Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/690AEABCF45911EF89413B77762E951A.roa
File: 690AEABCF45911EF89413B77762E951A.roa (raw, json)
Hash identifier: ej+wQf7pqYfVfV/KABSoEZ8xOuR979Ae5OG/mffTStA=
Subject key identifier: 6B:47:10:74:11:A2:1F:D5:D1:7F:1E:09:E3:66:F3:31:4C:56:A1:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013473
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/690AEABCF45911EF89413B77762E951A.roa
Signing time: Wed 26 Feb 2025 15:50:33 +0000
ROA not before: Wed 26 Feb 2025 15:50:27 +0000
ROA not after: Thu 19 Feb 2026 15:50:27 +0000
asID: 984
IP address blocks: 156.231.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78963 (0x13473)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 15:50:27 2025 GMT
Not After : Feb 19 15:50:27 2026 GMT
Subject: CN=67bf3848-0b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6a:ea:72:31:d7:8d:16:62:46:ae:d0:67:b0:
1f:0d:68:ca:8f:04:c4:c3:be:3d:a2:1a:7e:19:70:
0d:3f:ae:6f:00:5b:ac:dd:dc:ef:0e:98:21:d8:5f:
af:5a:6e:8f:06:03:ce:b8:46:f5:32:c3:01:03:6e:
3d:02:c0:f8:d2:f4:79:53:c5:30:29:64:b7:61:4e:
cb:65:1a:54:e6:bd:a6:f7:8d:dd:23:03:e9:a9:56:
be:20:f6:35:24:0b:83:92:e1:2b:3b:35:b7:03:46:
a3:3c:8a:95:01:2a:1d:b1:48:5d:f0:26:dc:92:ea:
83:82:59:a2:34:b5:fa:5a:8c:46:0d:47:5d:14:54:
cc:29:42:37:37:f6:61:8d:d1:4b:f2:e4:12:13:1a:
1b:68:78:bf:07:ce:35:d3:3a:f4:9e:7a:b7:6a:b1:
2f:82:ff:f8:8c:2b:bc:9a:9a:c3:9f:fc:4e:46:55:
3b:5c:d1:14:cd:bb:04:d1:a4:95:01:17:b1:e2:ef:
c1:10:98:98:65:7a:25:90:83:73:71:1a:a5:36:fc:
f5:82:e4:15:b0:14:18:5f:3d:23:7b:de:cd:83:94:
d2:3d:a7:e2:36:83:dd:02:70:46:26:43:cf:e1:b8:
c6:bd:a3:00:48:f9:c9:32:b8:40:5b:34:0e:ec:8e:
37:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:47:10:74:11:A2:1F:D5:D1:7F:1E:09:E3:66:F3:31:4C:56:A1:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/690AEABCF45911EF89413B77762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.220.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:fd:14:b3:df:3d:10:8e:cc:ee:da:21:0e:9d:c5:66:1c:53:
26:0d:9e:cd:19:39:7d:70:51:20:9c:f5:8e:0a:1b:18:f9:21:
ea:31:ad:8d:da:fb:e9:07:de:2a:35:b0:45:b4:6d:1a:e7:83:
f1:fa:23:c5:5f:ff:70:80:0c:37:f5:52:19:d4:5c:7f:8b:2f:
c7:53:e1:f7:c6:f1:4b:f1:be:06:52:a1:bf:00:27:07:d8:1c:
ab:76:5c:78:83:5b:d5:26:a5:80:8b:1a:6c:a5:f4:20:20:fb:
1b:4a:90:cc:83:36:62:16:d1:dc:35:37:86:f2:95:2a:37:9e:
2f:33:0b:c6:3d:59:b8:bc:95:ba:02:d4:d1:32:00:a7:7d:98:
5d:cc:d4:92:20:13:5c:95:aa:3e:df:f6:89:9b:67:f8:e3:c3:
ce:91:68:eb:87:b2:cf:6a:ab:2a:7d:69:67:4d:5c:2a:e8:8d:
aa:e0:c0:ef:75:fd:b1:e2:0f:78:69:0e:f0:28:1d:65:ca:60:
eb:eb:9f:de:d2:0c:69:a6:e6:45:7e:31:e7:62:f9:d4:aa:8c:
93:bd:66:86:81:15:5a:f8:0f:3b:91:bc:34:8d:21:cd:fd:95:
93:ce:27:4b:4a:42:f9:b7:47:5b:7a:02:89:c6:61:ac:14:a7:
30:30:57:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATRzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTU1MDI3WhcNMjYwMjE5MTU1MDI3WjAYMRYw
FAYDVQQDEw02N2JmMzg0OC0wYjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsGrqcjHXjRZiRq7QZ7AfDWjKjwTEw749ohp+GXANP65vAFus3dzvDpgh
2F+vWm6PBgPOuEb1MsMBA249AsD40vR5U8UwKWS3YU7LZRpU5r2m943dIwPpqVa+
IPY1JAuDkuErOzW3A0ajPIqVASodsUhd8CbckuqDglmiNLX6WoxGDUddFFTMKUI3
N/ZhjdFL8uQSExobaHi/B8410zr0nnq3arEvgv/4jCu8mprDn/xORlU7XNEUzbsE
0aSVARex4u/BEJiYZXolkINzcRqlNvz1guQVsBQYXz0je97Ng5TSPafiNoPdAnBG
JkPP4bjGvaMASPnJMrhAWzQO7I43gwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGtH
EHQRoh/V0X8eCeNm8zFMVqFsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OTBBRUFCQ0Y0NTkxMUVGODk0MTNCNzc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOfcMA0GCSqGSIb3DQEBCwUA
A4IBAQAf/RSz3z0Qjszu2iEOncVmHFMmDZ7NGTl9cFEgnPWOChsY+SHqMa2N2vvp
B94qNbBFtG0a54Px+iPFX/9wgAw39VIZ1Fx/iy/HU+H3xvFL8b4GUqG/ACcH2Byr
dlx4g1vVJqWAixpspfQgIPsbSpDMgzZiFtHcNTeG8pUqN54vMwvGPVm4vJW6AtTR
MgCnfZhdzNSSIBNclao+3/aJm2f448POkWjrh7LPaqsqfWlnTVwq6I2q4MDvdf2x
4g94aQ7wKB1lymDr65/e0gxppuZFfjHnYvnUqoyTvWaGgRVa+A87kbw0jSHN/ZWT
zidLSkL5t0dbegKJxmGsFKcwMFcO
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:16:57 2025 by rpki-client