Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/524AF1460CB911F0AD670884762E951A.roa
File: 524AF1460CB911F0AD670884762E951A.roa (raw, json)
Hash identifier: crQus2GhI9q9Im7HTHUhETYvLmlgI7knWNrmkSQNIsI=
Subject key identifier: 6F:99:22:CA:B6:5A:39:A6:3F:F2:60:1B:65:08:5F:D3:B3:71:BC:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0148A8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/524AF1460CB911F0AD670884762E951A.roa
Signing time: Sat 29 Mar 2025 16:17:34 +0000
ROA not before: Sat 29 Mar 2025 16:17:30 +0000
ROA not after: Sun 06 Apr 2025 16:17:30 +0000
asID: 136970
IP address blocks: 156.236.64.0/24 maxlen: 24
156.236.65.0/24 maxlen: 24
156.236.67.0/24 maxlen: 24
156.236.68.0/24 maxlen: 24
156.236.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 16:17:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84136 (0x148a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 29 16:17:30 2025 GMT
Not After : Apr 6 16:17:30 2025 GMT
Subject: CN=67e81d1e-01b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:f7:23:0c:ea:5c:ca:23:05:a2:bc:4b:b2:
35:e8:ff:ab:ab:c4:6a:b6:a9:eb:a6:76:d1:b9:a4:
6d:a3:5d:6d:d1:1a:ac:54:9a:1d:c4:0e:45:52:fb:
4e:0f:84:75:f8:7c:a2:04:c2:2d:6b:82:fe:d9:bb:
f1:a7:63:b1:c4:be:94:ea:c5:9c:84:b3:5e:f2:93:
a5:32:f3:8c:ab:56:83:84:1c:96:ad:54:4b:96:3e:
6c:cd:de:2b:10:c7:53:1b:75:92:52:20:b4:77:c7:
9b:7b:ed:f2:f9:5c:31:af:36:1f:42:b1:65:de:6a:
90:68:c1:15:0a:a7:d8:a0:46:5e:a0:48:5c:39:cb:
b9:82:d7:8f:4e:0c:9b:96:8d:6f:f9:75:0c:ac:3e:
be:6a:70:7d:b6:d1:cc:82:80:b2:4d:b8:07:9b:8c:
5b:bf:cf:d4:f0:66:31:ac:cd:d9:6c:96:52:76:83:
9b:69:46:71:e2:fe:e3:95:06:f4:0f:b2:f1:11:16:
6d:42:cc:f0:09:e8:2e:a6:79:78:33:c0:84:77:45:
ee:82:56:45:c3:f4:e2:75:1f:da:a9:fd:3c:1e:9b:
d1:98:a0:07:c3:1c:f3:91:61:35:85:3f:49:a7:fb:
2e:0a:b7:e3:52:45:15:8b:2d:52:cf:f5:95:66:66:
62:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:99:22:CA:B6:5A:39:A6:3F:F2:60:1B:65:08:5F:D3:B3:71:BC:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/524AF1460CB911F0AD670884762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.64.0/23
156.236.67.0-156.236.69.255
Signature Algorithm: sha256WithRSAEncryption
5f:22:3a:b0:eb:8e:83:85:5c:4d:76:59:d9:07:e9:f0:df:d5:
07:1e:fc:15:d0:51:97:06:20:85:04:a6:00:ce:de:52:59:96:
b8:e3:5c:72:47:ea:49:84:b7:55:37:31:6d:3b:2c:df:07:ef:
01:f1:f5:90:26:39:4d:e7:f3:cc:e3:bf:52:83:22:03:39:1d:
7a:3f:da:d4:d2:c2:2b:54:c8:76:43:31:d3:a7:e3:a5:16:58:
0b:f1:e8:7e:58:c7:4a:38:ea:d1:58:c4:81:d1:da:0b:25:92:
12:41:9f:ed:b5:b1:56:7b:04:70:1c:8d:6e:d2:47:16:8a:03:
44:0e:f7:fd:0d:b8:77:f7:4e:f3:e6:8e:c7:b3:49:e0:f4:cc:
3f:5f:c7:3f:67:47:0c:b4:2d:b6:72:ee:d7:ba:3d:c5:36:43:
cd:b9:54:7d:8b:48:7c:28:ca:e3:6a:1b:76:c3:b9:2b:7d:a6:
e8:a1:8e:cd:c3:ee:bb:1a:0d:6b:46:a7:da:fe:90:df:a2:68:
fb:58:f9:94:db:9d:97:4d:62:da:b2:52:37:3e:05:e9:2f:76:
c4:a3:80:a9:48:11:04:db:35:38:14:f5:f2:0b:0d:7f:a5:63:
54:79:21:3e:ed:1c:de:8c:d9:39:03:d6:97:db:a2:06:45:5b:
fb:77:a1:4d
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUioMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTYxNzMwWhcNMjUwNDA2MTYxNzMwWjAYMRYw
FAYDVQQDEw02N2U4MWQxZS0wMWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs7L3IwzqXMojBaK8S7I16P+rq8RqtqnrpnbRuaRto11t0RqsVJodxA5F
UvtOD4R1+HyiBMIta4L+2bvxp2OxxL6U6sWchLNe8pOlMvOMq1aDhByWrVRLlj5s
zd4rEMdTG3WSUiC0d8ebe+3y+VwxrzYfQrFl3mqQaMEVCqfYoEZeoEhcOcu5gteP
Tgyblo1v+XUMrD6+anB9ttHMgoCyTbgHm4xbv8/U8GYxrM3ZbJZSdoObaUZx4v7j
lQb0D7LxERZtQszwCegupnl4M8CEd0XuglZFw/TidR/aqf08HpvRmKAHwxzzkWE1
hT9Jp/suCrfjUkUViy1Sz/WVZmZi3wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFG+Z
Isq2WjmmP/JgG2UIX9OzcbyvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MjRBRjE0NjBDQjkxMUYwQUQ2NzA4ODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBnOxAMAwDBACc7EMDBAGc7EQw
DQYJKoZIhvcNAQELBQADggEBAF8iOrDrjoOFXE12WdkH6fDf1Qce/BXQUZcGIIUE
pgDO3lJZlrjjXHJH6kmEt1U3MW07LN8H7wHx9ZAmOU3n88zjv1KDIgM5HXo/2tTS
witUyHZDMdOn46UWWAvx6H5Yx0o46tFYxIHR2gslkhJBn+21sVZ7BHAcjW7SRxaK
A0QO9/0NuHf3TvPmjsezSeD0zD9fxz9nRwy0LbZy7te6PcU2Q825VH2LSHwoyuNq
G3bDuSt9puihjs3D7rsaDWtGp9r+kN+iaPtY+ZTbnZdNYtqyUjc+BekvdsSjgKlI
EQTbNTgU9fILDX+lY1R5IT7tHN6M2TkD1pfbogZFW/t3oU0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:14 2025 by rpki-client