Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A275460DFE911EFB3A38799762E951A.roa
File: 5A275460DFE911EFB3A38799762E951A.roa (raw, json)
Hash identifier: f+LUGuqu9a8My720HMFpuWmNs1PUzp2zQlHFG8YPPwk=
Subject key identifier: 7D:1D:67:C6:91:37:CC:75:27:B1:F3:0F:9A:09:65:A2:EF:8B:47:5F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01162F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A275460DFE911EFB3A38799762E951A.roa
Signing time: Fri 31 Jan 2025 15:38:00 +0000
ROA not before: Fri 31 Jan 2025 15:37:56 +0000
ROA not after: Sat 03 Jan 2026 15:37:56 +0000
asID: 40065
IP address blocks: 156.235.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71215 (0x1162f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 31 15:37:56 2025 GMT
Not After : Jan 3 15:37:56 2026 GMT
Subject: CN=679cee58-684b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:50:f2:4b:73:5f:51:4a:1d:ce:0f:b7:d3:bb:
26:46:30:f5:6b:be:5e:b5:e4:99:0e:8c:6a:9f:c6:
11:a4:16:e0:73:05:d2:67:8e:dc:00:4c:77:49:5e:
c4:82:78:19:59:98:5e:40:2a:35:42:af:d3:3a:e8:
aa:02:f0:bc:91:78:88:ff:14:f4:0b:dd:01:55:2d:
66:5a:ff:82:9f:4d:27:9a:03:92:f8:52:1d:88:df:
10:26:ad:d8:d8:43:31:af:2d:22:41:7b:b7:a4:33:
95:5b:71:b3:65:66:70:9f:47:b5:9e:34:e1:78:67:
48:08:fe:dc:33:d3:81:9b:6e:61:58:fa:b9:a9:b6:
36:72:19:9c:a3:57:6b:73:ac:a1:94:c0:34:6b:40:
f4:b3:f2:80:ce:f0:22:f5:6e:24:6e:28:23:f7:19:
d8:9f:0e:24:5d:74:f7:51:b0:7b:6d:e5:5c:a3:54:
03:d2:17:76:19:72:21:70:3f:49:08:f7:d0:79:d0:
7f:2e:ff:f7:5c:64:3c:91:8d:00:15:93:90:ce:fb:
fa:ac:e5:f3:41:16:1a:47:ca:ae:16:b0:d2:c6:2b:
32:fa:ab:d4:f0:84:2a:d3:a9:c7:c1:44:51:76:6e:
c1:e3:ce:6b:1d:13:a9:b9:46:41:37:da:b3:17:a2:
bd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1D:67:C6:91:37:CC:75:27:B1:F3:0F:9A:09:65:A2:EF:8B:47:5F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5A275460DFE911EFB3A38799762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.1.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:92:74:e0:df:8f:2d:e6:d6:34:5c:45:2f:b0:12:80:e9:df:
f5:e6:c9:89:35:e6:d3:2a:98:2f:b0:f6:83:b9:c2:33:a3:9b:
c4:19:20:7a:e5:ba:55:92:de:83:4d:4f:df:2b:a7:42:e5:38:
e5:d6:da:95:0e:67:7e:ba:99:2d:ab:70:cb:f9:be:66:e3:9c:
22:b4:eb:9c:08:0e:4d:a5:49:b8:7c:83:53:a3:02:83:e0:65:
13:6e:d6:31:b8:0c:f6:b8:1e:43:78:79:22:fe:c9:9a:87:8d:
02:1b:d8:51:73:6a:d7:99:76:05:2b:be:3b:dd:de:0f:d8:e2:
d4:0a:a2:03:c6:88:82:7b:83:7f:c1:f3:9e:c9:8e:35:48:4c:
00:03:cc:c2:62:5c:4d:ac:d4:5f:8d:2d:71:08:fd:67:b5:be:
b3:5a:ca:79:9f:20:c8:3d:17:9f:a8:60:43:bc:b1:6a:86:2d:
ac:0f:2b:76:03:1a:b6:84:81:c2:c7:60:59:ec:e5:c5:14:47:
6a:c6:b9:c9:26:82:db:01:26:d0:be:f0:b1:e0:6d:93:3f:64:
d8:1f:71:5c:5b:52:f8:6b:65:66:ee:72:be:48:6e:c7:9e:48:
6a:67:b7:d5:d5:b1:97:0a:82:69:4a:a1:f1:b4:8e:ca:cc:80:
e7:01:e0:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARYvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTMxMTUzNzU2WhcNMjYwMTAzMTUzNzU2WjAYMRYw
FAYDVQQDEw02NzljZWU1OC02ODRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA71DyS3NfUUodzg+307smRjD1a75eteSZDoxqn8YRpBbgcwXSZ47cAEx3
SV7EgngZWZheQCo1Qq/TOuiqAvC8kXiI/xT0C90BVS1mWv+Cn00nmgOS+FIdiN8Q
Jq3Y2EMxry0iQXu3pDOVW3GzZWZwn0e1njTheGdICP7cM9OBm25hWPq5qbY2chmc
o1drc6yhlMA0a0D0s/KAzvAi9W4kbigj9xnYnw4kXXT3UbB7beVco1QD0hd2GXIh
cD9JCPfQedB/Lv/3XGQ8kY0AFZOQzvv6rOXzQRYaR8quFrDSxisy+qvU8IQq06nH
wURRdm7B485rHROpuUZBN9qzF6K96wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH0d
Z8aRN8x1J7HzD5oJZaLvi0dfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QTI3NTQ2MERGRTkxMUVGQjNBMzg3OTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOsBMA0GCSqGSIb3DQEBCwUA
A4IBAQBuknTg348t5tY0XEUvsBKA6d/15smJNebTKpgvsPaDucIzo5vEGSB65bpV
kt6DTU/fK6dC5Tjl1tqVDmd+upktq3DL+b5m45witOucCA5NpUm4fINTowKD4GUT
btYxuAz2uB5DeHki/smah40CG9hRc2rXmXYFK7473d4P2OLUCqIDxoiCe4N/wfOe
yY41SEwAA8zCYlxNrNRfjS1xCP1ntb6zWsp5nyDIPRefqGBDvLFqhi2sDyt2Axq2
hIHCx2BZ7OXFFEdqxrnJJoLbASbQvvCx4G2TP2TYH3FcW1L4a2Vm7nK+SG7Hnkhq
Z7fV1bGXCoJpSqHxtI7KzIDnAeCL
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:32 2025 by rpki-client