Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/600963C830B111F0B83938BEDAE4EC9C.roa
File: 600963C830B111F0B83938BEDAE4EC9C.roa (raw, json)
Hash identifier: e1TpGY5yc8JXhN1r6ecDIMsisrbK1L1cwcmTgx0w85k=
Subject key identifier: BD:88:BA:6B:A8:F8:36:80:DE:1A:26:1F:8E:6C:A4:0F:4A:E9:5E:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01544A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/600963C830B111F0B83938BEDAE4EC9C.roa
Signing time: Wed 14 May 2025 10:51:23 +0000
ROA not before: Wed 14 May 2025 10:51:19 +0000
ROA not after: Sat 13 Jun 2026 10:51:19 +0000
asID: 984
IP address blocks: 156.231.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87114 (0x1544a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 14 10:51:19 2025 GMT
Not After : Jun 13 10:51:19 2026 GMT
Subject: CN=682475ab-40b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:64:2f:84:c7:ee:be:cd:b0:5f:79:0b:f7:bb:
7b:b6:0c:3e:c8:23:3e:5f:8d:6f:9d:f7:38:6a:10:
3f:ef:0b:72:68:07:55:e1:e5:7d:d9:cc:5f:f0:d9:
ce:83:c5:91:2c:28:18:1f:e4:4b:6f:a9:de:e2:e5:
f0:88:ea:f9:cc:0f:6c:65:a4:2f:45:54:3c:35:31:
29:cb:2e:f4:9f:41:52:47:41:fe:d6:35:9b:1d:cd:
3c:02:ea:36:8c:f4:98:02:d5:c0:3e:74:70:9c:f1:
91:a8:55:c5:37:dd:c4:05:fd:aa:cc:85:c4:44:f0:
35:c6:f4:f6:ec:9d:11:b4:d8:4d:dd:54:29:83:4e:
5e:1d:df:0d:96:d9:7d:ee:9a:2b:80:87:56:30:de:
03:15:e4:41:69:22:17:66:27:5d:38:3a:31:5f:d1:
30:41:36:c1:5e:8d:a0:4e:e3:8f:2e:ee:3d:e6:4e:
9e:ac:e4:ac:e9:d6:c3:db:57:84:0a:28:91:60:32:
6a:ed:a3:03:e9:38:76:f3:f0:aa:62:2b:55:ed:49:
c9:ee:8f:e4:14:f1:49:ea:d2:db:ec:9c:41:15:83:
13:81:7e:4f:98:2c:13:b2:b3:cb:00:fc:d1:29:c1:
83:f4:70:74:64:66:b2:a2:f4:30:2e:93:8e:2d:44:
21:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:88:BA:6B:A8:F8:36:80:DE:1A:26:1F:8E:6C:A4:0F:4A:E9:5E:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/600963C830B111F0B83938BEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.131.0/24
Signature Algorithm: sha256WithRSAEncryption
65:5b:d0:9b:49:31:62:a7:13:27:66:72:ce:2f:c8:30:dc:ca:
0e:59:07:71:a7:f2:c8:de:e8:62:78:c4:62:af:9b:9d:f0:b2:
b2:4b:38:4a:20:e3:0e:3b:8e:16:6b:8b:a0:0d:af:af:e1:3e:
c2:41:71:51:51:83:89:d9:33:1e:6e:05:ec:63:67:0e:d0:57:
76:59:2e:92:7b:d9:9c:bb:d3:33:56:a8:db:e8:83:4d:dc:0b:
c8:69:95:15:75:2c:a8:21:95:c6:3d:bd:a7:17:8d:62:8e:8a:
95:d0:bc:82:fe:84:7a:76:c7:c1:b1:54:ec:74:a8:b4:4b:54:
c9:c9:0a:78:15:81:33:e6:e3:95:d9:71:e6:9d:b1:07:ed:11:
4f:3a:41:0a:ac:11:3d:a1:e1:0b:69:2f:44:40:8c:44:8e:ff:
9a:6c:ac:a5:2d:bc:18:ae:74:7d:fb:a3:1e:3a:a6:0b:a9:a3:
ca:ac:68:01:3e:07:32:11:3c:8b:63:e5:66:f4:0e:f1:38:82:
a4:79:98:0c:4b:9a:ed:e9:ba:32:95:20:e9:0c:e0:77:3d:ca:
71:aa:67:a3:48:77:ee:51:d4:e0:d5:b7:70:9a:d0:ed:61:c5:
1c:5a:b0:15:9f:b6:82:0f:cc:29:ef:49:9a:01:40:df:9d:8d:
b7:bb:7b:bf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVRKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE0MTA1MTE5WhcNMjYwNjEzMTA1MTE5WjAYMRYw
FAYDVQQDEw02ODI0NzVhYi00MGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs2QvhMfuvs2wX3kL97t7tgw+yCM+X41vnfc4ahA/7wtyaAdV4eV92cxf
8NnOg8WRLCgYH+RLb6ne4uXwiOr5zA9sZaQvRVQ8NTEpyy70n0FSR0H+1jWbHc08
Auo2jPSYAtXAPnRwnPGRqFXFN93EBf2qzIXERPA1xvT27J0RtNhN3VQpg05eHd8N
ltl97porgIdWMN4DFeRBaSIXZiddODoxX9EwQTbBXo2gTuOPLu495k6erOSs6dbD
21eECiiRYDJq7aMD6Th28/CqYitV7UnJ7o/kFPFJ6tLb7JxBFYMTgX5PmCwTsrPL
APzRKcGD9HB0ZGayovQwLpOOLUQhCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL2I
umuo+DaA3homH45spA9K6V4+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MDA5NjNDODMwQjExMUYwQjgzOTM4QkVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOeDMA0GCSqGSIb3DQEBCwUA
A4IBAQBlW9CbSTFipxMnZnLOL8gw3MoOWQdxp/LI3uhieMRir5ud8LKySzhKIOMO
O44Wa4ugDa+v4T7CQXFRUYOJ2TMebgXsY2cO0Fd2WS6Se9mcu9MzVqjb6INN3AvI
aZUVdSyoIZXGPb2nF41ijoqV0LyC/oR6dsfBsVTsdKi0S1TJyQp4FYEz5uOV2XHm
nbEH7RFPOkEKrBE9oeELaS9EQIxEjv+abKylLbwYrnR9+6MeOqYLqaPKrGgBPgcy
ETyLY+Vm9A7xOIKkeZgMS5rt6boylSDpDOB3PcpxqmejSHfuUdTg1bdwmtDtYcUc
WrAVn7aCD8wp70maAUDfnY23u3u/
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:38:33 2025 by rpki-client