Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/58930890F44511EFA01F116D762E951A.roa
File: 58930890F44511EFA01F116D762E951A.roa (raw, json)
Hash identifier: IPnpH2Gm+XCYaktaXQjyQMP+6wQPTRjchmkQnhBKPR8=
Subject key identifier: 06:B6:4D:31:52:F1:33:53:15:4A:C9:3C:DD:24:8E:92:5C:48:B8:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013321
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/58930890F44511EFA01F116D762E951A.roa
Signing time: Wed 26 Feb 2025 13:26:55 +0000
ROA not before: Wed 26 Feb 2025 13:26:51 +0000
ROA not after: Thu 19 Feb 2026 13:26:51 +0000
asID: 984
IP address blocks: 156.252.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78625 (0x13321)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 13:26:51 2025 GMT
Not After : Feb 19 13:26:51 2026 GMT
Subject: CN=67bf169f-022c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:29:a6:d8:f3:f9:d5:f0:d9:1c:0b:4f:4d:ae:
b0:02:b3:61:6f:38:87:9a:c1:14:ba:56:e2:1f:2d:
94:ab:be:24:d7:6e:01:43:73:8a:f2:dc:ec:48:85:
3b:bb:17:a4:cc:f9:b8:b5:23:8c:74:3f:30:5a:76:
5f:60:dc:45:1a:ee:c4:64:5e:5c:9d:dc:79:b1:6b:
a2:0f:54:20:9b:28:d6:d7:25:ba:4e:de:17:73:12:
dd:fd:23:f8:af:d9:95:e6:2f:5c:7d:93:d7:81:d5:
84:39:91:65:a3:e6:78:d7:ed:47:44:42:3a:65:a6:
6e:6f:fc:d9:b2:be:55:49:8c:42:a7:fc:af:5d:11:
8c:00:71:a2:95:5e:e5:0c:8c:23:40:03:7a:90:81:
fe:d9:26:82:01:0c:fc:22:e8:4e:17:62:86:92:5a:
cd:20:e6:02:8b:49:81:39:5d:70:97:b6:8f:b4:11:
9f:42:8b:14:c0:48:9a:2a:c0:9f:6a:df:ef:a3:58:
da:42:31:8c:32:8d:9f:0b:2f:8d:4e:d0:f3:62:35:
33:65:ed:6b:d1:c4:b4:03:5d:9b:b7:10:12:79:38:
e7:ad:bc:2a:23:38:db:71:f7:2f:0f:6b:2d:30:b2:
51:40:a7:76:fc:73:39:08:a6:56:f4:79:13:67:07:
cc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B6:4D:31:52:F1:33:53:15:4A:C9:3C:DD:24:8E:92:5C:48:B8:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/58930890F44511EFA01F116D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.168.0/24
Signature Algorithm: sha256WithRSAEncryption
91:fd:18:6d:bc:3e:55:d4:1a:3d:1b:26:d6:5c:23:de:ef:22:
f4:16:ab:7c:c0:0e:de:3c:87:f3:44:15:04:81:58:a3:f0:5e:
5c:d6:67:f6:73:8f:4d:43:03:f0:75:05:71:db:23:c2:06:ec:
c1:2f:a0:2c:87:44:42:6f:f4:5b:ba:2c:b3:dd:b8:09:d5:fd:
31:8a:67:4a:ce:00:fd:f6:b6:85:78:13:9b:78:63:6d:8a:15:
e0:32:de:d4:5d:25:75:26:55:18:a1:f0:dd:89:4f:a9:83:a5:
79:9c:ca:db:93:5f:18:51:d6:35:35:f2:64:94:63:90:3f:78:
66:d6:af:ad:c1:f6:b3:b1:3f:55:cb:f8:3f:4c:e7:ac:18:c6:
18:78:e1:fc:6b:df:3a:57:f1:7c:30:91:c7:06:12:1e:10:00:
a4:e7:3b:26:38:db:32:38:f1:fb:76:23:e6:dc:01:5c:34:74:
5a:50:8a:91:8f:00:dd:ec:a6:bf:d7:29:0e:c0:be:80:ea:c3:
0b:27:c4:00:ff:1a:f7:9f:f1:1f:48:e2:30:7d:ca:99:26:f7:
5e:61:b4:97:5d:cc:61:1e:d4:12:c5:d1:64:af:34:71:fc:90:
61:51:3e:86:e9:6e:10:60:78:cb:85:c2:16:18:9f:fb:da:43:
62:04:bc:89
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATMhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTMyNjUxWhcNMjYwMjE5MTMyNjUxWjAYMRYw
FAYDVQQDEw02N2JmMTY5Zi0wMjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6ymm2PP51fDZHAtPTa6wArNhbziHmsEUulbiHy2Uq74k124BQ3OK8tzs
SIU7uxekzPm4tSOMdD8wWnZfYNxFGu7EZF5cndx5sWuiD1QgmyjW1yW6Tt4XcxLd
/SP4r9mV5i9cfZPXgdWEOZFlo+Z41+1HREI6ZaZub/zZsr5VSYxCp/yvXRGMAHGi
lV7lDIwjQAN6kIH+2SaCAQz8IuhOF2KGklrNIOYCi0mBOV1wl7aPtBGfQosUwEia
KsCfat/vo1jaQjGMMo2fCy+NTtDzYjUzZe1r0cS0A12btxASeTjnrbwqIzjbcfcv
D2stMLJRQKd2/HM5CKZW9HkTZwfMywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAa2
TTFS8TNTFUrJPN0kjpJcSLhNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81ODkzMDg5MEY0NDUxMUVGQTAxRjExNkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPyoMA0GCSqGSIb3DQEBCwUA
A4IBAQCR/RhtvD5V1Bo9GybWXCPe7yL0Fqt8wA7ePIfzRBUEgVij8F5c1mf2c49N
QwPwdQVx2yPCBuzBL6Ash0RCb/Rbuiyz3bgJ1f0ximdKzgD99raFeBObeGNtihXg
Mt7UXSV1JlUYofDdiU+pg6V5nMrbk18YUdY1NfJklGOQP3hm1q+twfazsT9Vy/g/
TOesGMYYeOH8a986V/F8MJHHBhIeEACk5zsmONsyOPH7diPm3AFcNHRaUIqRjwDd
7Ka/1ykOwL6A6sMLJ8QA/xr3n/EfSOIwfcqZJvdeYbSXXcxhHtQSxdFkrzRx/JBh
UT6G6W4QYHjLhcIWGJ/72kNiBLyJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:28 2025 by rpki-client