Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68549496F43C11EFBD5725AC762E951A.roa
File: 68549496F43C11EFBD5725AC762E951A.roa (raw, json)
Hash identifier: uKPIu6iDrbLhzwtEDWWuVMAWNZNkg5op6DnV0YYLMrc=
Subject key identifier: EC:86:3F:14:4A:AB:B3:A8:A1:8C:64:86:0D:AD:65:50:72:9E:8C:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013260
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68549496F43C11EFBD5725AC762E951A.roa
Signing time: Wed 26 Feb 2025 12:22:56 +0000
ROA not before: Wed 26 Feb 2025 12:22:52 +0000
ROA not after: Thu 19 Feb 2026 12:22:52 +0000
asID: 984
IP address blocks: 156.252.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78432 (0x13260)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 12:22:52 2025 GMT
Not After : Feb 19 12:22:52 2026 GMT
Subject: CN=67bf07a0-907b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0e:32:4f:84:5e:35:f8:44:49:02:42:5b:d8:
3b:ce:35:28:8d:00:bc:93:b9:ed:1a:65:f4:97:dc:
80:ba:04:b7:78:88:8c:b6:7a:9e:62:f5:e6:76:e5:
fe:33:fc:32:5c:be:af:03:e3:09:f7:87:35:49:2d:
b7:8b:e1:e6:41:e6:a8:ac:d8:b0:34:1a:cc:2f:f9:
c4:62:5e:87:db:d8:db:99:85:6b:07:2d:47:69:96:
7a:59:2c:fd:f1:d1:4f:18:5c:a6:11:2b:87:f3:56:
38:75:c6:27:fc:2a:a7:06:87:3f:45:c5:48:2d:82:
ee:0c:82:c0:de:12:42:8c:4a:e0:80:ea:0f:43:36:
0f:3d:c3:b8:f9:41:b0:40:fb:0b:d2:60:68:14:60:
aa:75:4d:12:74:cd:b4:50:40:2b:90:c8:52:9a:94:
cf:54:c8:1d:3b:53:7d:d2:58:22:80:d6:63:f4:eb:
e0:e3:d9:f7:02:75:1e:ab:eb:40:53:f3:16:2a:c7:
be:52:07:b5:4d:3e:f1:4b:fd:e0:82:ab:7e:e2:45:
14:e0:f2:87:f7:36:7e:13:75:c0:84:63:91:19:03:
2d:e5:9d:5a:77:92:5b:de:54:d3:a5:69:b5:c0:41:
fb:78:e6:f4:8a:1b:01:81:9f:e9:45:ec:2c:49:c5:
cb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:86:3F:14:4A:AB:B3:A8:A1:8C:64:86:0D:AD:65:50:72:9E:8C:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68549496F43C11EFBD5725AC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.141.0/24
Signature Algorithm: sha256WithRSAEncryption
40:51:67:cd:45:03:bd:9d:af:0d:5d:34:cf:67:53:0e:1c:ed:
23:1a:7c:62:12:63:ec:81:bd:ef:ab:c9:70:84:59:dd:54:9e:
e7:a9:23:b2:52:73:9d:c8:9a:e4:3e:5f:fa:2f:79:93:e6:98:
f9:24:62:c6:7e:bf:ea:c6:b7:7d:df:6b:42:e8:1e:7d:ae:1a:
60:9c:db:21:0b:5e:9f:37:9c:f8:9a:6e:c2:a9:e7:9f:b2:40:
04:9a:60:e3:08:f8:37:65:49:31:0f:f4:d5:6e:4d:53:ff:04:
ee:76:4f:15:0d:38:d9:d8:35:0d:bd:4c:54:a6:36:00:ba:c7:
e7:8a:45:f6:47:97:b4:f0:ca:e4:a3:93:26:38:ba:19:ea:08:
44:28:e3:d6:d9:2c:6a:ce:d9:63:a3:11:e5:1d:14:ef:bb:1a:
2a:f8:5e:d1:2d:3a:3c:44:3a:f1:a4:f9:31:56:41:24:d1:7b:
15:21:7d:e0:59:cc:4e:a5:d9:51:4a:13:91:70:87:87:b8:4a:
f3:1b:27:cf:db:5d:10:08:06:30:ce:ba:df:d3:27:17:b3:79:
d6:fc:c3:f8:02:d9:87:ac:dc:7d:83:10:e2:64:2e:61:e3:ea:
96:55:b5:6b:37:16:12:29:b7:ed:bd:f9:db:d6:e5:d1:b7:16:
5a:2f:5d:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATJgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTIyMjUyWhcNMjYwMjE5MTIyMjUyWjAYMRYw
FAYDVQQDEw02N2JmMDdhMC05MDdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAww4yT4ReNfhESQJCW9g7zjUojQC8k7ntGmX0l9yAugS3eIiMtnqeYvXm
duX+M/wyXL6vA+MJ94c1SS23i+HmQeaorNiwNBrML/nEYl6H29jbmYVrBy1HaZZ6
WSz98dFPGFymESuH81Y4dcYn/CqnBoc/RcVILYLuDILA3hJCjErggOoPQzYPPcO4
+UGwQPsL0mBoFGCqdU0SdM20UEArkMhSmpTPVMgdO1N90lgigNZj9Ovg49n3AnUe
q+tAU/MWKse+Uge1TT7xS/3ggqt+4kUU4PKH9zZ+E3XAhGORGQMt5Z1ad5Jb3lTT
pWm1wEH7eOb0ihsBgZ/pRewsScXLAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOyG
PxRKq7OooYxkhg2tZVBynoyaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82ODU0OTQ5NkY0M0MxMUVGQkQ1NzI1QUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPyNMA0GCSqGSIb3DQEBCwUA
A4IBAQBAUWfNRQO9na8NXTTPZ1MOHO0jGnxiEmPsgb3vq8lwhFndVJ7nqSOyUnOd
yJrkPl/6L3mT5pj5JGLGfr/qxrd932tC6B59rhpgnNshC16fN5z4mm7CqeefskAE
mmDjCPg3ZUkxD/TVbk1T/wTudk8VDTjZ2DUNvUxUpjYAusfnikX2R5e08Mrko5Mm
OLoZ6ghEKOPW2SxqztljoxHlHRTvuxoq+F7RLTo8RDrxpPkxVkEk0XsVIX3gWcxO
pdlRShORcIeHuErzGyfP210QCAYwzrrf0ycXs3nW/MP4AtmHrNx9gxDiZC5h4+qW
VbVrNxYSKbftvfnb1uXRtxZaL11s
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:08 2025 by rpki-client