Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F553E306F42811EF907C5BA3762E951A.roa
File: F553E306F42811EF907C5BA3762E951A.roa (raw, json)
Hash identifier: vWW5sGJs69embk6bvjcuXN8UM4Vth8C8LZOrFyeySzY=
Subject key identifier: 98:BA:E8:59:06:54:27:ED:D9:D0:0A:50:D1:39:51:17:21:E1:9A:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0130C4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F553E306F42811EF907C5BA3762E951A.roa
Signing time: Wed 26 Feb 2025 10:03:43 +0000
ROA not before: Wed 26 Feb 2025 10:03:39 +0000
ROA not after: Thu 19 Feb 2026 10:03:39 +0000
asID: 984
IP address blocks: 156.252.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78020 (0x130c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:03:39 2025 GMT
Not After : Feb 19 10:03:39 2026 GMT
Subject: CN=67bee6fe-4627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b8:99:09:d0:65:31:09:3c:60:f1:8c:0d:ea:
d9:d6:15:8c:96:f7:5f:36:11:57:d3:7e:35:28:36:
3b:f0:3f:3d:e3:f6:b6:f5:35:08:12:8b:03:90:10:
d6:ba:af:27:2a:7b:8a:37:e1:24:08:28:d8:5f:f3:
ab:c1:84:d1:b8:d1:97:87:2c:cd:55:72:d1:76:1d:
c7:ff:cd:5b:18:f1:58:5c:0d:96:ea:21:75:b1:c0:
f8:0f:e5:26:d6:d2:a7:c6:f2:0e:bd:a7:65:6e:63:
3c:47:d3:99:24:7c:1c:7a:7f:af:56:f4:0f:2b:27:
5d:8d:53:59:82:0f:5c:ee:83:0b:e2:33:cb:82:42:
b5:03:0e:82:60:4e:54:16:9f:b6:cc:14:10:4a:e8:
c7:2e:b6:97:14:8a:59:d6:6b:db:9f:d3:0f:f6:8d:
34:16:1a:58:e1:f4:6f:93:2d:00:64:c3:24:c6:5d:
b5:65:c5:3c:15:d6:3a:8c:ca:c5:c4:50:1e:b8:43:
02:29:6b:ac:12:a4:bc:35:0c:31:ea:19:01:95:0d:
d5:dd:e9:a8:9e:53:60:dd:a8:f4:90:57:1e:01:6b:
0a:a4:0c:5c:99:4b:03:2a:9d:5f:95:61:ad:3d:d1:
b0:69:c8:91:8e:85:4d:9a:f1:cb:15:3a:0f:ab:e1:
86:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BA:E8:59:06:54:27:ED:D9:D0:0A:50:D1:39:51:17:21:E1:9A:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F553E306F42811EF907C5BA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.76.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:b2:31:bf:16:70:1b:96:44:a0:43:68:11:e8:fb:1d:22:dd:
52:20:85:4f:e4:6b:c5:e1:9e:b2:79:21:be:b8:48:32:7c:fa:
bc:cd:c2:8d:4e:45:de:be:46:4e:ed:9d:a0:e2:1f:46:05:52:
2f:51:46:47:69:79:f6:cd:3d:a3:85:20:91:b8:eb:16:9b:8b:
64:f1:b0:16:92:63:9a:6a:d1:a7:e2:e2:5a:18:b1:2f:56:d6:
dd:68:41:7c:7b:58:7d:cc:fd:b2:71:9b:af:14:d3:51:06:9d:
31:08:79:bb:95:c0:55:35:43:cf:99:5b:7f:73:80:fe:e1:29:
79:0f:f4:15:10:a7:9d:02:01:35:fe:23:40:66:58:e6:d3:f6:
20:aa:94:01:1c:6e:2d:a5:34:ed:7e:d7:32:03:66:f9:a2:f6:
e1:60:b2:b9:30:99:5d:ff:fc:29:62:d3:64:6b:75:61:fe:9f:
8b:81:7d:f4:17:4c:04:85:9b:a4:16:8f:ed:e6:ef:12:44:45:
57:fd:ad:84:47:1b:53:e0:d2:6f:4a:d3:50:41:bd:9e:bb:b5:
fd:e0:20:d4:ba:8c:7f:73:3f:ce:ec:b3:37:f6:29:af:9b:52:
48:ef:92:a1:87:3a:f1:4e:79:09:00:2b:89:8f:55:b0:2d:9f:
fc:c0:1a:62
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATDEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTAwMzM5WhcNMjYwMjE5MTAwMzM5WjAYMRYw
FAYDVQQDEw02N2JlZTZmZS00NjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsLiZCdBlMQk8YPGMDerZ1hWMlvdfNhFX0341KDY78D894/a29TUIEosD
kBDWuq8nKnuKN+EkCCjYX/OrwYTRuNGXhyzNVXLRdh3H/81bGPFYXA2W6iF1scD4
D+Um1tKnxvIOvadlbmM8R9OZJHwcen+vVvQPKyddjVNZgg9c7oML4jPLgkK1Aw6C
YE5UFp+2zBQQSujHLraXFIpZ1mvbn9MP9o00FhpY4fRvky0AZMMkxl21ZcU8FdY6
jMrFxFAeuEMCKWusEqS8NQwx6hkBlQ3V3emonlNg3aj0kFceAWsKpAxcmUsDKp1f
lWGtPdGwaciRjoVNmvHLFToPq+GGgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJi6
6FkGVCft2dAKUNE5URch4ZoaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNTUzRTMwNkY0MjgxMUVGOTA3QzVCQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPxMMA0GCSqGSIb3DQEBCwUA
A4IBAQCysjG/FnAblkSgQ2gR6PsdIt1SIIVP5GvF4Z6yeSG+uEgyfPq8zcKNTkXe
vkZO7Z2g4h9GBVIvUUZHaXn2zT2jhSCRuOsWm4tk8bAWkmOaatGn4uJaGLEvVtbd
aEF8e1h9zP2ycZuvFNNRBp0xCHm7lcBVNUPPmVt/c4D+4Sl5D/QVEKedAgE1/iNA
Zljm0/YgqpQBHG4tpTTtftcyA2b5ovbhYLK5MJld//wpYtNka3Vh/p+LgX30F0wE
hZukFo/t5u8SREVX/a2ERxtT4NJvStNQQb2eu7X94CDUuox/cz/O7LM39imvm1JI
75KhhzrxTnkJACuJj1WwLZ/8wBpi
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:01 2025 by rpki-client