Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64169434E35B11EFB9D04745762E951A.roa
File: 64169434E35B11EFB9D04745762E951A.roa (raw, json)
Hash identifier: 74U/PCdA+waQF0hN12BdaALaZibJDiLfj/gHujwkFv0=
Subject key identifier: C7:0E:EF:B3:86:FA:B5:7D:8E:32:91:66:DD:98:F8:CF:19:0A:58:AC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011AB9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64169434E35B11EFB9D04745762E951A.roa
Signing time: Wed 05 Feb 2025 00:51:53 +0000
ROA not before: Wed 05 Feb 2025 00:00:49 +0000
ROA not after: Thu 01 May 2025 00:00:49 +0000
asID: 328608
IP address blocks: 156.254.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72377 (0x11ab9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 5 00:00:49 2025 GMT
Not After : May 1 00:00:49 2025 GMT
Subject: CN=67a2b629-819b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a4:bd:74:a8:28:8f:01:b5:2f:88:3b:64:fc:
91:e4:d4:38:77:d5:d9:12:94:59:99:0f:00:2a:bc:
19:16:86:d0:71:00:a9:5c:46:4a:79:92:ff:47:6a:
e3:6c:a6:67:05:cf:b2:a1:27:61:cb:3b:82:f3:3b:
bc:c5:4b:74:d9:82:b8:aa:c1:f0:0c:d0:c8:33:50:
b8:76:fe:cb:55:83:b0:84:f1:d8:b3:c0:0d:42:4b:
a8:0d:d4:25:47:f1:d8:54:54:9f:42:d0:59:2c:1e:
2d:a0:d8:3c:42:e5:f0:9b:da:71:6e:09:ea:03:d5:
7e:04:34:1b:06:a3:7f:d8:f8:a3:3f:8d:b2:31:b2:
99:25:f7:bd:3f:c1:fe:53:27:d3:16:94:15:15:49:
92:72:2b:65:82:af:90:28:15:0e:27:7a:b9:95:74:
f3:79:5d:88:d8:34:7c:5d:f5:dd:32:f9:03:17:86:
dc:7b:ee:e2:47:5a:5f:9d:9e:1c:e5:53:e8:ad:58:
81:a0:3b:d1:6e:46:0d:d1:57:9f:0c:9e:97:d0:8f:
b9:77:2b:4d:e2:f4:2a:37:6e:49:24:02:2c:fb:29:
79:1c:6e:4a:da:b3:a8:69:d0:3f:ab:10:1a:67:e0:
8c:49:8c:1e:b4:49:04:c1:56:c4:70:f0:35:67:81:
f2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0E:EF:B3:86:FA:B5:7D:8E:32:91:66:DD:98:F8:CF:19:0A:58:AC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64169434E35B11EFB9D04745762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.32.0/19
Signature Algorithm: sha256WithRSAEncryption
8d:54:17:70:bf:bc:40:a5:34:8e:4c:e2:2a:2e:ee:c0:00:ac:
ab:10:8f:41:e4:b9:9c:cc:bd:3a:be:a3:75:35:11:46:2c:0f:
99:83:5b:5d:d8:c6:8e:ca:f5:54:17:f1:6c:46:90:8e:76:99:
76:13:4f:8f:7a:5d:59:ed:4b:c8:b5:4e:ea:2a:08:a2:66:d0:
ce:d6:07:b1:e3:8e:51:d0:cd:24:34:0b:79:b7:1e:bf:1e:12:
df:c4:0f:8b:31:5f:ee:95:43:4d:1a:52:dc:52:ea:5c:d0:65:
88:e9:64:53:c9:94:83:bf:92:2e:87:4a:25:7c:e8:a3:89:26:
1a:1e:f3:1c:f6:3d:da:02:c6:86:88:b6:e7:38:c3:64:e8:49:
92:65:69:ea:69:70:91:f4:4a:14:4d:91:57:2b:04:78:4f:4f:
f7:c4:21:0a:f5:94:67:d2:f0:66:52:b2:b6:01:48:d8:08:e7:
fd:51:ba:5c:72:fc:ec:36:7a:42:52:8d:7d:4d:1c:3b:d7:cf:
84:3f:ae:e8:d9:d4:48:f3:62:7b:61:f0:19:8c:82:1a:cf:64:
4e:bf:67:6b:06:10:ae:d8:b6:45:93:ed:63:30:51:6e:6f:9d:
5f:f0:d0:d7:b3:58:7a:02:9d:a1:b5:26:d5:9b:ef:4c:f7:67:
cb:c9:89:f5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARq5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjA1MDAwMDQ5WhcNMjUwNTAxMDAwMDQ5WjAYMRYw
FAYDVQQDEw02N2EyYjYyOS04MTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwaS9dKgojwG1L4g7ZPyR5NQ4d9XZEpRZmQ8AKrwZFobQcQCpXEZKeZL/
R2rjbKZnBc+yoSdhyzuC8zu8xUt02YK4qsHwDNDIM1C4dv7LVYOwhPHYs8ANQkuo
DdQlR/HYVFSfQtBZLB4toNg8QuXwm9pxbgnqA9V+BDQbBqN/2PijP42yMbKZJfe9
P8H+UyfTFpQVFUmScitlgq+QKBUOJ3q5lXTzeV2I2DR8XfXdMvkDF4bce+7iR1pf
nZ4c5VPorViBoDvRbkYN0VefDJ6X0I+5dytN4vQqN25JJAIs+yl5HG5K2rOoadA/
qxAaZ+CMSYwetEkEwVbEcPA1Z4HyPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMcO
77OG+rV9jjKRZt2Y+M8ZClisMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NDE2OTQzNEUzNUIxMUVGQjlEMDQ3NDU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnP4gMA0GCSqGSIb3DQEBCwUA
A4IBAQCNVBdwv7xApTSOTOIqLu7AAKyrEI9B5LmczL06vqN1NRFGLA+Zg1td2MaO
yvVUF/FsRpCOdpl2E0+Pel1Z7UvItU7qKgiiZtDO1gex445R0M0kNAt5tx6/HhLf
xA+LMV/ulUNNGlLcUupc0GWI6WRTyZSDv5Iuh0olfOijiSYaHvMc9j3aAsaGiLbn
OMNk6EmSZWnqaXCR9EoUTZFXKwR4T0/3xCEK9ZRn0vBmUrK2AUjYCOf9Ubpccvzs
NnpCUo19TRw718+EP67o2dRI82J7YfAZjIIaz2ROv2drBhCu2LZFk+1jMFFub51f
8NDXs1h6Ap2htSbVm+9M92fLyYn1
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:27 2025 by rpki-client