Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0FDC714107911F0863E184D762E951A.roa
File: A0FDC714107911F0863E184D762E951A.roa (raw, json)
Hash identifier: XDRYCNvEnOCVmzbcCwAxlBkjFFm4asUv1RKA6bViaaY=
Subject key identifier: 76:94:BD:76:1B:E6:58:05:E0:56:AD:E1:5D:65:22:48:AC:8B:DA:2D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0149C0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0FDC714107911F0863E184D762E951A.roa
Signing time: Thu 03 Apr 2025 10:51:43 +0000
ROA not before: Thu 03 Apr 2025 10:51:39 +0000
ROA not after: Tue 03 Jun 2025 10:51:39 +0000
asID: 142403
IP address blocks: 156.236.66.0/24 maxlen: 24
156.236.70.0/24 maxlen: 24
156.236.71.0/24 maxlen: 24
156.236.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84416 (0x149c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Apr 3 10:51:39 2025 GMT
Not After : Jun 3 10:51:39 2025 GMT
Subject: CN=67ee683f-82c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:05:87:07:48:f3:88:74:cf:a6:71:80:37:81:
1f:fa:73:c0:cb:02:3a:0d:46:48:72:d1:f1:7d:2c:
6b:bb:fc:6f:fd:67:b3:d7:0c:d8:3f:8a:5d:6e:57:
fa:56:dc:3c:7a:cd:46:e7:d6:41:93:f5:7e:99:4e:
eb:45:85:30:f7:27:65:a3:c6:96:8b:01:08:89:d0:
ec:4c:a8:24:33:db:9a:06:94:fe:11:7d:8d:16:2d:
23:37:45:f0:cd:ac:e7:4b:77:f5:ae:b4:35:bb:96:
37:11:8b:74:37:2d:4b:9e:24:fc:77:e5:24:89:09:
56:bc:a6:da:c3:2d:7b:30:05:b2:c4:df:56:41:0d:
79:db:ca:bb:02:a7:75:28:2b:88:25:01:f7:a0:88:
74:4b:98:12:c2:28:81:e6:9c:11:b8:8f:09:b0:96:
f2:7f:1c:5f:a9:bb:b5:90:59:93:3a:fe:79:f7:ca:
98:d3:09:70:7e:f8:be:bf:e8:5a:97:53:78:1c:7b:
69:1e:b4:6d:d4:63:b4:1c:58:40:7a:c9:23:1e:9d:
85:2f:e8:56:d7:15:33:d2:47:b9:72:53:59:47:d2:
82:b7:5c:82:5f:a9:08:da:51:70:9b:bd:a4:81:77:
43:9a:c0:9e:54:f1:de:1a:ff:d3:ec:fe:5f:ae:98:
1b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:94:BD:76:1B:E6:58:05:E0:56:AD:E1:5D:65:22:48:AC:8B:DA:2D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0FDC714107911F0863E184D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.66.0/24
156.236.70.0-156.236.72.255
Signature Algorithm: sha256WithRSAEncryption
5d:a0:85:f3:57:7b:90:e7:cb:f3:01:61:4f:08:74:76:ec:65:
c0:02:c4:6e:2f:0b:a6:e0:5a:8a:42:18:4d:49:45:15:96:4c:
3c:49:70:4f:7b:e1:5e:60:1d:2c:37:63:12:a9:b2:34:81:62:
80:9d:2b:31:c2:f0:c9:95:f8:fe:14:ef:92:8c:8d:29:91:6f:
33:4e:e1:39:50:16:dc:59:07:43:6e:da:07:cb:ef:e1:52:96:
0b:bb:b5:9f:99:4a:66:ba:62:5c:37:b9:4b:49:1d:c3:85:18:
fa:ec:bc:d7:a3:ff:bb:41:75:c8:35:99:18:ed:72:ed:21:13:
42:da:e5:a4:22:77:21:2c:84:e8:32:fd:e6:98:91:a0:1e:65:
07:14:77:1c:f3:2e:8a:53:0b:bd:c3:81:09:31:3a:14:d5:0f:
5e:5e:a6:c1:ff:36:c3:c0:27:f3:15:0c:d4:f1:53:ea:c9:80:
b5:2c:2d:1d:f7:95:2e:ed:94:f6:c1:42:ac:65:22:57:a8:46:
01:0a:42:50:60:7b:79:af:8c:b5:25:82:81:f9:aa:16:96:f3:
9a:e4:9a:20:ba:75:7b:7b:95:33:3d:82:4d:04:b7:c5:9d:32:
73:88:a4:73:1e:f6:b3:55:14:18:d8:0d:7b:11:d0:6a:f2:10:
c1:3b:6b:d1
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUnAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAzMTA1MTM5WhcNMjUwNjAzMTA1MTM5WjAYMRYw
FAYDVQQDEw02N2VlNjgzZi04MmM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6QWHB0jziHTPpnGAN4Ef+nPAywI6DUZIctHxfSxru/xv/Wez1wzYP4pd
blf6Vtw8es1G59ZBk/V+mU7rRYUw9ydlo8aWiwEIidDsTKgkM9uaBpT+EX2NFi0j
N0XwzaznS3f1rrQ1u5Y3EYt0Ny1LniT8d+UkiQlWvKbawy17MAWyxN9WQQ1528q7
Aqd1KCuIJQH3oIh0S5gSwiiB5pwRuI8JsJbyfxxfqbu1kFmTOv5598qY0wlwfvi+
v+hal1N4HHtpHrRt1GO0HFhAeskjHp2FL+hW1xUz0ke5clNZR9KCt1yCX6kI2lFw
m72kgXdDmsCeVPHeGv/T7P5frpgbcQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFHaU
vXYb5lgF4Fat4V1lIkisi9otMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMEZEQzcxNDEwNzkxMUYwODYzRTE4NEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAnOxCMAwDBAGc7EYDBACc7Egw
DQYJKoZIhvcNAQELBQADggEBAF2ghfNXe5Dny/MBYU8IdHbsZcACxG4vC6bgWopC
GE1JRRWWTDxJcE974V5gHSw3YxKpsjSBYoCdKzHC8MmV+P4U75KMjSmRbzNO4TlQ
FtxZB0Nu2gfL7+FSlgu7tZ+ZSma6Ylw3uUtJHcOFGPrsvNej/7tBdcg1mRjtcu0h
E0La5aQidyEshOgy/eaYkaAeZQcUdxzzLopTC73DgQkxOhTVD15epsH/NsPAJ/MV
DNTxU+rJgLUsLR33lS7tlPbBQqxlIleoRgEKQlBge3mvjLUlgoH5qhaW85rkmiC6
dXt7lTM9gk0Et8WdMnOIpHMe9rNVFBjYDXsR0GryEME7a9E=
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:49:47 2025 by rpki-client