Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B63E833221B011F0AEE1B1DADAE4EC9C.roa
File: B63E833221B011F0AEE1B1DADAE4EC9C.roa (raw, json)
Hash identifier: X6c+3j4yM0Cd8Obai+lb5tBXfQ/LY/itxBn+uG/2gkI=
Subject key identifier: DB:A6:2D:1F:4D:30:45:8C:31:74:3F:14:13:10:B2:9C:DA:C6:96:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014EAC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B63E833221B011F0AEE1B1DADAE4EC9C.roa
Signing time: Fri 25 Apr 2025 08:38:51 +0000
ROA not before: Fri 25 Apr 2025 08:38:46 +0000
ROA not after: Mon 05 May 2025 08:38:46 +0000
asID: 132839
IP address blocks: 156.242.128.0/19 maxlen: 24
156.242.160.0/19 maxlen: 24
156.242.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85676 (0x14eac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 25 08:38:46 2025 GMT
Not After : May 5 08:38:46 2025 GMT
Subject: CN=680b4a1b-bf29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:69:60:9f:03:84:ac:c1:fb:e7:2f:6a:d5:e4:
15:fe:5f:ae:76:30:d0:9f:94:22:db:d2:a6:65:61:
d3:c3:7b:c0:b8:08:d4:52:78:bd:3b:cb:3d:f8:1c:
32:1f:75:7c:3b:b2:8e:15:51:3a:29:c0:0c:72:51:
d1:88:1a:10:fc:58:1b:d3:54:a5:c3:0d:47:cc:a3:
58:0d:2a:d4:ec:9a:bb:57:e2:74:29:87:d7:c9:15:
d5:7d:c9:d7:c8:b4:8b:61:31:99:5c:c4:8d:5e:a2:
c7:dd:7b:63:08:e4:3a:ce:ff:40:f8:e7:c4:9b:36:
5e:86:94:9e:57:c0:8c:82:97:5a:f8:50:0e:42:0e:
f4:bd:fd:44:37:04:33:b3:91:df:46:81:30:94:c0:
8b:0a:c4:eb:6a:53:11:fc:f1:a0:7d:3f:55:60:ea:
92:6f:76:7b:b3:33:fd:1a:a7:54:c9:48:c8:92:62:
39:2d:ba:27:ec:63:ac:37:48:4a:eb:c9:31:6a:33:
5a:c2:e3:04:2e:51:ce:ef:2e:f9:1d:81:22:03:7b:
52:0d:12:fa:81:be:3f:c5:9e:89:91:94:fb:3e:28:
f4:e4:c3:fb:4e:81:ac:fc:45:9f:47:7e:5f:48:30:
64:a4:0e:65:e6:76:c0:e8:5a:a0:a3:4c:83:89:15:
4e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A6:2D:1F:4D:30:45:8C:31:74:3F:14:13:10:B2:9C:DA:C6:96:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B63E833221B011F0AEE1B1DADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.128.0-156.242.223.255
Signature Algorithm: sha256WithRSAEncryption
4f:65:c1:68:c1:bd:69:e2:6b:ad:7f:f7:7f:61:1d:c7:e5:55:
76:ba:32:51:2e:be:1c:4c:5c:fd:f0:62:07:d1:bd:a1:3e:f7:
8c:d5:26:53:e2:7b:97:61:91:e8:f1:e4:e5:38:dd:f3:42:a4:
d3:f7:d5:c8:95:3a:8a:75:8f:43:4d:b2:28:36:af:a2:09:7c:
03:41:9d:c5:6a:de:9f:5a:c2:b8:1f:a6:be:79:b4:3b:f1:fa:
56:44:ed:fb:71:0c:60:bb:79:9c:28:6e:13:f1:1e:b1:1a:87:
8c:dd:e7:00:e8:94:5f:04:33:87:13:92:21:49:82:08:5b:ba:
c6:a1:ea:56:5a:3b:21:dc:7b:a4:94:c5:c1:bc:9f:f0:08:78:
60:64:7c:d7:e9:6f:c7:f1:76:ba:59:ad:e9:05:32:bc:55:73:
3b:4b:2d:0c:23:ac:be:b8:28:d6:bc:bd:35:67:0b:4b:2f:bd:
6d:58:2e:5c:4d:fa:3c:2e:22:a5:7a:87:02:cc:46:fc:03:bb:
17:97:7e:93:84:65:53:be:be:68:9b:84:49:74:67:49:9f:20:
ec:0b:41:6c:26:4c:24:56:a4:83:62:77:ed:19:12:98:9c:94:
f4:6c:dd:9f:b2:e9:08:01:b8:f5:d4:95:1c:e6:1b:2b:ff:6a:
b2:ef:c2:59
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAU6sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI1MDgzODQ2WhcNMjUwNTA1MDgzODQ2WjAYMRYw
FAYDVQQDEw02ODBiNGExYi1iZjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqmlgnwOErMH75y9q1eQV/l+udjDQn5Qi29KmZWHTw3vAuAjUUni9O8s9
+BwyH3V8O7KOFVE6KcAMclHRiBoQ/Fgb01Slww1HzKNYDSrU7Jq7V+J0KYfXyRXV
fcnXyLSLYTGZXMSNXqLH3XtjCOQ6zv9A+OfEmzZehpSeV8CMgpda+FAOQg70vf1E
NwQzs5HfRoEwlMCLCsTralMR/PGgfT9VYOqSb3Z7szP9GqdUyUjIkmI5Lbon7GOs
N0hK68kxajNawuMELlHO7y75HYEiA3tSDRL6gb4/xZ6JkZT7Pij05MP7ToGs/EWf
R35fSDBkpA5l5nbA6Fqgo0yDiRVOswIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNum
LR9NMEWMMXQ/FBMQspzaxpY4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjNFODMzMjIxQjAxMUYwQUVFMUIxREFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAec8oADBAWc8sAwDQYJKoZI
hvcNAQELBQADggEBAE9lwWjBvWnia61/939hHcflVXa6MlEuvhxMXP3wYgfRvaE+
94zVJlPie5dhkejx5OU43fNCpNP31ciVOop1j0NNsig2r6IJfANBncVq3p9awrgf
pr55tDvx+lZE7ftxDGC7eZwobhPxHrEah4zd5wDolF8EM4cTkiFJgghbusah6lZa
OyHce6SUxcG8n/AIeGBkfNfpb8fxdrpZrekFMrxVcztLLQwjrL64KNa8vTVnC0sv
vW1YLlxN+jwuIqV6hwLMRvwDuxeXfpOEZVO+vmibhEl0Z0mfIOwLQWwmTCRWpINi
d+0ZEpiclPRs3Z+y6QgBuPXUlRzmGyv/arLvwlk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:55:31 2025 by rpki-client