Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2C36F3613BE11F08FDD268C762E951A.roa
File: D2C36F3613BE11F08FDD268C762E951A.roa (raw, json)
Hash identifier: RqTXE7O49cCCmPFFDXNN9PWwWDERwIAMfB0cEMqEp4o=
Subject key identifier: 1D:DB:02:F1:15:C0:A8:C6:60:2E:74:D0:8D:69:46:2A:40:27:C9:15
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A7A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2C36F3613BE11F08FDD268C762E951A.roa
Signing time: Mon 07 Apr 2025 14:44:35 +0000
ROA not before: Mon 07 Apr 2025 14:44:31 +0000
ROA not after: Sat 10 May 2025 14:44:31 +0000
asID: 7018
IP address blocks: 156.230.1.0/24 maxlen: 24
156.238.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84602 (0x14a7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 7 14:44:31 2025 GMT
Not After : May 10 14:44:31 2025 GMT
Subject: CN=67f3e4d3-6691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1e:3a:de:b5:2b:e7:22:da:a7:d6:4a:19:93:
9c:2b:2b:bf:46:82:69:6c:ba:22:1d:a5:23:28:14:
67:a4:56:bc:07:33:ae:f3:1c:4f:f8:b4:bd:0d:81:
77:67:72:29:5e:7c:4e:43:20:4a:8e:58:dd:18:6f:
89:62:a4:84:62:d8:8c:f2:b0:0c:13:d9:29:b7:4a:
ed:66:74:29:93:df:b2:bb:22:fe:81:e5:08:d6:28:
72:31:dd:2b:dc:0f:b2:eb:73:bd:d7:74:c1:54:79:
aa:b7:ee:5b:6b:16:3e:39:83:71:52:a0:ae:cc:ef:
76:cf:69:66:5f:05:60:62:2d:c3:ce:a4:48:b9:fc:
f3:06:c7:76:ab:9d:db:d1:fc:51:15:b7:19:e7:31:
37:a0:8d:4d:e6:bd:98:75:1d:d8:f1:e1:63:ff:89:
dd:7e:a7:37:2c:d2:a1:0a:36:11:3f:12:4b:77:32:
1f:2e:85:de:be:34:4c:4b:3c:89:fb:1c:0c:fd:ab:
df:21:1b:be:0b:bd:61:bd:0b:7c:1d:0e:b8:fc:97:
d4:2c:06:a8:fa:c0:eb:ae:12:b7:f8:a2:66:72:73:
1a:ef:3e:44:61:aa:ed:ed:a3:24:59:a0:88:64:77:
77:5c:ba:2a:d2:e0:2d:60:a4:6b:55:e4:6d:2a:e3:
8c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DB:02:F1:15:C0:A8:C6:60:2E:74:D0:8D:69:46:2A:40:27:C9:15
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2C36F3613BE11F08FDD268C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.1.0/24
156.238.12.0/24
Signature Algorithm: sha256WithRSAEncryption
22:da:f7:7c:3c:5a:0d:46:fd:fa:66:25:ec:dd:e4:9a:56:16:
d8:fe:a6:67:a3:94:6a:60:41:ad:09:6e:f4:c1:89:bc:3e:05:
43:70:53:2a:52:ac:68:0d:ae:2d:45:79:44:ac:6b:29:cf:da:
13:74:97:9c:f5:79:f4:4e:02:40:13:b3:3a:c8:bc:b1:c0:c6:
29:41:e0:ac:a0:80:ac:9c:c6:1d:25:57:83:6b:7f:8e:c7:f4:
de:be:ac:c7:07:1b:44:9d:4b:8a:95:96:a2:b9:8a:56:34:68:
09:ce:19:74:ad:55:63:80:8f:0a:a8:03:83:c1:8f:cc:43:7c:
f1:b6:b3:ec:a2:03:bd:4c:27:e4:d9:00:32:b8:b3:ee:5d:ca:
03:a2:7b:03:b8:fe:8c:a3:76:f2:7b:5d:2b:23:a9:a7:53:3d:
4f:97:65:2f:26:cf:85:60:35:a9:34:28:2f:01:d8:cb:43:2e:
e7:7e:3a:33:4d:48:8b:9e:ef:f3:95:5d:35:b9:89:95:22:af:
1b:71:42:c4:9c:19:da:82:1f:7e:8c:a0:11:26:75:04:3d:2f:
d9:ea:d2:17:35:9d:c6:d3:64:2f:46:47:eb:d0:3a:8a:4b:f1:
bd:14:19:48:53:8d:ed:30:bb:86:b0:a4:fa:76:bf:38:ee:be:
f2:21:88:6b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUp6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA3MTQ0NDMxWhcNMjUwNTEwMTQ0NDMxWjAYMRYw
FAYDVQQDEw02N2YzZTRkMy02NjkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsB463rUr5yLap9ZKGZOcKyu/RoJpbLoiHaUjKBRnpFa8BzOu8xxP+LS9
DYF3Z3IpXnxOQyBKjljdGG+JYqSEYtiM8rAME9kpt0rtZnQpk9+yuyL+geUI1ihy
Md0r3A+y63O913TBVHmqt+5baxY+OYNxUqCuzO92z2lmXwVgYi3DzqRIufzzBsd2
q53b0fxRFbcZ5zE3oI1N5r2YdR3Y8eFj/4ndfqc3LNKhCjYRPxJLdzIfLoXevjRM
SzyJ+xwM/avfIRu+C71hvQt8HQ64/JfULAao+sDrrhK3+KJmcnMa7z5EYart7aMk
WaCIZHd3XLoq0uAtYKRrVeRtKuOMpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB3b
AvEVwKjGYC500I1pRipAJ8kVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMkMzNkYzNjEzQkUxMUYwOEZERDI2OEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOYBAwQAnO4MMA0GCSqGSIb3
DQEBCwUAA4IBAQAi2vd8PFoNRv36ZiXs3eSaVhbY/qZno5RqYEGtCW70wYm8PgVD
cFMqUqxoDa4tRXlErGspz9oTdJec9Xn0TgJAE7M6yLyxwMYpQeCsoICsnMYdJVeD
a3+Ox/TevqzHBxtEnUuKlZaiuYpWNGgJzhl0rVVjgI8KqAODwY/MQ3zxtrPsogO9
TCfk2QAyuLPuXcoDonsDuP6Mo3bye10rI6mnUz1Pl2UvJs+FYDWpNCgvAdjLQy7n
fjozTUiLnu/zlV01uYmVIq8bcULEnBnagh9+jKARJnUEPS/Z6tIXNZ3G02QvRkfr
0DqKS/G9FBlIU43tMLuGsKT6dr847r7yIYhr
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:09:25 2025 by rpki-client