Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5BA24A66F42511EFBF993F8B762E951A.roa
File: 5BA24A66F42511EFBF993F8B762E951A.roa (raw, json)
Hash identifier: cjv9uwtl+poNdYgC6C5m8/of4aWxWHXjIO/gvalY7HY=
Subject key identifier: 1D:9F:5E:00:05:5B:0D:F2:03:B9:57:D2:7F:91:C7:AA:5A:80:E8:59
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01308A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5BA24A66F42511EFBF993F8B762E951A.roa
Signing time: Wed 26 Feb 2025 09:37:56 +0000
ROA not before: Wed 26 Feb 2025 09:37:52 +0000
ROA not after: Thu 19 Feb 2026 09:37:52 +0000
asID: 984
IP address blocks: 156.252.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77962 (0x1308a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 09:37:52 2025 GMT
Not After : Feb 19 09:37:52 2026 GMT
Subject: CN=67bee0f4-78dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cf:6e:ca:12:ef:ba:f7:da:cc:a5:91:bf:12:
65:78:f1:c6:85:47:d0:e7:d2:24:9c:73:66:00:d4:
9e:33:da:95:97:fe:ac:08:c3:03:07:7b:25:73:4e:
51:ea:55:1c:83:a4:f4:0a:06:ed:87:1e:83:fd:88:
11:84:31:57:72:73:f4:06:26:40:95:08:68:21:67:
47:34:65:a3:11:fc:30:77:8e:23:77:11:4f:4e:01:
c8:51:61:3e:8d:63:25:e6:0a:21:61:a3:f6:54:d0:
ca:ea:c9:32:34:53:c9:45:49:0c:da:16:06:d5:8d:
87:66:f7:d3:03:86:48:cf:c8:de:8f:1c:81:cb:52:
ee:f4:ee:ff:e2:f7:61:c9:44:8c:3f:c3:8f:03:06:
11:50:ac:4d:72:a1:7a:a0:bd:c8:5f:7c:db:93:66:
07:ea:8b:ed:76:da:63:42:2c:f3:c7:eb:de:d9:55:
a3:72:ed:91:95:03:c3:47:0b:56:25:8f:b0:c7:87:
54:37:b8:b3:3c:df:59:04:2b:21:de:9d:1a:d9:6e:
e7:27:52:0c:c0:ac:8f:f5:36:b6:54:06:7f:1f:4e:
6e:ab:a5:5a:9f:fb:7c:34:eb:43:bb:94:00:38:e6:
4d:b7:e8:49:7e:50:b6:85:6f:3d:5e:37:cd:47:6c:
f8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9F:5E:00:05:5B:0D:F2:03:B9:57:D2:7F:91:C7:AA:5A:80:E8:59
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5BA24A66F42511EFBF993F8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.62.0/24
Signature Algorithm: sha256WithRSAEncryption
07:2c:d4:11:d4:dd:37:b6:f7:03:2d:eb:5d:63:c3:06:0b:54:
bf:c4:b9:c4:f3:a9:d9:31:21:2b:83:96:48:ce:99:d8:f8:69:
7c:32:cd:1e:c9:1f:9d:5a:69:9a:d7:0f:d1:33:7a:fd:f6:d1:
0e:3e:1f:d5:a4:d9:c6:b4:e9:3c:e9:4f:9e:ee:c3:1d:2d:30:
0a:25:4d:93:28:af:a9:ce:5d:13:1c:2f:a2:ac:a1:3f:6d:bb:
46:91:2b:ba:92:4b:8f:db:71:83:a4:af:e6:5f:38:d4:74:13:
0b:7f:eb:61:dc:5a:bf:7f:4c:97:68:8e:9f:4c:74:b4:b9:ec:
08:bc:f2:1d:76:5f:11:68:31:b3:dc:de:62:4a:7d:59:56:c7:
44:2a:31:51:b2:98:b4:30:a9:cf:4c:38:89:e6:b7:78:80:55:
48:0e:97:cc:44:0b:59:34:31:39:2a:12:cf:70:be:97:b7:76:
73:eb:c1:32:e1:c5:a3:12:66:2b:39:0e:67:53:9f:06:d3:b6:
82:b4:01:5a:fc:24:05:3e:8c:be:7c:c5:bc:13:9b:f1:d0:3e:
55:1a:4a:d8:a7:60:24:ab:c4:3b:56:1e:e5:5c:b7:eb:9c:2a:
9e:13:62:a2:5d:2a:b9:ac:83:f7:0b:ef:a6:93:13:49:9f:48:
8b:51:ba:a5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATCKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDkzNzUyWhcNMjYwMjE5MDkzNzUyWjAYMRYw
FAYDVQQDEw02N2JlZTBmNC03OGRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxs9uyhLvuvfazKWRvxJlePHGhUfQ59IknHNmANSeM9qVl/6sCMMDB3sl
c05R6lUcg6T0Cgbthx6D/YgRhDFXcnP0BiZAlQhoIWdHNGWjEfwwd44jdxFPTgHI
UWE+jWMl5gohYaP2VNDK6skyNFPJRUkM2hYG1Y2HZvfTA4ZIz8jejxyBy1Lu9O7/
4vdhyUSMP8OPAwYRUKxNcqF6oL3IX3zbk2YH6ovtdtpjQizzx+ve2VWjcu2RlQPD
RwtWJY+wx4dUN7izPN9ZBCsh3p0a2W7nJ1IMwKyP9Ta2VAZ/H05uq6Van/t8NOtD
u5QAOOZNt+hJflC2hW89XjfNR2z4cwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFB2f
XgAFWw3yA7lX0n+Rx6pagOhZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QkEyNEE2NkY0MjUxMUVGQkY5OTNGOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPw+MA0GCSqGSIb3DQEBCwUA
A4IBAQAHLNQR1N03tvcDLetdY8MGC1S/xLnE86nZMSErg5ZIzpnY+Gl8Ms0eyR+d
Wmma1w/RM3r99tEOPh/VpNnGtOk86U+e7sMdLTAKJU2TKK+pzl0THC+irKE/bbtG
kSu6kkuP23GDpK/mXzjUdBMLf+th3Fq/f0yXaI6fTHS0uewIvPIddl8RaDGz3N5i
Sn1ZVsdEKjFRspi0MKnPTDiJ5rd4gFVIDpfMRAtZNDE5KhLPcL6Xt3Zz68Ey4cWj
EmYrOQ5nU58G07aCtAFa/CQFPoy+fMW8E5vx0D5VGkrYp2Akq8Q7Vh7lXLfrnCqe
E2KiXSq5rIP3C++mkxNJn0iLUbql
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:09 2025 by rpki-client