Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE605066108311F0A32F3D8A762E951A.roa
File: FE605066108311F0A32F3D8A762E951A.roa (raw, json)
Hash identifier: x1ybNHSDVOwHoBPxH+4CFh7EvLXbQGVi1HIAXfznkAU=
Subject key identifier: 2C:42:98:BC:BC:94:06:E9:5B:28:E0:1C:DB:24:9D:02:D7:00:F6:D5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0149E0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE605066108311F0A32F3D8A762E951A.roa
Signing time: Thu 03 Apr 2025 12:05:54 +0000
ROA not before: Thu 03 Apr 2025 12:05:50 +0000
ROA not after: Mon 14 Apr 2025 12:05:50 +0000
asID: 22773
IP address blocks: 156.246.80.0/22 maxlen: 24
156.246.84.0/23 maxlen: 24
156.246.96.0/19 maxlen: 24
156.249.4.0/22 maxlen: 24
156.249.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84448 (0x149e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Apr 3 12:05:50 2025 GMT
Not After : Apr 14 12:05:50 2025 GMT
Subject: CN=67ee79a2-b783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c5:44:cf:59:07:92:e8:de:87:e3:67:e3:c5:
8f:63:76:38:76:cb:ee:14:1e:ce:77:38:3d:87:41:
59:f9:ba:06:ff:64:51:48:a8:2d:ba:56:91:2e:ca:
b8:1e:8b:0c:b5:13:8c:0f:8d:27:6b:39:55:48:52:
22:81:75:1c:87:e2:21:83:ef:cc:d9:4e:73:12:a7:
9a:b5:49:06:82:67:b1:ee:08:e3:ad:83:92:0f:81:
03:d4:f3:e0:ee:69:c4:3d:51:c9:74:03:df:e3:25:
0f:7b:7a:09:22:8c:5d:b8:78:67:93:ce:cc:d7:ee:
fc:a0:e0:c0:ce:16:92:82:5e:95:4b:4b:94:16:0e:
db:0a:8f:b9:39:79:1b:32:3f:05:80:76:e9:b7:f9:
88:e4:1a:c4:bc:7b:60:2c:58:dc:89:89:2b:07:33:
e5:28:a6:4d:cb:cf:dc:e7:bb:25:52:62:82:36:d0:
4b:d3:c0:ab:03:2e:36:1d:67:5f:eb:0d:ec:a8:5d:
58:2d:65:4a:27:3a:cb:bd:cb:73:d7:54:0c:27:9a:
8f:ed:04:01:32:76:ca:c8:d9:b7:49:31:01:3c:d7:
e7:1a:65:6a:f3:9f:ee:03:bd:b4:4b:9e:64:25:fc:
f2:02:a7:fd:87:15:25:8d:14:5b:33:4c:b8:e4:6d:
76:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:42:98:BC:BC:94:06:E9:5B:28:E0:1C:DB:24:9D:02:D7:00:F6:D5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE605066108311F0A32F3D8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.80.0-156.246.85.255
156.246.96.0/19
156.249.4.0/22
156.249.20.0/22
Signature Algorithm: sha256WithRSAEncryption
04:bf:5c:31:29:60:6a:a9:02:e2:90:a0:41:bc:0d:c3:d4:8e:
bb:22:bc:c7:91:43:7e:ec:b8:ef:3d:75:76:dd:98:30:a1:01:
7c:1f:e6:ef:94:f6:3b:0e:e7:b5:20:25:c6:43:77:28:18:be:
3b:f8:4f:d3:2c:2c:32:85:c1:b3:c1:cd:e9:62:df:31:0f:ea:
94:08:5a:c5:aa:48:4e:ae:8d:f5:12:13:00:c0:c9:2a:4b:49:
01:66:c9:4f:f4:23:c4:23:45:9d:65:56:d4:db:dc:49:3f:47:
4d:25:6c:46:0b:08:ea:ac:84:59:03:b2:9f:58:f2:ad:f1:39:
c0:b3:7a:cc:04:92:f0:fc:07:52:d1:a5:be:5f:d1:d5:b9:af:
7c:b1:58:74:75:a7:65:60:b2:f9:b0:14:32:86:f6:e0:96:ed:
8c:e8:b6:61:62:7d:ed:60:5a:c0:f3:3a:0f:61:1c:bc:d6:8e:
7f:aa:8a:41:98:97:35:96:ec:9e:c1:8d:72:c4:ce:6a:e8:7d:
47:3d:18:a7:3a:bc:01:72:2c:72:d9:2a:a4:f4:94:c5:19:d9:
2e:6e:9a:c9:c6:05:1a:db:87:2e:0d:88:df:b3:bd:23:57:34:
03:a2:51:a0:6d:8a:ed:0d:ed:40:d9:a1:91:98:55:9f:ed:38:
ed:da:d0:69
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAUngMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAzMTIwNTUwWhcNMjUwNDE0MTIwNTUwWjAYMRYw
FAYDVQQDEw02N2VlNzlhMi1iNzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA58VEz1kHkujeh+Nn48WPY3Y4dsvuFB7Odzg9h0FZ+boG/2RRSKgtulaR
Lsq4HosMtROMD40nazlVSFIigXUch+Ihg+/M2U5zEqeatUkGgmex7gjjrYOSD4ED
1PPg7mnEPVHJdAPf4yUPe3oJIoxduHhnk87M1+78oODAzhaSgl6VS0uUFg7bCo+5
OXkbMj8FgHbpt/mI5BrEvHtgLFjciYkrBzPlKKZNy8/c57slUmKCNtBL08CrAy42
HWdf6w3sqF1YLWVKJzrLvctz11QMJ5qP7QQBMnbKyNm3STEBPNfnGmVq85/uA720
S55kJfzyAqf9hxUljRRbM0y45G12sQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFCxC
mLy8lAbpWyjgHNsknQLXAPbVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRTYwNTA2NjEwODMxMUYwQTMyRjNEOEE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBASc9lADBAGc9lQDBAWc9mAD
BAKc+QQDBAKc+RQwDQYJKoZIhvcNAQELBQADggEBAAS/XDEpYGqpAuKQoEG8DcPU
jrsivMeRQ37suO89dXbdmDChAXwf5u+U9jsO57UgJcZDdygYvjv4T9MsLDKFwbPB
zeli3zEP6pQIWsWqSE6ujfUSEwDAySpLSQFmyU/0I8QjRZ1lVtTb3Ek/R00lbEYL
COqshFkDsp9Y8q3xOcCzeswEkvD8B1LRpb5f0dW5r3yxWHR1p2VgsvmwFDKG9uCW
7YzotmFife1gWsDzOg9hHLzWjn+qikGYlzWW7J7BjXLEzmrofUc9GKc6vAFyLHLZ
KqT0lMUZ2S5umsnGBRrbhy4NiN+zvSNXNAOiUaBtiu0N7UDZoZGYVZ/tOO3a0Gk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:50 2025 by rpki-client