Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E05E84700CAF11F098E6D14C762E951A.roa
File: E05E84700CAF11F098E6D14C762E951A.roa (raw, json)
Hash identifier: jnZasRt73hBwMb/mbQIQEBAOlTkW7zu5uttNaR8MwJY=
Subject key identifier: 5C:F0:6C:48:13:00:09:AA:76:25:A1:03:71:68:F3:19:2E:6D:08:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014890
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E05E84700CAF11F098E6D14C762E951A.roa
Signing time: Sat 29 Mar 2025 15:09:57 +0000
ROA not before: Sat 29 Mar 2025 15:09:53 +0000
ROA not after: Sun 04 May 2025 15:09:53 +0000
asID: 20473
IP address blocks: 156.253.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84112 (0x14890)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 29 15:09:53 2025 GMT
Not After : May 4 15:09:53 2025 GMT
Subject: CN=67e80d45-078b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8a:b9:2f:94:d7:a2:60:39:81:f2:8b:8e:89:
a3:b2:9d:0a:c5:ee:4b:4a:73:50:9b:d3:12:6f:ae:
68:91:d9:e8:de:b6:ac:fe:3d:e1:0d:00:0d:00:e5:
25:33:7c:4b:7f:9e:fc:d3:f3:cc:cf:e9:77:a3:f7:
f3:36:22:ae:5a:12:40:86:d4:62:a1:b2:98:08:b1:
25:77:3f:ff:47:7f:1f:33:6b:ec:16:56:1a:e3:78:
26:3b:40:38:4b:28:2a:3a:a4:cd:e0:65:80:db:a8:
5f:08:47:8f:e3:1a:5b:65:66:d0:41:08:53:38:9c:
1a:3c:2c:8c:73:aa:d9:7b:77:16:3a:e9:56:c3:38:
8f:43:bf:d0:bb:b8:8d:00:2b:c7:d4:cb:00:10:78:
6d:4d:8a:94:a9:c3:5a:17:e4:bd:40:b3:03:6e:43:
fe:37:e3:20:4f:1e:54:0d:c9:5b:2e:85:b1:0d:77:
21:21:73:5a:81:97:13:49:31:fe:96:8a:8d:8d:80:
e1:41:22:ee:91:d8:d4:d0:98:ce:03:78:46:37:10:
fe:02:b8:13:2b:f3:b2:2e:5c:68:f7:80:cb:8f:2c:
b3:e7:08:29:72:a7:cc:5b:21:70:f4:e2:1f:61:34:
01:da:88:4e:39:ca:8c:c8:11:a4:b6:b4:c2:21:03:
c7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F0:6C:48:13:00:09:AA:76:25:A1:03:71:68:F3:19:2E:6D:08:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E05E84700CAF11F098E6D14C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.60.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:17:bf:19:07:41:83:63:ae:07:06:3d:4f:20:80:9e:b3:fb:
47:b1:81:e8:18:e5:21:be:78:9b:c9:0d:eb:96:60:ce:96:2e:
21:95:e5:26:ed:25:55:99:a7:de:45:6d:b0:31:be:f6:66:b5:
ad:7f:5b:9a:de:29:60:22:4d:98:1f:70:11:4c:67:f0:a7:ab:
95:2b:ae:49:21:84:fc:d6:77:8c:65:93:e7:7f:d1:d9:f0:04:
c2:74:b2:de:d3:a3:8d:2b:f7:77:a6:17:b6:69:43:96:10:52:
9e:4c:24:27:4a:a4:13:5a:2d:c7:c0:3f:4b:d5:13:e8:57:9d:
52:61:68:03:4c:e3:94:81:03:61:7f:fb:cc:33:90:de:bf:d2:
48:93:9c:a7:62:dd:84:7d:92:f0:ba:1f:db:7d:64:25:f0:e4:
00:97:14:4e:2c:8e:a1:aa:ec:c2:a7:5d:00:9d:76:e1:53:58:
a2:e0:95:6d:be:37:c5:d3:ee:d8:11:19:97:bb:9a:68:c9:30:
70:39:6b:d2:d7:bc:a3:7a:db:c8:0f:42:b4:7e:c6:07:54:76:
94:32:22:5c:cb:24:b3:c0:fd:17:3c:1a:77:89:be:a5:38:e8:
e4:67:ad:4a:c4:65:34:cd:13:8e:05:c6:12:df:e0:b2:b1:9f:
2a:24:91:70
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUiQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTUwOTUzWhcNMjUwNTA0MTUwOTUzWjAYMRYw
FAYDVQQDEw02N2U4MGQ0NS0wNzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzIq5L5TXomA5gfKLjomjsp0Kxe5LSnNQm9MSb65okdno3ras/j3hDQAN
AOUlM3xLf5780/PMz+l3o/fzNiKuWhJAhtRiobKYCLEldz//R38fM2vsFlYa43gm
O0A4SygqOqTN4GWA26hfCEeP4xpbZWbQQQhTOJwaPCyMc6rZe3cWOulWwziPQ7/Q
u7iNACvH1MsAEHhtTYqUqcNaF+S9QLMDbkP+N+MgTx5UDclbLoWxDXchIXNagZcT
STH+loqNjYDhQSLukdjU0JjOA3hGNxD+ArgTK/OyLlxo94DLjyyz5wgpcqfMWyFw
9OIfYTQB2ohOOcqMyBGktrTCIQPHaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFzw
bEgTAAmqdiWhA3Fo8xkubQg4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMDVFODQ3MDBDQUYxMUYwOThFNkQxNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP08MA0GCSqGSIb3DQEBCwUA
A4IBAQA9F78ZB0GDY64HBj1PIICes/tHsYHoGOUhvnibyQ3rlmDOli4hleUm7SVV
mafeRW2wMb72ZrWtf1ua3ilgIk2YH3ARTGfwp6uVK65JIYT81neMZZPnf9HZ8ATC
dLLe06ONK/d3phe2aUOWEFKeTCQnSqQTWi3HwD9L1RPoV51SYWgDTOOUgQNhf/vM
M5Dev9JIk5ynYt2EfZLwuh/bfWQl8OQAlxROLI6hquzCp10AnXbhU1ii4JVtvjfF
0+7YERmXu5poyTBwOWvS17yjetvID0K0fsYHVHaUMiJcyySzwP0XPBp3ib6lOOjk
Z61KxGU0zROOBcYS3+CysZ8qJJFw
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:00:30 2025 by rpki-client