Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A06938BEF44611EFAC692D73762E951A.roa
File: A06938BEF44611EFAC692D73762E951A.roa (raw, json)
Hash identifier: 51tMJH+pVowJGiUNcrY+GfcqQH5ajnKojrMqOnPFtto=
Subject key identifier: 12:88:23:2E:C8:33:C3:3F:39:7A:BD:1A:9E:EE:BE:ED:95:8E:EE:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01333C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A06938BEF44611EFAC692D73762E951A.roa
Signing time: Wed 26 Feb 2025 13:36:05 +0000
ROA not before: Wed 26 Feb 2025 13:36:01 +0000
ROA not after: Thu 19 Feb 2026 13:36:01 +0000
asID: 984
IP address blocks: 156.252.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78652 (0x1333c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 13:36:01 2025 GMT
Not After : Feb 19 13:36:01 2026 GMT
Subject: CN=67bf18c5-a392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ed:a1:33:01:8b:ee:ce:18:5e:e9:97:61:c3:
03:02:20:6e:49:4f:f8:92:f4:d2:2b:e0:7a:c3:70:
08:97:76:79:3d:b7:db:d8:ea:e6:f4:59:3b:a4:af:
4e:e5:3f:69:d6:bb:78:42:8a:f4:ca:f7:71:23:80:
5e:87:53:73:61:31:2a:9a:31:48:ef:08:86:6a:a1:
00:14:05:a0:fb:0b:7d:a8:a7:c6:37:5f:8a:1d:fd:
34:74:26:19:3f:bc:e5:b7:06:9d:0a:dc:17:d4:26:
0c:2d:b4:f6:09:c8:a8:92:83:72:e3:cd:6b:8a:91:
f9:a2:08:1a:7e:fb:81:ee:e3:49:06:8f:53:16:04:
3e:4b:8f:6d:64:e9:31:b4:7f:45:5a:c5:08:59:f7:
f6:d1:d6:5f:e5:58:51:21:dc:18:1f:47:60:40:47:
16:09:22:e7:c4:9a:b0:d3:ed:80:f4:cb:fb:14:10:
fa:7a:3e:82:ce:05:a1:96:b9:ba:48:f7:de:98:a1:
e6:d0:29:ac:5f:64:bd:3c:cd:0d:0a:10:5d:ab:ce:
8b:fa:39:18:09:22:b0:25:63:09:85:18:e8:39:b6:
85:3a:af:d6:a7:02:13:52:9b:e6:5a:e2:99:3f:52:
1a:7e:24:0a:36:f8:1b:70:4c:de:84:fa:8a:e4:50:
85:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:88:23:2E:C8:33:C3:3F:39:7A:BD:1A:9E:EE:BE:ED:95:8E:EE:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A06938BEF44611EFAC692D73762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.172.0/24
Signature Algorithm: sha256WithRSAEncryption
56:53:33:88:b9:e2:e5:d7:28:06:fb:f5:56:d5:8d:0d:da:2b:
1c:49:5f:9e:ff:70:a9:7b:c4:a2:f3:48:ab:e0:76:2d:27:4c:
35:3c:98:0f:9a:46:a6:fe:66:1d:33:da:33:f4:2e:c5:4d:83:
d3:9f:ac:de:58:b6:b7:c8:e7:01:60:f6:64:70:aa:c3:d8:ca:
1a:47:6c:c1:ef:1e:64:be:42:f0:3c:b7:66:4f:55:74:34:77:
3f:69:6b:75:2d:59:81:15:21:3d:91:b9:04:81:86:8e:79:83:
f1:ca:36:aa:5c:12:70:4a:cc:93:66:2d:23:be:c5:91:ce:0c:
43:81:ff:9e:24:e8:b3:36:98:c9:f5:32:39:6a:16:4d:13:1e:
06:78:89:be:00:16:08:40:bd:4b:5b:dc:ec:01:02:81:1b:2d:
2e:51:24:4b:79:8b:4f:c3:50:e1:08:52:10:de:32:ba:6d:e7:
5e:d0:ee:31:76:b2:5b:62:bb:52:a7:a5:17:71:cb:e7:ef:1c:
da:9c:1e:20:5c:de:8f:6d:39:7c:0d:c5:31:77:ff:5c:47:aa:
9c:1d:14:52:8c:3e:2d:98:04:da:97:90:b6:a2:6e:bb:1e:77:
c7:99:f0:b7:9e:e9:d3:ad:94:2b:0a:98:a6:8d:76:43:20:77:
b7:a8:63:ee
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATM8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTMzNjAxWhcNMjYwMjE5MTMzNjAxWjAYMRYw
FAYDVQQDEw02N2JmMThjNS1hMzkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu+2hMwGL7s4YXumXYcMDAiBuSU/4kvTSK+B6w3AIl3Z5Pbfb2Orm9Fk7
pK9O5T9p1rt4Qor0yvdxI4Beh1NzYTEqmjFI7wiGaqEAFAWg+wt9qKfGN1+KHf00
dCYZP7zltwadCtwX1CYMLbT2CciokoNy481ripH5oggafvuB7uNJBo9TFgQ+S49t
ZOkxtH9FWsUIWff20dZf5VhRIdwYH0dgQEcWCSLnxJqw0+2A9Mv7FBD6ej6CzgWh
lrm6SPfemKHm0CmsX2S9PM0NChBdq86L+jkYCSKwJWMJhRjoObaFOq/WpwITUpvm
WuKZP1IafiQKNvgbcEzehPqK5FCFxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBKI
Iy7IM8M/OXq9Gp7uvu2Vju7fMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMDY5MzhCRUY0NDYxMUVGQUM2OTJENzM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPysMA0GCSqGSIb3DQEBCwUA
A4IBAQBWUzOIueLl1ygG+/VW1Y0N2iscSV+e/3Cpe8Si80ir4HYtJ0w1PJgPmkam
/mYdM9oz9C7FTYPTn6zeWLa3yOcBYPZkcKrD2MoaR2zB7x5kvkLwPLdmT1V0NHc/
aWt1LVmBFSE9kbkEgYaOeYPxyjaqXBJwSsyTZi0jvsWRzgxDgf+eJOizNpjJ9TI5
ahZNEx4GeIm+ABYIQL1LW9zsAQKBGy0uUSRLeYtPw1DhCFIQ3jK6bede0O4xdrJb
YrtSp6UXccvn7xzanB4gXN6PbTl8DcUxd/9cR6qcHRRSjD4tmATal5C2om67HnfH
mfC3nunTrZQrCpimjXZDIHe3qGPu
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:25:04 2025 by rpki-client