Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68B8160A28B811F0901FAAE9DAE4EC9C.roa
File: 68B8160A28B811F0901FAAE9DAE4EC9C.roa (raw, json)
Hash identifier: DkEtzcKM7ZGiaATqdlPlAEAYtlTR4uoCjTOXmdrNQLk=
Subject key identifier: 76:42:8F:FF:3F:F5:5B:1B:65:48:91:0B:06:AD:B3:0E:D4:34:6D:87
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151C0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68B8160A28B811F0901FAAE9DAE4EC9C.roa
Signing time: Sun 04 May 2025 07:21:35 +0000
ROA not before: Sun 04 May 2025 07:21:30 +0000
ROA not after: Tue 10 Jun 2025 07:21:30 +0000
asID: 142032
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86464 (0x151c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 4 07:21:30 2025 GMT
Not After : Jun 10 07:21:30 2025 GMT
Subject: CN=6817157f-9669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a5:0c:cb:16:a8:a4:d2:b2:d0:40:fa:60:4e:
34:9e:19:4d:f3:d4:d2:06:75:25:ef:7b:b0:af:d5:
14:6d:c2:24:eb:32:ec:2f:6b:79:d6:b9:38:6b:b6:
fc:13:fb:77:b0:bd:f8:0f:ef:3a:85:f7:ab:55:b2:
03:62:4e:43:f5:4b:d0:79:73:32:97:70:57:56:05:
43:07:54:7c:b0:70:f3:e8:bb:48:11:f2:b1:70:2b:
d1:93:55:c8:e4:95:39:e5:62:85:8a:b6:da:3a:af:
e2:64:3a:fb:35:4a:ec:b7:8f:57:cc:a9:49:1b:4c:
a6:9a:e8:d8:ed:18:86:e9:43:0d:9b:eb:cf:1b:6a:
da:cf:e8:87:94:c2:dc:7f:63:74:b0:85:45:49:1d:
af:f6:9f:66:18:8c:7c:02:49:da:d2:fd:bb:be:24:
b3:ca:10:29:da:c9:a2:7f:2b:d6:84:d7:03:7f:47:
da:8e:8a:12:71:9a:44:19:5e:33:c5:0a:01:4a:c0:
54:26:66:57:69:57:76:ab:92:ec:e2:76:fa:d2:d9:
3a:57:2e:ff:98:4a:1b:fc:e5:c9:29:3c:fc:2f:86:
e9:b7:36:19:3b:3a:b9:b7:b7:69:85:51:13:d8:5c:
38:ee:0d:19:ec:1c:d7:b8:90:51:a0:3a:a5:54:65:
6b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:42:8F:FF:3F:F5:5B:1B:65:48:91:0B:06:AD:B3:0E:D4:34:6D:87
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68B8160A28B811F0901FAAE9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:83:9c:5e:62:8a:de:75:b9:78:e8:ae:2a:b2:79:d7:62:5b:
cb:67:69:9f:9c:27:4b:17:79:c5:ac:3c:e6:e8:76:a8:77:7d:
a7:6e:f0:ea:2d:8e:44:92:42:28:5f:0d:c9:3e:6d:ba:52:12:
ae:70:1c:98:65:58:81:64:e3:b2:c0:0f:c9:02:76:ce:81:02:
7e:a6:a7:74:1b:c1:11:f6:d4:c1:29:b5:b9:65:42:3a:91:16:
3c:41:a6:c2:35:c2:9e:96:9c:05:23:8b:a6:6f:31:62:8e:cc:
f8:82:92:db:b8:c1:ad:3a:31:c3:41:9a:77:c3:8d:3d:63:1b:
53:d7:d2:57:1f:b2:89:a9:23:f1:e0:89:5b:37:86:f4:23:3b:
e9:3a:14:f5:57:51:bd:7b:fd:f4:cc:b6:d8:27:c7:25:7e:a1:
bb:c5:ed:3d:10:36:fb:a8:4f:37:c2:cd:cb:33:b0:98:28:ab:
b1:a7:ab:56:5d:c6:8e:23:72:22:de:ee:0a:06:08:93:95:15:
bf:d4:5a:cb:a8:a5:d8:cd:b6:a2:68:50:03:e5:19:11:f7:28:
91:77:ba:23:cd:0e:2c:84:9f:b4:ac:c2:4c:17:7b:c8:8a:2f:
68:de:7a:76:4c:70:da:3f:af:7c:a7:f3:ba:73:49:52:14:0e:
f3:de:99:35
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVHAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA0MDcyMTMwWhcNMjUwNjEwMDcyMTMwWjAYMRYw
FAYDVQQDEw02ODE3MTU3Zi05NjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxaUMyxaopNKy0ED6YE40nhlN89TSBnUl73uwr9UUbcIk6zLsL2t51rk4
a7b8E/t3sL34D+86hferVbIDYk5D9UvQeXMyl3BXVgVDB1R8sHDz6LtIEfKxcCvR
k1XI5JU55WKFirbaOq/iZDr7NUrst49XzKlJG0ymmujY7RiG6UMNm+vPG2raz+iH
lMLcf2N0sIVFSR2v9p9mGIx8Akna0v27viSzyhAp2smifyvWhNcDf0fajooScZpE
GV4zxQoBSsBUJmZXaVd2q5Ls4nb60tk6Vy7/mEob/OXJKTz8L4bptzYZOzq5t7dp
hVET2Fw47g0Z7BzXuJBRoDqlVGVrCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHZC
j/8/9VsbZUiRCwatsw7UNG2HMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OEI4MTYwQTI4QjgxMUYwOTAxRkFBRTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQAdg5xeYoredbl46K4qsnnXYlvLZ2mfnCdLF3nFrDzm6Haod32nbvDqLY5E
kkIoXw3JPm26UhKucByYZViBZOOywA/JAnbOgQJ+pqd0G8ER9tTBKbW5ZUI6kRY8
QabCNcKelpwFI4umbzFijsz4gpLbuMGtOjHDQZp3w409YxtT19JXH7KJqSPx4Ilb
N4b0IzvpOhT1V1G9e/30zLbYJ8clfqG7xe09EDb7qE83ws3LM7CYKKuxp6tWXcaO
I3Ii3u4KBgiTlRW/1FrLqKXYzbaiaFAD5RkR9yiRd7ojzQ4shJ+0rMJMF3vIii9o
3np2THDaP698p/O6c0lSFA7z3pk1
-----END CERTIFICATE-----
Generated at Sun May 11 22:46:06 2025 by rpki-client