef:3c:49:d3:e9:01:
5d:6b:94:a2:bc:09:44:71:0f:7d:5c:4d:c7:fc:59:
ef:12:aa:55:ac:a2:68:ce:cc:6d:88:70:6a:57:81:
3a:e8:be:d4:52:83:d6:aa:57:d4:73:af:aa:64:c7:
ee:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D1:CC:EB:3F:EB:02:7C:F7:1B:73:61:47:BE:DD:44:83:07:48:26
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF67088221B811F0AD21A991DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.128.0/17
Signature Algorithm: sha256WithRSAEncryption
2c:41:89:f6:35:2c:e7:d1:01:9a:cc:28:f3:82:82:27:3e:d2:
c8:d7:91:ef:48:88:6a:bd:a1:b6:81:7f:0d:3c:5b:e5:d3:09:
25:e8:c6:9f:1a:5f:13:82:4f:64:ad:cc:44:d5:22:16:54:fb:
53:5c:51:e7:63:76:21:64:ec:5c:9c:04:b4:e8:fd:dc:19:82:
fd:6c:4d:5d:03:aa:99:32:f9:f2:af:b0:cc:0c:f5:fc:8f:09:
e8:c8:4e:91:eb:07:d0:b6:43:de:bd:84:0b:9a:ae:47:0c:0b:
2b:62:6f:3c:64:e9:b9:46:98:93:4d:ad:11:6c:84:b2:af:2e:
b6:54:f5:65:55:da:a9:a9:d1:64:ab:44:af:1a:95:a8:6e:94:
a8:d6:97:5f:a2:46:4c:84:80:0e:61:34:00:2f:c4:5a:03:9d:
a3:a8:9d:f0:d4:34:3d:2e:65:02:d1:02:e7:ef:40:70:40:99:
29:37:67:fa:bb:43:93:e1:d4:50:8d:f1:e2:8e:c2:eb:cb:81:
20:40:19:06:42:f7:66:44:33:53:3f:11:7a:f1:49:6f:63:e7:
fc:ad:63:d4:33:ee:cd:5e:14:df:d1:2c:54:67:b0:52:93:ad:
c1:39:dd:06:52:e6:98:33:b0:77:03:dd:94:56:11:bb:59:67:
12:04:27:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAU6zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI1MDkzNjE3WhcNMjUwNTE2MDkzNjE3WjAYMRYw
FAYDVQQDEw02ODBiNTc5Ni1mNzA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6fe5adF4+SWjqpxiUoCMZGXfKY8CnWzN1FC554r4kUaV5R4YTnBqDOfj
66eqc87UBVC4bjoPmXzbKLNThKsQyVq1vkVJpoJGhj4qDaOtrwwYJImDJw/R86ty
Vh+wQe7763XzLK7yDWi9ES12a6YKyI1H8q+lFivVsHwata8KYvE8/vdLO/O/1vhG
hHs3bhbu5uXsrBnMGW+KhMUPyNdF2VWd9wZ0mXYYRIuW6ntsjFCCz+vqb7fBAmMt
ajjTMhU5bVdnjWvXxWnZPa/vPEnT6QFda5SivAlEcQ99XE3H/FnvEqpVrKJozsxt
iHBqV4E66L7UUoPWqlfUc6+qZMfuswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC/R
zOs/6wJ89xtzYUe+3USDB0gmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRjY3MDg4MjIxQjgxMUYwQUQyMUE5OTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHnOCAMA0GCSqGSIb3DQEBCwUA
A4IBAQAsQYn2NSzn0QGazCjzgoInPtLI15HvSIhqvaG2gX8NPFvl0wkl6MafGl8T
gk9krcxE1SIWVPtTXFHnY3YhZOxcnAS06P3cGYL9bE1dA6qZMvnyr7DMDPX8jwno
yE6R6wfQtkPevYQLmq5HDAsrYm88ZOm5RpiTTa0RbISyry62VPVlVdqpqdFkq0Sv
GpWobpSo1pdfokZMhIAOYTQAL8RaA52jqJ3w1DQ9LmUC0QLn70BwQJkpN2f6u0OT
4dRQjfHijsLry4EgQBkGQvdmRDNTPxF68UlvY+f8rWPUM+7NXhTf0SxUZ7BSk63B
Od0GUuaYM7B3A92UVhG7WWcSBCdS
-----END CERTIFICATE-----
Generated at Sat Apr 26 23:02:31 2025 by rpki-client