Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/60B43B6200BF11F09B5765BF762E951A.roa
File: 60B43B6200BF11F09B5765BF762E951A.roa (raw, json)
Hash identifier: c/FwxDzYVhM6nTz45ItNWJ9yYff9Oq4txosMW6dMEQc=
Subject key identifier: 3B:48:9E:04:21:3C:0F:73:A5:F8:72:8C:A7:BD:4A:FB:8C:26:C3:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0145E6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/60B43B6200BF11F09B5765BF762E951A.roa
Signing time: Fri 14 Mar 2025 10:30:41 +0000
ROA not before: Fri 14 Mar 2025 10:30:37 +0000
ROA not after: Tue 22 Apr 2025 10:30:37 +0000
asID: 142032
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83430 (0x145e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 14 10:30:37 2025 GMT
Not After : Apr 22 10:30:37 2025 GMT
Subject: CN=67d40551-24c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:72:5f:34:23:2a:df:65:45:67:04:38:49:56:
9a:38:fd:b7:1c:a8:26:b7:c5:0d:41:94:5e:90:fc:
cb:cd:92:da:b6:fa:ab:4d:30:57:cd:54:05:9f:63:
2f:1b:74:40:05:a4:a1:2f:8f:39:29:14:d3:6f:20:
38:2f:8f:2a:12:c2:fe:42:b8:48:84:96:86:46:d1:
05:38:bf:af:4b:19:2a:b1:d8:68:4e:4e:a8:f6:d1:
86:49:d0:df:e9:e9:7e:3b:de:06:97:20:79:45:1f:
98:65:2e:ef:b7:36:b4:c1:bb:14:ff:b3:89:5c:ae:
2d:10:3c:13:e1:a1:d5:11:50:46:80:bd:75:4b:fd:
7f:f9:d5:6d:99:ec:a9:9a:46:2b:0d:c8:2d:4b:32:
01:5f:0b:dc:99:bd:d2:18:09:26:22:0e:12:c2:57:
8b:35:9c:55:10:03:60:91:6e:02:69:a7:38:5e:bb:
f9:5e:f0:7b:36:48:7d:2b:78:95:bf:4c:35:eb:9d:
9c:e9:cd:76:c5:c2:e7:e9:d8:5a:7d:28:ca:f1:62:
32:f2:36:70:0b:fa:95:dd:d5:4e:86:da:5b:d5:82:
cd:d1:d5:38:09:32:57:5e:d0:62:f0:3d:e6:43:02:
12:32:fe:81:b3:98:38:76:07:9e:5a:fd:aa:6b:a6:
0b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:48:9E:04:21:3C:0F:73:A5:F8:72:8C:A7:BD:4A:FB:8C:26:C3:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/60B43B6200BF11F09B5765BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
19:35:92:de:5b:82:94:ac:9a:a8:13:a2:41:f0:56:ef:87:d5:
18:52:bf:45:59:df:84:3b:ae:1e:8f:5c:18:1d:36:01:72:9d:
8c:66:d5:5c:6d:d9:fa:94:65:16:64:94:7a:e7:ab:4a:fa:fd:
f2:38:4c:0c:50:12:d7:ef:a4:ec:1b:ee:1e:00:13:95:09:f6:
92:f8:71:e6:0e:13:59:5f:38:d3:79:08:1c:b9:5c:96:f0:ef:
a3:fc:65:3e:44:ba:58:68:f8:fb:de:5a:03:38:13:fc:5f:1e:
89:1c:5f:dd:1a:43:22:5b:a5:63:3e:29:e5:64:97:ff:0e:c7:
4f:85:75:93:24:71:ac:6c:76:83:e2:c3:0d:1b:e8:32:e7:63:
92:3a:7c:cd:d2:dc:5b:94:07:01:83:6b:56:3a:6b:33:b7:73:
94:f7:af:c1:ce:1b:a6:dc:25:71:e8:f3:30:75:2b:c9:9a:d2:
a1:18:37:ca:b9:75:8e:08:f7:a7:75:0e:75:5d:43:a0:fd:e7:
f5:f0:03:d6:ed:70:50:01:ff:ab:37:63:ee:ec:a9:ca:34:fd:
63:20:a6:0c:65:0d:e3:0f:2a:7f:3f:cf:6f:aa:f3:4f:ad:0c:
d4:cf:42:72:e2:6c:ab:e8:6c:a0:6c:06:c8:ed:ba:b4:81:53:
ce:03:76:b1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUXmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE0MTAzMDM3WhcNMjUwNDIyMTAzMDM3WjAYMRYw
FAYDVQQDEw02N2Q0MDU1MS0yNGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvXJfNCMq32VFZwQ4SVaaOP23HKgmt8UNQZRekPzLzZLatvqrTTBXzVQF
n2MvG3RABaShL485KRTTbyA4L48qEsL+QrhIhJaGRtEFOL+vSxkqsdhoTk6o9tGG
SdDf6el+O94GlyB5RR+YZS7vtza0wbsU/7OJXK4tEDwT4aHVEVBGgL11S/1/+dVt
meypmkYrDcgtSzIBXwvcmb3SGAkmIg4SwleLNZxVEANgkW4Caac4Xrv5XvB7Nkh9
K3iVv0w1652c6c12xcLn6dhafSjK8WIy8jZwC/qV3dVOhtpb1YLN0dU4CTJXXtBi
8D3mQwISMv6Bs5g4dgeeWv2qa6YLFQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDtI
ngQhPA9zpfhyjKe9SvuMJsN0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MEI0M0I2MjAwQkYxMUYwOUI1NzY1QkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQAZNZLeW4KUrJqoE6JB8Fbvh9UYUr9FWd+EO64ej1wYHTYBcp2MZtVcbdn6
lGUWZJR656tK+v3yOEwMUBLX76TsG+4eABOVCfaS+HHmDhNZXzjTeQgcuVyW8O+j
/GU+RLpYaPj73loDOBP8Xx6JHF/dGkMiW6VjPinlZJf/DsdPhXWTJHGsbHaD4sMN
G+gy52OSOnzN0txblAcBg2tWOmszt3OU96/Bzhum3CVx6PMwdSvJmtKhGDfKuXWO
CPendQ51XUOg/ef18APW7XBQAf+rN2Pu7KnKNP1jIKYMZQ3jDyp/P89vqvNPrQzU
z0Jy4myr6GygbAbI7bq0gVPOA3ax
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:59 2025 by rpki-client