Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/A68FFBEE0BAA11F08ABAA875762E951A.roa
File: A68FFBEE0BAA11F08ABAA875762E951A.roa (raw, json)
Hash identifier: vaVFc0m3yn/GqcOamb3JmfLjGWDnPMMjwVhW5NvGaKU=
Subject key identifier: 7D:40:31:6C:A5:CD:A9:97:76:3E:54:A7:02:3E:60:E8:75:A0:67:C9
Certificate issuer: /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial: 0C6B
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access: rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/A68FFBEE0BAA11F08ABAA875762E951A.roa
Signing time: Fri 28 Mar 2025 08:00:02 +0000
ROA not before: Fri 28 Mar 2025 07:59:58 +0000
ROA not after: Wed 28 Mar 2035 07:59:58 +0000
asID: 44259
IP address blocks: 192.142.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3179 (0xc6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3669D6BAR
Validity
Not Before: Mar 28 07:59:58 2025 GMT
Not After : Mar 28 07:59:58 2035 GMT
Subject: CN=67e65701-fbba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1a:41:02:cd:5a:41:27:48:c3:c7:a5:5f:99:
c0:b9:aa:a4:4c:10:86:29:d5:82:9a:47:a6:14:2f:
14:34:df:2b:24:84:da:a0:f0:99:76:d4:f3:6d:40:
53:cb:83:4e:ff:4d:6d:1c:81:4a:14:76:40:8d:a3:
87:03:2c:b3:b3:60:80:60:8b:b4:9d:61:b0:97:d9:
b4:cb:28:c6:7c:01:02:60:e3:b1:4b:2a:95:16:1b:
fb:f4:21:5c:8b:3f:ff:bc:d0:d8:fd:21:66:4b:2d:
5c:66:2c:ad:86:f7:66:d3:f2:c9:34:e7:a0:fe:72:
36:27:3f:5b:47:c6:60:28:10:ba:24:57:ff:cd:1d:
2f:14:0a:f1:6a:56:ef:82:1e:cb:a9:1e:9a:a7:fa:
5a:33:04:dd:63:b0:12:34:b0:34:ad:f3:3e:8f:c5:
15:21:90:1d:18:0a:b8:01:c2:c0:48:d6:29:27:3a:
72:fd:5d:be:16:9c:05:7f:90:af:dc:11:37:f0:ec:
27:8f:fd:39:1d:e5:59:92:91:74:e8:52:4f:1f:57:
44:46:8f:8e:a6:43:8a:3b:48:8a:fb:c2:a5:04:88:
9c:a0:c9:d4:61:5f:7a:6b:e8:57:5d:54:b5:2e:1d:
da:98:b7:55:53:97:fd:5c:f7:3c:8e:6e:7f:83:2d:
c8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:40:31:6C:A5:CD:A9:97:76:3E:54:A7:02:3E:60:E8:75:A0:67:C9
X509v3 Authority Key Identifier:
keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/A68FFBEE0BAA11F08ABAA875762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
192.142.50.0/24
Signature Algorithm: sha256WithRSAEncryption
91:93:24:7f:12:67:47:be:40:aa:40:b1:a2:5e:d2:8a:1c:46:
54:74:f0:d7:49:49:c2:b2:ea:01:a6:3b:61:e6:2a:95:1f:d9:
04:0a:af:a2:8c:ec:37:04:2a:75:0f:2a:9a:83:ac:de:cc:b0:
db:00:7f:b3:cb:cc:5e:41:af:e7:11:b8:83:c7:d5:40:68:28:
71:b5:42:21:7c:df:6a:71:0f:e9:b1:6a:b4:4f:e2:36:b8:c6:
8a:2e:0f:f9:f8:1b:10:97:9f:a0:46:16:2c:3e:96:84:f6:7a:
ab:0a:04:29:fb:9e:12:8b:5c:82:fe:75:54:55:af:9b:5c:23:
b6:42:50:75:95:89:14:7d:71:38:28:c3:d2:7c:b0:1b:46:37:
21:c7:5a:45:99:8f:75:91:2a:76:0f:de:5f:a5:5d:1e:00:c7:
7d:2b:59:0e:f0:7c:d5:d7:1c:11:24:b2:21:1c:c2:ec:50:2c:
98:93:7d:4e:cc:55:9f:a1:3d:29:67:2c:12:ba:df:f3:2d:20:
2a:78:15:67:ab:ce:19:13:71:c4:38:9c:4c:6c:b5:2a:90:8d:
20:2c:b0:f7:07:b5:d7:6b:82:af:b5:20:0d:ce:bd:ed:b7:a0:
1e:9c:5d:e9:6d:a9:70:94:fb:4f:af:27:6a:75:d1:20:ca:d0:
14:68:d0:24
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDGswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yNTAzMjgwNzU5NThaFw0zNTAzMjgwNzU5NThaMBgxFjAU
BgNVBAMTDTY3ZTY1NzAxLWZiYmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQClGkECzVpBJ0jDx6VfmcC5qqRMEIYp1YKaR6YULxQ03yskhNqg8Jl21PNt
QFPLg07/TW0cgUoUdkCNo4cDLLOzYIBgi7SdYbCX2bTLKMZ8AQJg47FLKpUWG/v0
IVyLP/+80Nj9IWZLLVxmLK2G92bT8sk056D+cjYnP1tHxmAoELokV//NHS8UCvFq
Vu+CHsupHpqn+lozBN1jsBI0sDSt8z6PxRUhkB0YCrgBwsBI1iknOnL9Xb4WnAV/
kK/cETfw7CeP/Tkd5VmSkXToUk8fV0RGj46mQ4o7SIr7wqUEiJygydRhX3pr6Fdd
VLUuHdqYt1VTl/1c9zyObn+DLcjNAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUfUAx
bKXNqZd2PlSnAj5g6HWgZ8kwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4L0E2OEZGQkVFMEJBQTExRjA4QUJBQTg3NTc2MkU5NTFBLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAjjIwDQYJKoZIhvcNAQELBQAD
ggEBAJGTJH8SZ0e+QKpAsaJe0oocRlR08NdJScKy6gGmO2HmKpUf2QQKr6KM7DcE
KnUPKpqDrN7MsNsAf7PLzF5Br+cRuIPH1UBoKHG1QiF832pxD+mxarRP4ja4xoou
D/n4GxCXn6BGFiw+loT2eqsKBCn7nhKLXIL+dVRVr5tcI7ZCUHWViRR9cTgow9J8
sBtGNyHHWkWZj3WRKnYP3l+lXR4Ax30rWQ7wfNXXHBEksiEcwuxQLJiTfU7MVZ+h
PSlnLBK63/MtICp4FWerzhkTccQ4nExstSqQjSAssPcHtddrgq+1IA3Ove23oB6c
XeltqXCU+0+vJ2p10SDK0BRo0CQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:11:15 2025 by rpki-client